Connect with us

Featured

One in five phishing attacks caught by AI author analysis

Cloud-based email protection saw a rise in BEC, phishing and email-borne malware

Published

on

Phishing attacks caught by artificial intelligence (AI) analysis of authorship increased from 7% in 2018 to 21% in 2019, according to Trend Micro’s 2019 Cloud App Security Roundup report. The report found that criminals are getting better at tricking the first layer of defence against business email compromise (BEC) attacks, which typically look at attacker behaviours and intention analysis of the email content. One in five BEC attacks were caught by AI-powered authorship analysis.

The report highlights changes in messaging-specific threats detected last year, the use of more sophisticated malware, and the potential abuse of emerging technologies in artificial intelligence to inform future business protection strategies.

In 2019, Trend Micro blocked 12.7 million high-risk email threats for customers leveraging cloud-based email services from Microsoft and Google. This second layer of defence caught threats beyond those detected by the cloud email services’ built-in security.

“Organizations are leveraging the power of SaaS-based applications in greater numbers to drive productivity, cost savings and growth. However, in doing so they may be opening themselves up to risk if they only rely on built-in security,” said Indi Siriniwasa, Vice President for Sub Saharan Africa at Trend Micro. “As our report shows, built in security is not enough on its own to stop today’s cybercriminals. Businesses must take ownership of cloud protection and find a multi-layered third-party solution to enhance their platform’s native security functionality.”

More than 11 million of the high-risk emails blocked in 2019 were phishing related, making up 89% of all blocked emails. Of these, Trend Micro detected 35% more credential phishing attempts than in 2018. Additionally, the number of unknown phishing links in such attacks jumped from just 9% of the total to more than 44% in 2019. This may demonstrate that scammers are registering new sites to avoid detection.

The report also shows that criminals are getting better at tricking the first layer of defence against Business Email Compromise (BEC) attacks, which typically look at attacker behaviours and intention analysis of the email content. The percentage of BEC attacks caught by AI-powered authorship analysis increased from 7% in 2018 to 21% in 2019.

Emerging phishing techniques outlined in the report include the increasing use of HTTPS and targeting Office 365 administrator accounts. This enables malicious hackers to hijack all connected accounts on the targeted domain and use them to send malware, launch convincing BEC attacks and more. To this end, Trend Micro blocked nearly 400,000 attempted BEC attacks, which is 271% more than in 2018.

In the face of such threats, Trend Micro recommends the organizations take the following mitigation steps:

  • Move away from a single gateway to a multi-layered cloud app security solution
  • Consider sandbox malware analysis, document exploit detection, and file, email, and web reputation technologies to detect malware hidden in Office 365 and PDF documents
  • Enforce consistent data loss prevention (DLP) policies across cloud email and collaboration apps
  • Choose a security partner that can offer seamless integration into their cloud platforms, preserving user and admin functions
  • Develop comprehensive end-user awareness and training programs

The report’s findings were based on data generated by Trend Micro Cloud App Security, an API-based solution that protects a range of cloud-based applications and services, including Microsoft Office 365 Exchange Online, OneDrive for Business, SharePoint Online, Gmail, and Google Drive.

To find out more, please the complete report here: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/trend-micro-cloud-app-security-report-2019

Featured

How retailers must respond to life under lockdown

Published

on

As businesses settle into lockdown, South Africa’s largest second-hand retailer, Cash Crusaders offer other retail businesses – that have also been forced to close, some advice and recommendations on preparing for, and managing through the lockdown. The group that have been operating for over 20 years with over 220 stores nationwide, also offer advice on considerations retail store owners – and other businesses, should make as the country makes their COVID-19 economic recovery.

Follow the rules

Ensure that you follow the rules set out by our President for the lockdown. As bitter as this pill may be to swallow, the longer-term benefits for our country and our businesses far outweigh the frustration and anxiety you may be feeling now. This is not a time to break the rules. #StayAtHome. It is a time to practice human responsibility, not complain about Human Rights being compromised. Countries who initially implemented loosely managed lockdowns, have had to extend to get the pandemic under control, so strict rules from the get-go will prevail in the fight against the virus. 

Secure your stores

By now you should’ve secured your valuable goods and should have ensured all your security systems are in good working order. If you haven’t already, make sure your security companies have your correct contact information. Make sure your necessary insurance cover is up to date.

Keep your staff informed

They are and continue to be your most important asset!

By now, you may have needed to investigate UIF benefits to compensate for your employees loss of income. The Minister of Employment and Labour, T.W Nxesi has recently announced measures that the Department will put in place under the current special circumstance relating to the Corona virus (COVID-19) and its impact on UIF contributors.

The Temporary Employee/Employer Relief Scheme (TERS) has been set up under the auspices of the Unemployment Insurance Fund (UIF). Employers apply for the TERS on behalf of its employees. 

The TERS has two distinct advantages over UIF 

  • All employees qualify for up to 3 months of benefits, irrespective of how long they have contributed to the UIF and 
  • TERS will not pay any employee less than the minimum wage.

You can benefit from the TERS by sending an email to covid19ters@labour.gov.za. Applicants will then receive an automated response which outlines the steps you will need to take, as well as the details surrounding them – including the requirements to claim benefits. During the lockdown period, the Department of Labour will not accept manual applications (to reduce physical contact and risk of the virus spreading), this is to reduce contact between people to curtail the spread of the pandemic. A hotline number has been created by the UIF (012-337 1997) for Covid–19 TERS Benefit enquiries during the lockdown period. 

Be sure to be calm when addressing any concerns with your team – they are anxious and nervous of what the eventuality of this outbreak may be.

Communicate with your bank

Make sure you’ve been in touch with your bank (as they are still operational) and discuss any loan repayment relief or postponement over the lockdown period (the banks have termed this a “payment holiday”). Work with them on a cash flow plan as once the lockdown has lifted, trading businesses will need liquid cash.

Contact your landlord

Ensure you’ve connected with your landlord to discuss and agree on any possible repayment or rent relief/payment holiday they may be able to offer you. Keep the channels of communications open with your landlord and bank – rather over-communicate than not communicate enough.

Keep communication open with your customers

The country may be on shutdown, but the internet isn’t. Communicate with your teams and customers by whatever necessary and relevant communication channels you have available to you – website, social media, PR/Marketing teams, newsletter dissemination etc.

Use this time wisely

Amidst all the chaos this time brings, there is also a silver lining. We all have time at this stage, but how many of us make valuable use of that time? Particularly when it comes to family.  Business is demanding most times so with a forced shutdown of business it give you the time to spend with your family, catch up on outdated maintenance around the house and a period of rest. This lockdown period will also afford you uninterrupted strategy time. Take the time to reflect on areas of your business you can improve or evolve. Strategise ways to do things better or differently. Use the resource available via your own business network as well as the countless online content that is available, to work on a plan for the way forward. Consider your financial, loan and other business administration processes you have in place and look at new ways to optimise the channels and areas you’re working with or within. A host of online learning facilities offer short courses – perhaps consider upskilling yourself or members of your team by signing up for one of these too.

“These are some of the steps we’ve taken within our own organisation,” says Sean Stegmann, CEO of Cash Crusaders. “Having been in this business for as long as we have has afforded us the wealth of experience we’re able to share with our franchisees and other retail business owners to help navigate the next few weeks and recovery period,” he says. “Take it one day at a time and know that the decisions we’re being forced to make today will mean a future for us tomorrow, both in business and in health!,” he concludes

Continue Reading

Featured

Vodacom cuts cost of smallest bundle by 40%

The country’s largest mobile operator has kept to a promise made last month to slash the price of entry-level data packages

Published

on

Vodacom has cut the data price of its lowest-cost bundle by 40%, reducing the price of a 50MB 30-day bundle from R20 to to R12. This follows from the operator’s promise in March, when it announced a 33% cut in the cost of 1GB bundles, to reduce prices of all smaller bundles by up to 40%.

Vodacom’s various 30-day data bundle prices will be cut across all of its channels, with the new pricing as follows:

30-day bundle size New Price Reduction
50MB R12 40%
150MB R29 33%
325MB R55 33%
500MB R79 21%
1GB R99 34%
3GB R229 23%
5GB R349 14%
10GB R469 22%
20GB R699 31%

Vodacom confirmed it will provide free data to access essential services through Vodacom’s zero-rated platform ConnectU with immediate effect. The value of these initiatives, it says, is R2.7-billion over the next year.

“Vodacom can play a critical role in supporting society during this challenging time and we’re committed to doing whatever we can to help customers stay connected,” says Jorge Mendes, Chief Officer of Vodacom’s Consumer Business Unit. “Since we started our pricing transformation strategy three years ago, our customers have benefitted from significant reductions in data prices and the cost of voice calls. Over the same period, we invested over R26 billion in infrastructure and new technologies, so our customers enjoy wider 2G, 3G and 4G coverage and vastly increased data speeds.”

The latest data reductions will complement the discounted bundle offers that will also be made available to prepaid customers in more than 2,000 less affluent suburbs and villages around the country. For qualifying communities to access further discounted voice and data deals, they need to click on the scrolling ConnectU banner on the platform via connectu.vodacom.co.za

ConnectU – which is a zero-rated platform – also went live this week. It will provide content aimed at social development and offers a variety of essential services for free. Learners and students enrolled in schools and universities can access relevant information for free, with no data costs. The ConnectU portal includes a search engine linked to open sources such as Wikipedia and Wiktionary as well as free access to job portals; free educational content on the e-School platform; free health and wellness information and free access to Facebook Flex, the low data alternative to Facebook that enables customers to stay socially connected.

Vodacom’s popular Just4You platform has been a significant contributor to the approximately 50% reduction in effective data prices over the past two years. Substantial cuts in out-of-bundle tariffs and the introduction of hourly, daily and weekly bundles with much lower effective prices have also driven increased value and affordability, resulting in R2-billion in savings for customers in 2019.

Continue Reading

Trending

Copyright © 2020 World Wide Worx