Story image

Thwart phishers and their bait through a total security approach

13 Feb 2018

How many phishing emails landed in your inbox today? How many were caught by your filters? How many people clicked on the links and entered their details into dodgy websites? Maybe your CEO was a specific target.

These types of scams are becoming all too common, with many governments and watchdogs doing their best to cut through the noise and educate everyone about the dangers of phishing.

Unfortunately, organisations such as Xero and its customers are being dragged through the mud as greedy cyber attackers create emails and websites that look scarily like the real thing.

Here’s an example. The week of September 28 2017 was a bumper week for phishing emails as criminals masqueraded as both Telstra and the Commonwealth Bank of Australia.

To the untrained eye, both the emails and websites looked almost identical to the genuine sites.

New Zealand is not immune. CERT NZ found that out of a total 390 incidents reported to the watchdogs between April and September last year, 153 were incidents classed as phishing and credential harvesting.

So if emails and websites look genuine, how can you discern the real from the fake?

You should check every email and every link for spelling mistakes and maybe even double check with the genuine organisation about something you’re not sure about.  Security technologies are also more advanced than ever before and they are able to filter out the phony websites.

Before we get to that though, let’s talk about malware.

The CERT NZ report also found that 28 reported incidents were related to malware. Bitdefender recently spotted a custom malware called Operation PZCHAO that was targeting various regions of Asia.

The Ursnif banking Trojan has also been targeting Australia and New Zealand with a disproportionate prevalence. It has been masquerading as genuine brands like Xero and Tax Store Australia.

How can we fight back against malware and phishing attacks? In addition to possessing a healthy dose of cyber hygiene such as not clicking on suspicious documents, cyber protection is more advanced than ever before as it evolves to fight back against cyber threats.

Bitdefender Total Security 2018 is a four-in-one product available for your Windows, Mac, iOS and Android devices. It combines protection, performance and privacy in one product that covers all your security needs.

Bitdefender Total Security 2018 also offers anti-phishing and anti-malware technologies that can secure your organisation, your family - and your CEO.

How does its phishing prevention work? It fights back against phishing by sniffing and blocking websites that masquerade as trustworthy in order to steal financial data such as passwords or credit card numbers. It warns you every time you come across fraudulent attempts.

It also defends against all threats including malware, zero-day exploits, rootkits and spyware.

What else is included? Webcam protection, multi-layer ransomware protection, a password manager, file shredder and social network protection just to name a few.

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.