Connect with us

Featured

Is someone faking being your CEO?

Fraud in the form of someone impersonating another company’s email address is on the increase. NICK SAUNDERS, Cyber Resilience Expert at Mimecast, explains how to spot these homographs and what we can do about them.

Published

on

When I say the word ‘bat’, what image comes to mind? A flying mammal? A cricket bat?

In English, they call this a ‘homograph’: when two or more words are spelt the same but don’t have the same meanings or origins.

In cybersecurity, a homograph is a lot more sinister. It’s a term given to a type of impersonation attack where an email address or website URL looks legitimate but isn’t. It’s designed to trick people into clicking on malicious links or to fool them into transferring money or sharing sensitive information.

Recent research by Vanson Bourne and Mimecast found that more than 85% of respondents had seen impersonation fraud in the past 12 months, and 40% had seen an increase in this type of attack in the same period. In South Africa, 36% of respondents had seen an increase in impersonation fraud asking to make wire transactions, and 37% had seen an increase in impersonation fraud asking for confidential data.

Despite this growth, many organisations do not have a cyber resilience strategy in place to help them detect, prevent and recover from these types of attacks.

Easy to execute, hard to detect

Homograph attacks are difficult to detect – by both the user and regular email security systems.

To create these lookalike domains, attackers use non-Western character sets or special characters found in Greek, Cyrillic and Chinese, to display letters which, to the naked eye, look identical to the western alphabet. Mimecast.com, for example, looks like мімесаѕт.com in Cyrillic. According to one domain name checker, there are 117 possible Mimecast domains that can be misrepresented with just one character from a non-English alphabet.

These subtle changes are likely to go unnoticed by users. In South Africa, 31% of respondents were not confident that employees could spot and defend against impersonation attacks, which easily and often slip through an organisation’s security systems.

Some 21% of South African respondents were not confident that their organisation’s security defences could defend against impersonation fraud asking for confidential information, rising to 25% for fraud asking to make wire transactions – in line with global trends.

This is because the emails themselves don’t contain malware and the URLs often have legitimate (read: stolen) security certificates.

Is it me you’re looking for?

Website URLs aren’t the only avenues for impersonation attacks; email address impersonation is also on the rise.

These types of attacks are designed to trick users such as finance managers, executive assistants and HR representatives into transferring money or disclosing information that can be monetised by cybercriminals. The email appears to come from someone they trust – a C-suite executive or a third-party supplier that they regularly do business with – and therefore wouldn’t think twice about responding to.

South Africans reported that, in the past 12 months, cybercriminals have attempted to impersonate finance teams (24%), third-party vendors (20%), a member of the C-suite (7%), as well as HR, sales, operations, legal and marketing team members (between 5% and 8%).

Again, these emails do not contain malware, which means they can go undetected by most email security systems. Social engineering attacks such as these rely on our inability to spot anomalies in URLs and email addresses – and the fact that we believe we’re communicating with someone we know.

Know what to do

Cybercriminals have figured out that they can bypass security systems by switching from malware-laden attacks to malware-less impersonation attacks. Now, social engineering meets technical means to put us in the middle of the next evolution of cyber-attacks.

Here are some measures organisations can implement to guard against these types of attacks.

  • Education. When users know how social engineering and spoofing attacks work and then understand they shouldn’t click on links in emails, breach incidents can be drastically reduced. Users should be encouraged to physically type an address into a browser rather than click on a link in an email, even if it was supposedly sent by someone they know and trust. Education and awareness will always be the most important defence mechanisms.
  • Protection. Email security systems are getting better at stopping malware which enter the network through dodgy files and attachments, but few are effective against impersonation attacks. Organisations need a solution that can deep-scan all inbound emails and inspect for header anomalies, domain similarity, sender spoofing and the existence of keywords and suspicious impersonation emails. These can then be blocked, quarantined, or delivered as flagged to alert the receiver of potential risk.
  • Resilience. Having the right threat protection in place is just one part of a robust cyber resilience strategy. Organisations also need to be able to adapt their strategies to stay ahead of attacks, while having the durability to continue with business as usual in the event of an attack, and the recoverability to ensure data and emails are always accessible.
  • Oversight. Often, lax security on a third-party supplier’s side provides an entry point into an organisation’s network. Enterprises should continuously evaluate and manage the security and privacy policies of their suppliers and include security in their service level agreements. They should also perform on-site security assessments with new suppliers before sharing sensitive information.
  • Visibility. Organisations need to know who their vendors are and who has access to company information, and for what reasons. This is even more important now that the EU’s General Data Protection Regulation has come into force and will affect all South African organisations when the Protection of Personal Information Act is finalised.

Thirty-seven percent of South African organisations have suffered data loss because of email-based impersonation attacks in past 12 months. These organisations also reported reputational damage (34%), loss of customers (29%), direct financial loss (17%) and lost market position (19%).

Email continues to be the number one threat to organisations globally and accounts for 96% of all incidents that organisations face.

Clearly, there is an urgent need to work towards a higher standard of email security. Cybercriminals have evolved their attack methods. It’s time the security strategies organisations use to protect their users and their businesses evolve as well.

Continue Reading

Featured

AppDate: Prepare for space

In this week’s AppDate, SEAN BACHER highlights Space Nation Navigator, Hitman Sniper, Snake Mask, Memrise, WhatsApp Web, and Carrot Weather.

Published

on

Space Nation Navigator

Space Nation Navigator is a bit of a strange app. It is part game, part exercise and part educational. On the game side, users have to navigate the Mars Rover, put the International Space Station back into orbit or move their Martians to safety before a sand storm hits Mars. When it comes to exercise, Space Nation Navigator provides users with a range of exercises and Yoga videos to prepare them for space travel and working in an anti-gravity environment. The education aspect teaches users about the planets, and star constellations, and then offers quizzes on what has been taught.

Platform: Android and iOS

Cost: A free download.

Stockists: Visit the store linked to your device.

 

Memrise

Memrise takes a new approach to help people learn new languages. Instead of providing a user with random phrases and words to memorise, the app connects you with a person already fluent in the language you want to learn. In turn, the person you are speaking to wants to learn the language in which you are fluent. Once your profile is filled out and languages selected, it connects you with people around the world who are interested in your language, and then allows you to chat with them in real-time. Memrise also lets one learn new languages through games, chatbots and grammarbots that help with spelling, tenses and pronunciations.

Platform: Android and iOS

Cost: A free download.

Stockists: Visit the store linked to your device.

 

Hitman Sniper

Hitman Sniper is loosely based on the Agent 47 movie released a few years ago. The game offers players the ability to hone their shooting skills through a range of training courses and, once they think they are ready, they can start taking out the bad guys. Things start off easy enough, but they get more and more difficult as one progresses through the 150 missions on offer. One will also have to upgrade various gun components, like scopes, magazine capacities and silencers, to make the missions a little easier. Hitman Sniper lets users buy 16 to tackle each of the missions – either with real money or via the points accumulated by completing missions. Money and points can also be used to upgrade firearms.

Platform: Android and iOS

Cost: R7 – with a range of in-app purchases.

Stockists: Visit the store linked to your device.

 

Snake Mask

The iconic Snake game that was preinstalled on most older Nokia phones has had a complete make-over. It now uses Facebook’s AR technology, meaning that you have to navigate the snake around obstacles in your home or office, all the while collecting coins and stars that change the snake’s speed and length. Unfortunately, Snake Mask is only available on Nokia’s new range of smartphones. However, it should not take long before it slithers onto other devices.

 

Platform: New Nokia smartphones running Android.

Cost: Free to use through the Facebook app installed on the device.

Stockists: Available through the Facebook app.

 

WhatsApp Web

Although this is by no means a new app, it is an extremely useful one, and one that not many people know about. Tapping out WhatsApps on your phone is easy enough, but thanks to WhatsApp Web it can be even easier. Open the WhatApp Web page under WhatsApp and you will see a QR code. Scan this code through WhatsApp on your mobile and you will be shown a replica of what you would normally see on your phone. You can then type and reply to messages using your computer instead of having to stop everything and unlock your phone every time a message comes through. WhatsApp Web is great if you share your computer with other people as it automatically disconnects when the browser is closed. However WhatsApp also offers an app that when installed will stay connected to your phone unless you manually remove it.

 

Platform: Any up-to-date Internet browser

Cost: Free to use and install

Stockists: Visit www.WhatsApp.com

 

Carrot Weather

There are thousands of weather apps on the Internet these days and all of them do the same thing – inform you of the weather in your area. However, Carrot Weather has taken what is just another app and turned it into something fun. By fun, I mean sarcastic, rude and completely politically incorrect. A user starts off by selecting religious and political views. It then asks about personality, ranging from friendly to homicidal to overkill – which includes profanity. So, for instance, instead of waking up to to the standard partly cloudy forecast, Carrot Weather will display something like: “It’s only partly sunny, the sun is a total effing failure.” It also has a range of insults that it throws at you whenever you open the app – some of them downright insulting, so it is definitely not for those who are easily offended. The app’s user interface is very simple, displaying a week’s daily forecast and hourly forecasts for the day selected.

Platform: Android and iOS

Cost: Free to download but with adverts. The premium, advert free version costs R12 per month.

Stockists: Visit the store linked to your device.

* Sean Bacher is editor of Gadget.co.za. Follow him on Twitter on @SeanBacher

Continue Reading

Featured

SA Start-up reinvents PABX

For any South African business, the idea of setting up or changing a telephonic switchboard system is the stuff of nightmares. Dealing with expensive hardware and hearing things like QSIG and VOIP is not what you’d call exciting.But now there is an app.

Published

on

Enter BuzzBox (www.buzzboxcloud.co.za), a web-based telephone switchboard that is aimed at small and medium sized businesses wanting to take the hassle and cost out of the company switchboard. Whether you are a small one-man operation or a larger organisation with staff working remotely, BuzzBox is the best switchboard solution.

What sets BuzzBox apart from anything else on the market is its easy-to-use dashboard. It puts you in control of everything from picking your phone number to setting up voice prompts and managing your business-hours schedule.

BuzzBox was developed when the startup behind it, Jini-Guru, needed such a service for its own use across multiple continents. “When we started Jini-Guru we could not find a seamless online process that would allow us to set up a full web-based switchboard, so we decided to build one for ourselves,” says Mike Smits, Director at Jini-Guru.

He says a lot of startups today are tech savvy and know how to use apps and the services that go with it. “It’s the uberisation of services and its driving demand for instant service activation.”

BuzzBox works as an app on both iOS and Android but users wanting a desk phone option can choose from a variety of devices on offer or use their existing VOIP phones.

Setting up a BuzzBox account takes 5 minutes. During registration your FICA documents are uploaded [ID and proof or residence] and you get to pick your phone number before the account is created. Companies that want to keep an existing number can do so too.

The real magic happens when you log on to the BuzzBox Dashboard. The main screen displays a summary of statistics for your account while the left-hand menu provides you quick access to various configuration settings and reports.

Setting up new extensions or external numbers is done with a few clicks and you can even set up various departments which is a great way to route a call to various people in a department, like sales or support.

The intuitive user interface also makes it easy to set up hold-music and voice prompts. You can add voice prompts by recording them straight to your phone, just make sure you use a clear voice with quiet surroundings for the best customer experience.

One of the main features of BuzzBox is its call recording feature that allows an organisation to record calls for legislative purposes, such as a lawyer, or for customer service purposes such as support. Recordings are stored securely online, and you have the ability to download recordings for playback. Companies can opt-in for this service and it’s free to use. Recordings are stored online and are fully encrypted so only you can listen to, or download them. Storage costs R1 for every 1000 minutes of stored recordings.

Other features include call forwarding and scheduling. The latter allows you to set office hours for your organisation which will divert calls to an after-hours messaging service. You also have the option to enable routing to an employee who is on call after hours.

BuzzBox also has a reseller program for companies wanting to offer this as a switchboard solution to their existing customers.

The costs for this service is R89 p/m for the first phone number which includes your first extension for free. Thereafter you’ll pay R89p/m per extension. Calls between extensions are free but you pay per second for all outgoing phone calls. More info on pricing can be found here: https://buzzboxcloud.co.za/pricing/

BuzzBox is offering a Launch promotion where they are offering the first line and extension free for 12 months. Only pay for calls. Use promo code “feoifyaa” during sign-up to apply your discount.

Continue Reading

Trending

Copyright © 2018 World Wide Worx