When you’re online, the world is at your fingertips. You can do amazing things like stream the latest movies while they’re still in theaters! Or you can enjoy the convenience of online shopping and avoiding the DMV by renewing your driver’s license remotely.  This is possible because we’re able to communicate with these organizations through many different channels and we trust them. Unfortunately, many bad actors have taken advantage of this trust and the ease of communication to up their game when it comes to social engineering.  

What is social engineering? One of the more famous examples of social engineering was the Nigerian Prince email scam. In this example, hackers relied on a novel, too-good-to-be-true story of a prince looking to transfer some of his fortune if only he could use your bank account number. The Nigerian Prince is a running joke these days, the internet version of “if you believe that, then I have a bridge to sell you,” but its original success made scammers realize they were onto something big.  

Modern social engineering campaigns closely resemble communications from legitimate organizations. They’re carefully designed, may be grammatically correct, and appear in completely plausible scenarios. However, they’re all after the same thing – information to gain access to an organization or individual’s accounts.  

Phishing is common form of social engineering 

Phishing is a type of social engineering that uses email or websites to convince people to give up their personal information, under the guise of a plausible reason. Instead of a Nigerian prince asking for a bank account number, an email posing as your bank may ask for you to confirm your account information. Often these emails are tied to circumstances that demand your attention and reflect a sense of urgency. Needless to say, many recent phishing scams have played into COVID-19 pandemic fears and economic concerns. Here are a few other scams related to phishing to watch out for: 

Vishing refers to phone calls trying to get information from people. Think cruise ship vacations and car warranties and you’re on the right track. Chances are you’ve gotten a robocall that qualifies as vishing 
Smshing is the text version of a phishing campaign. These messages are especially malicious as they may have links that take you to fake web pages or dial a phone number.  

Here’s how to identify a phishing campaign in a few easy steps 

First, does the message you’ve received contain any of the following: 

Notification of suspicious activity or log-in attempts 
A claim that’s there’s a problem with your account or your payment information 
Request to confirm personal information 
A fake invoice 
A link to make a payment 
Says you’re eligible to register for a government refund 
A coupon for free stuff 

If so, check for these tell-tale signs used by phishing scams 

A sender address that’s just slightly off – Cybercriminals addresses that closely resemble ones from a reputable company with just a few alterations of letters or other characters.  
Lack of personalization – Generic greetings that don’t reference your name or email address may be an indicator of a phishing email. 
Hyperlinks and site addresses that don’t match the sender – Hover your mouse over the hyperlink or call-to-action button in the email. Is the address shortened or is it different from what you’d expect from the sender? It may be a spoofed address from the  
Spelling and layout – Strange grammar and less-than-polished email layouts can be obvious signs that this is a scam email impersonating a large company.  
Attachments – Be wary of any attachment in an email. Attachments are great way to deliver viruses and malware to your device. 

If the email you’re suspicious of has several of the above warning signs, chances are you’ve spotted a phishing email. Still not sure what we’re talking about? Check in your email’s spam and you’ll probably see some obvious examples of phishing right away. Spam doesn’t catch everything though, and the best phishing scams can be very difficult to separate from the legitimate emails. With that in mind, we’ve pulled together some safety precautions that will help keep you safer, from phishing emails. 

Preventing and avoiding phishing scams 

Confirm the source. Unsolicited phone calls, visits, or emails are best avoided altogether or confirmed with a second source. Verify the sender or caller’s identity with the organization they claim to represent. Use contact information from a previous communication you know to be legitimate. 
Keep personal information private over email. Don’t reveal personal or financial info over an email or do so by following links provided in an email. 
Install and maintain online protection, like McAfee’s Total Protection. This kind of protection includes firewalls and even web browsing advisors to help you reduce spam and verify sites.  
Take advantage of email client and web browser antispam and link verification features. 
Use multi-factor authentication and a password manager to ensure even if your login information is stolen, scammers can’t access your accounts. 

The post Staying safer online from phishing and other attacks appeared first on McAfee Blog.

Read More

In the MS-ISAC’s Top 10 Malware list for September 2022, Arechclient2, RedLine, and Ursnif all made a return to the roundup.

Read More

The report highlighted the enormous business costs of supply chain software attacks

Read More

After suffering two large, and embarrassing, data breaches in recent weeks, the Australian government increased the fine for serious data breaches from $2.2 million to a minimum of $50 million. (That’s $50 million AUD, or $32 million USD.)

This is a welcome change. The problem is one of incentives, and Australia has now increased the incentive for companies to secure the personal data or their users and customers.

Read More

This blog was written by an independent guest blogger.

The banking and financial sector is known for its dependence on third-party vendors that help provide customers with quality financial products and services. It is one of the most interconnected sectors, making it one of the most vulnerable to cyberattacks. And because third parties operate through the banks they are contracted with, any losses are the bank’s responsibility. 

The interconnectivity and shared data of embedded finance enable banks to provide more effective solutions and better financial products. But because numerous systems and processes are intertwined across networks and organizations, there are many avenues for attackers to wreak havoc on banks and their customers. 

There are several third-party services that are necessary for banks to operate efficiently, but there are many risks that come with the territory. What are the risks? And how can banks reduce the impact of vulnerabilities from third-party vendors? Let’s discuss some of the top risks associated with outsourced banking services and how banks can protect themselves. 

Common third-party vendors

Relationships with third-party vendors are highly valuable for banks and financial institutions. Using third parties enables banks to offer their customers a wide variety of services to increase revenues, reduce overhead costs, and expand the institution’s ability to reach new customers. When third-party relationships are managed effectively, they can be an essential piece of a larger business strategy. 

Here are some examples of services provided by third parties:

Mortgage lending
Credit cards
Overdraft protection
Auditors
Brokerage services
Auto dealer relationships
Flood insurance 

But services are not the only place that banks use third parties. Companies often use software and other technologies like CRM, invoice generators, communications tools, and more. 

And with new services being added all the time, banks also use third parties to educate workers and customers about new products and services. Third-party service providers allow banks to innovate and stay ahead of the curve, giving them an edge over the competition and improving customer experiences. 

You might never have thought to deploy a crypto 101 module, but cryptocurrency banking is an up-and-coming service. One day we may all require a crypto account. Third-party vendors make shifting to new technologies and rolling out new service offerings simple for everyone involved. So what’s the problem with third-party vendors?

Risks of outsourcing to third-party vendors

Despite the benefits of working with third-party vendors, banks are up against numerous risks when they choose to outsource a service:

Regulatory risks

Privacy is a key issue involved with third-party vendors. Banks are required to maintain regulatory compliance to protect consumer data, or else they could face steep fines and penalties. If a bank experiences a data breach, it’s highly likely that they were not in compliance with data privacy regulations. Not only does this affect consumers, but it could have serious impacts for national security as well.  

Reputation risks

Working with third-party vendors can sometimes mean putting a bank’s reputation on the line. Aligning with the wrong vendors can lead to inconsistencies that have a domino effect on an organization. If there is a negative public image of a third-party service provider due to a security breach, regulatory violations, or bad press, the bank could experience some pushback as well. When banks use poor judgment in choosing service partners, they run the risk of dissatisfied customers, unexpected financial losses, and even public backlash.

Operational risks

Unsecure or immature third-party vendors can also cause banks to suffer from operational risks. Many banks use third-party services that integrate with their own processes. Some implement third-party services to run a certain program or financial offering. Even the systems that control daily operations are built on third-party platforms. But if internal systems are affected by a third-party failure, operations could come to a halt. 

Financial risks

There are also several financial risks associated with working with third-party vendors. Banks and vendors typically enter into legally binding contracts that detail performance expectations and financial obligations. But the financial condition of all vendors can immediately affect banking institutions. If the third party doesn’t adhere to the contract agreement, originates loans outside of approved limits, or lacks the ability to mitigate financial losses, the bank could end up paying. 

How to reduce third-party risks in banking

Outsourcing financial programs and services can help banks improve customer experiences, reach new customers, and increase revenues. Still, the risks can leave organizations open to data breaches, financial losses, and operational failures. When banks enter relationships with third-party vendors, they absorb the consequences of failures, data breaches, and costs. 

According to the Federal Deposit Insurance Corporation (FDIC), there are 5 steps that banks can take to reduce the risks of working with third-party vendors:

Conduct thorough risk assessments

Before entering an agreement with a third-party vendor, banks should conduct a thorough risk assessment to evaluate the potential of their alignment. A vendor risk assessment should include oversight for fourth-party applications and services, risk vs. reward analysis, and ensuring that the relationship aligns with the bank’s strategic business goals.

Perform adequate due diligence

In addition to a thorough risk assessment of potential third-party vendors, banks should also perform adequate due diligence. Gathering the correct information can help management address more specific details about vendors’ capabilities. Surprises about operational factors, business limitations, and financial obligations can create serious legal and regulatory problems. 

Review contracts carefully 

Once a decision has been made to move forward with a particular vendor, the bank must ensure that all documentation is carefully examined. Specific expectations should be lined out from the beginning for both parties before any services operate through a third party. Management, executives, and the board must all approve contracts before they are offered to vendors. Legal counsel is important at this stage to reduce any legal risks associated with the third party. 

Ensure proper oversight

Banks can ensure proper oversight of third-party activities through specific workflows dedicated to the flow of approvals and reviews. The board should initiate the approval of the third parties’ activities and conduct regular reviews of these arrangements, especially when there is a change to the program. Banks can implement continuous monitoring activities through the company’s compliance systems to ensure that vendors are operating according to federal and state laws. 

Implement robust cyber security processes

Finally, banks, third-party vendors, and fourth-party vendors should all perform regular reviews of network security processes. Companies must have end-to-end transparency across all vendor activities while at the same time protecting their perimeter from data loss. The key is that organizations have a plan to implement changes, patch management protocols, and vulnerability mitigation in addition to detection and response processes. 

Final thoughts

Third-party service providers enable banks to offer various services to meet customer needs. But vendor management is complex and comes with several risks that can damage a bank’s reputation, credit, and ability to perform. 
A reactive approach to changes in regulations, technology requirements, and vendor abilities leaves banks vulnerable to risks. But standardized methodology, vendor requirements, and ongoing oversight can help maintain positive vendor relationships. Plus, a proactive approach to third-party management can help reduce security risks and keep attackers at bay.

Read More

SonicWall figures show overall attacks trending down

Read More

Unspecified number of customers impacted over 2.5 years

Read More

For many years, attackers have used and abused various ways to get on our systems. From phishing to tricking us to click on websites, if an attacker can get their code on our systems they are no longer our systems. Attackers will even invest the time, energy, and expense to get their malicious drivers approved and co-designed through the Windows Hardware Compatibility Program in order to gain access to our machines. Ensuring that these malicious drivers are blocked is a key method for protecting systems.

Microsoft has long touted a means to update this master listing on our systems and, in theory, the idea was valid: using settings and security hardware on the computer, enabling hypervisor-protected code integrity (HVCI) was supposed to protect systems from malicious drivers. Attackers have used such attacks in the past ranging from RobbinHood, Uroburos, Derusbi, GrayFish, and Sauron, to campaigns by the threat actor STRONTIUM. As a Microsoft blog in 2020 pointed out, if a computer had HVCI enabled, it would be able to defend itself against vulnerable and malicious drivers. In the blog post, it was noted that “Microsoft threat research teams continuously monitor the threat ecosystem and update the list of drivers that in the Microsoft-supplied blocklist. This blocklist is pushed down to devices via Windows update.”

To read this article in full, please click here

Read More

UK privacy regulator says vulnerable people may be at risk

Read More