On March 23rd, 2021, news of a new phishing scam surfaced: In this scam, the cybercriminals fool U.S. taxpayers to hand over control of their systems to hackers. It lures people to open an email-attached document that appears to contain tax-related information but instead releases a malware / remote access trojans (RATs) that connects with a legitimate cloud service.
Using a technique called steganography, cybercriminals hide malicious code in a jpeg file. This would result in billions of dollars in personal losses from stolen private information.
How to stay aware?
IRS never contacts taxpayers by email, social media, calls, text etc. or any other platform for personal or financial information like PIN. If something like this occurs, you need to stay alert and avoid downloading such files.
Cloud Services & Cybercriminals in 2021
Hackers and attackers will never leave a chance to compromise security. Using various techniques like phishing, steganography, brute force attacks, spear phishing etc., they target victims by getting access to the cloud account credentials. After they get it, they log into the compromised accounts and send emails to other accounts in the organization.
Another way they were enforcing these attacks was by modifying the email rules. They set up a rule to forward their malicious mail to the user’s personal account and then also use brute force attacks to infect it.
Attackers were even able to bypass multi-factor authentication and collect sensitive information further.
Chris Hazelton, Director of Security Solutions at Lookout told how attackers impersonated brands like FedEx, DHL, and UPS, that catch attention of the customers. One might think that there is a product delivery related information sent to them. The users then end up getting tricked into providing credentials to their organization’s cloud services.
Countermeasures to stay safe
- Use a strong VPN every time without fail, to access organizational data and resources.
- Educate your employees on cybersecurity, phishing and point out the risks and signs to look for that can alert them if they are being attacked by cybercriminals.
- Keep strict & sanitized email forwarding rules, let the original receiver know of the rule you have applied. The rules should tighten and not allow users to send company emails to outside environment.
- Keep updating the policies and review the people who are authorized to have access.
- Verify that all cloud devices do not have a remote desktop port.
Cloud has numerous advantages for businesses, as it convenient and brings a substantial ROI. With so many features, it has also become a ground for attackers and cybercriminals who are always in attack mode and looking for chances to mishandle data. The amount of sensitive data with the work from home culture also poses a huge threat, but with countermeasures mentioned here and partnering up with an expert organization like CQ Infotech, your business is safe. Contact us today to know, how we can set up a strategy for you.
CQ Infotech – Your Partner in Nullifying Cyber Attacks & Maintaining Quality