11.5 C
Sunday, October 22, 2017
Home Tags Smishing

Tag: Smishing

Press Release Roy Russell, CEO of Ascertus Limited, highlights his view on the technology trends in the legal sector in 2017: Threat management will play a key role in security efforts – With the continued onslaught of cyber-crime in all its various guises – phishing, ransomware, whaling, smishing and so on – security will be high up on the agenda in the legal sector.
In addition to traditional reactive security measures, law firms will look to actively make pre-emptive security a priority.

To support this requirement, legal technology vendors will embed threat monitoring and management into the core business applications that firms use. Linking big data with behavioural intelligence based on system history, such tools will create, study and monitor the finger print of every single user and alert the organisation to unusual actions and activities.

These threat management solutions will very accurately highlight the usage patterns of employees based on their role in the organisation.

Consequently, any peculiar or untoward activity will be relatively easy to spot to potentially identify attacks in process and even improve the ability to detect future breaches. Records management systems will grow in importance and functionality – Records management is becoming essential for regulatory compliance and data security, driven to the forefront of firms’ agendas by the impending arrival of the General Data Protection Regulation (GDPR).

The ability to automatically apply company retention policies to physical files, electronic documents and email correspondence based on good governance practices in both controlled and uncontrolled environments, from a range of device types, as well as inside and outside the corporate firewall, will become essential. Historically, records management has been viewed as a burdensome elective process, relying upon users to manually apply the correct retention policies to their individual records.

This has rarely been effective.

To support the more widespread use of records management in view of the business imperatives, software vendors will make their systems more affordable and processes more user friendly and intuitive.

For example, in recent times we have seen the rise of separate record management systems that can auto-categorise and automatically apply retention policies, thus eliminating manual effort. Unfortunately, to date these types of solutions have been very expensive.

The new breed of records management systems will provide such functionality as standard.

They will also provide full management of many types of data repositories, both physical paper and electronic based, including tight integration with document management systems, network file shares, SharePoint repositories, and other data stores. Artificial intelligence (AI) initiatives will continue, but in the vein of commoditisation – AI is garnering interest in the legal sector, but a closer inspection of the tools and apps being made available reveal that they are presently more similar to commoditised legal services in the form of packaged, low cost modules for areas such as wills, contracts, pre-nuptials and non-disclosure agreements for the benefit of consumers. Undoubtedly, AI offers tremendous potential and some large law firms have launched initiatives to leverage the technology. However, there’s a significant amount of work to be done in defining the ethical and legal boundaries for AI, before the technology can truly be utilised for delivering legal services to clients with minimal human involvement. Until then, in 2017 and perhaps for a few more years yet, we will continue to see incremental innovative efforts to leverage the technology, but in the vein of commoditisation – similar to what we have seen in the last 12 months. Note to the editor: Roy Russell is available to discuss and substantiate his view with further detail. About Ascertus LimitedAscertus provides information and document lifecycle management consultancy; software solutions and IT support services to law firms and corporate legal departments.

Based in Central London, the company offers a full range of professional services – from consultancy, business analysis and project management; to software implementation, training, documentation and technical support – delivering bespoke email, contract and document management solutions in on-premises and privately hosted environments.

The company has successfully delivered and managed some of the largest iManage Work installations at customer sites in the UK.

For more information, visit: www.ascertus.com. Media contact:TagusPRVidushi Patelvidushi@taguspr.co.uk+44 7958474632
Brazilian cybercriminals are clearly setting their sights on users of mobile banking, with a huge rise in incidents registered in the country over the last two years.
In order to carry out these attacks they are using SMiShing (phishing via SMS) and registering new mobile phish domains created especially for this purpose. In 2015, mobile banking usage in Brazil reached 11.2 billion transactions, an increase of 138% compared to the 4.7 billion transactions registered in 2014. Mobile banking is now the second most popular channel for accessing a bank account in the country – there are more than 33 million active accounts, according to the Brazilian Federation of Banks.
Such numbers and the possibility of cheaply sending SMS messages are very attractive to cybercriminals, who are investing their time and effort to create new attacks. Getting started doesn’t require that much money or preparation: first they need to register a domain (usually a .mobi domain), prepare a phishing page in mobile format, hire a bulk SMS service (as cheap as 2 cents per message sent, and generally paid for with a cloned credit card) and voilá! Getting the telephone numbers of the victims isn’t a problem either: huge databases of mobile numbers can easily be purchased on the Brazilian underground, or can be captured in attacks using WhatsApp as bait.

The SMiShing messages inform recipients about a credit card or a bank account that has supposedly been blocked, and always include a link: “Your data is outdated, your account may be blocked. Please update at <phish URL>” – an SMiShing message sent by phishers Why target users of mobile banking? Because it’s easier to hack a bank account when accessed from a mobile terminal instead of a desktop. We’ve listed some of the reasons for that below: No protection: most smartphone users in Brazil still don’t use a dedicated AV on their phones.

A survey performed by B2B International in 2015 showed only 56% of smartphone owners around the world do so. No security plugins: unlike desktops, most banks still don’t require the installation of a security plugin on user devices, despite most banks offering dedicated access via their mobile apps.

Furthermore, fake mobile banking apps from Brazilian banks have also been found in the Play Store. When a criminal decides to phish a mobile banking user, it’s more effective if the attack is compatible with any mobile browser. Simple authentication: most Brazilian banks use very simple authentication on mobile devices, usually just asking for the account number and a six-digit password. Common SMS usage: it’s very common for banks in Brazil to send notifications via SMS. When you buy something or withdraw money for your account, you’ll receive an SMS confirming the operation.

This approach has allowed Brazilian banks to decrease the number of fraud cases, in particular, this is because customers are aware of any fraud involving their credit cards or bank accounts as soon as it starts.

Confusing a SMiShing message with a legit SMS from your bank is very easy. The mobile versions of these phishing banking websites open correctly in the browser, facilitating the theft of user credentials.

The phishers’ tactic is to force the user to access the website via their mobile devices, and not from a desktop.
If the victim tries to access the phishing domain using their computer, the following message displayed: “Service unavailable for desktops, only for mobile devices” The phishing domain only shows its full content when access is made via a mobile browser: The cybercriminals create phishing pages for several banks, in an array of colors and styles: Most of the domains used in these attacks are using the .mobi TLD: We published a list of some of the domains we found here (if you’re an AV guy, block them!). It’s important to highlight one other thing: if access is made from an IP outside of Brazil, some domains will display nothing.
It’s a method used by Brazilian phishers to keep their attacks alive for as long as possible, because if you don’t see it, you won’t block the domain. Users of our products, including the Safe Browser for iOS, Windows Phone, Android and Fraud Prevention solutions are protected against mobile phishing and SMiShing attacks.
For nearly a month, retail giant Target has been engaged in damage control from the news that it was the victim of a massive data breach. It first announced on Dec. 19 that about 40 million credit and debit card accounts were compromised by a massive data breach.

Then the retailer disclosed that along with the theft of credit card information, the hackers also took personal information. Target says that up to 70 million of its customers could have had their personal information stolen, including names, email addresses, phone numbers and mailing addresses.

The breach, in other words, is much broader than initially believed. Considering the breach occurred during a critical holiday-shopping period and that it impacted so many of its customers, the company has some serious explaining to do. People who shop at Target want their questions answered sooner rather than later. But this is still a developing story, and Target is still keeping some details close to the vest.  Here is what we know so far, along with what Target shoppers should be doing to avoid being victimized by identity thieves or, failing that, to minimize the potential damage. Target's Massive Data Breach: 10 Things You Need to Know By Don Reisinger The First Concern? Your Credit and Debit Cards Target announced last month that hackers stole approximately 40 million debit and credit cards.

The information the hackers collected allowed them full access to card numbers and could potentially open the door for them to make fraudulent purchases. Target Will Cover Fraudulent Charges Speaking of fraudulent charges, Target says that consumers need not worry. On an FAQ page on its site, Target reassured its "guests" that they will not be liable for any fraudulent charges that might arise because of this data breach. It's not clear whether significant numbers of Target shoppers have been hit with fraudulent charges. Free Credit Monitoring and Identity-Theft Protection Target, like many companies that have experienced data breaches in the past, will offer its customers free credit monitoring for a year. Target has also promised to pay for a full year of identity theft protection for all affected guests. Target plans to share more details of that offering soon, but its response is the standard in the security space when such a large-scale breach occurs. The Credit Card Data Was Stolen Over a Few Weeks It's shocking just how long the Target data breach went on before the breach was discovered.

According to Target, the breach started on Nov. 27 and continued until Dec. 15 before the point of entry was found and blocked. That gave the hackers plenty of time to collect names, card numbers, expiration dates and security codes on the stolen cards. The Black Market for Stolen Credit Cards Is Booming Reports suggested recently that the underground market for stolen credit card numbers is booming. In fact, a report from security news site KrebsOnSecurity said that cards are being sold for anywhere from $20 to more than $100 each on black market sites.

The cards are reportedly being sold in one-million-card batches. Data Loss Numbers Increase According to Target, up to 40 million credit and debit cards, including full identifying information, was stolen. In addition, up to 70 million customers had their personal information taken, giving hackers another opportunity to generate revenue from the breach. Such sobering data wouldn't be complete without a dose of reality: Target says that despite the breach, it will still generate a profit of $1.20 to $1.30 in earnings per share for the fourth quarter. What's more, sales went down after the announcement of the breach, but have "since shown improvement in the last several days," according to the company. Target Claims Canadian Customers Are Safe—So Far So far, Target has said that the breach impacted only U.S.-based customers. In fact, the company wrote on its FAQ page that Canadian customers need not worry about being looped into this massive breach.

Here's hoping it stays that way. The Big Question on PINs There's an ongoing question surrounding PINs and the Target breach. Target has said that the hackers collected PIN data, but the company claims it's "strongly encrypted" and is therefore "safe and secure." Some customers have understandably expressed concern over the PINs, but the company line right now is that they shouldn't worry. Ongoing Scams are Wreaking Havoc Target has posted guidelines on its Website for sniffing out possible scams.

The company said that its customers should particularly be on the lookout for a wide range of scams, including phishing, smishing (the text-message route for phishing attacks) and social engineering, designed to steal a person's identity.

All Target customers should be on the lookout for anything suspicious. Target Says the Issue Has Been Resolved Why not end on a small dose of good news? According to Target, the hole that allowed hackers to break into the company's network has been plugged and the company now believes that its systems are secure. Based on how this has gone so far, however, don't be surprised if Target's "ongoing investigation" reveals yet more breaches or security leaks. Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis' Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.