{"id":158524,"date":"2018-03-05T10:33:00","date_gmt":"2018-03-05T15:33:00","guid":{"rendered":"https:\/\/www.ntegrait.com\/i-was-hacked-dont-make-the-same-mistakes-i-did\/"},"modified":"2024-02-06T13:28:51","modified_gmt":"2024-02-06T13:28:51","slug":"i-was-hacked-dont-make-the-same-mistakes-i-did","status":"publish","type":"post","link":"https:\/\/ntegrait.com\/i-was-hacked-dont-make-the-same-mistakes-i-did\/","title":{"rendered":"I Was Hacked \u2013 Don\u2019t Make The Same Mistakes I Did"},"content":{"rendered":"

I wish I knew all of this a few months ago. I\u2019m writing to tell everyone who will read this that the email you think is from a trusted source may really be from a hacker.\u00a0\u00a0\u00a0<\/strong><\/p>\n

\"Hacked\"<\/p>\n

Last fall, a new, sophisticated spear-phishing campaign was sent to employees that handle company finances. One of those companies was mine. (I\u2019m writing this anonymously because I don\u2019t want my clients to find out what happened.)<\/p>\n

Hackers are now masquerading as trusted business contacts. They\u2019re pretending to be employees from vendors\u2019 accounts payable departments, or other financial entities in an attempt to steal money.<\/p>\n

If you don\u2019t know, the term for this is spear phishing. Spear-phishing emails look like they\u2019re from a trusted source but in reality, they\u2019re sent from hackers to obtain classified financial or other private information. One of my employees got fooled.<\/p>\n

Today\u2019s hackers can easily find out who your trusted contacts are and will impersonate them in order to trick your employees into either sending them money or providing them the means to gain access to your accounts.<\/p>\n

How did <\/strong>the hackers succeed in robbing my business, you ask? <\/strong>Well, they simply spoofed the name in the \u201cFrom\u201d field in an email. It appeared to be one of our vendor\u2019s emails, but in reality, the email came from a thief. I\u2019ve learned that core SMTP doesn\u2019t provide authentication, so it\u2019s easy to forge and impersonate emails. I didn\u2019t know that then, but I do now.<\/p>\n

Since then I\u2019ve done some research<\/strong>. What I\u2019ve learned is that there were two different spear-phishing emails that went out. One message said that an invoice was due and read, \u201cI tried to reach you by phone today, but I couldn\u2019t get through. Please get back to me promptly with the payment status of this invoice below\u201d.\u00a0 In the context of the message was a fake link for the employee to click to view and pay the invoice. This is the one that fooled my worker.<\/p>\n

The other message read, \u201cI\u2019m providing you with my new address and invoice details below\u201d. This one had a link for the recipient to view the new address to send payments to. Be sure to watch out for these emails; I\u2019m sure they\u2019re still circulating.<\/p>\n

The majority of account takeovers today come from spear-phishing attacks like this where someone gets tricked into releasing private credentials and information. Plus, spoofed emails can also contain additional cyber threats like Trojans or other viruses. These can cause significant damage to your computers and even delete your files. Luckily, this didn\u2019t happen to us.<\/p>\n

I\u2019ve also learned that cybercriminals are increasingly using spear-phishing attacks because they succeed. Ten targeted messages have a better than 90% chance of getting a click. Even CEOs get spoofed and share usernames and passwords.<\/p>\n

The problem is that these attacks are becoming more sophisticated all the time. While we\u2019re busy working trying to grow our businesses, the cybercriminals are working to find ways to trick us out of our money. These are no longer lone attackers, but professional, global organizations working to find better ways to hack into our bank accounts.<\/p>\n

Now I know better. I know how to protect my business from these spear-phishing attacks and other types of cybercrime.\u00a0 Here\u2019s what we\u2019ve done, and you should do as well: <\/strong><\/p>\n

Stay Vigilant<\/strong><\/p>\n

By far, the number-one thing that you can do to is to be as aware as you can about the types of threats you\u2019re facing. Contact your IT provider and ask them to conduct Security Awareness Training for you and your employees on a regular basis. They are apprised of the latest cyber threats and how to protect you from them.<\/p>\n

Plus, always view email messages with a high degree of skepticism. Hackers are clever \u2014 you and your employees must be even more so. Hover over the email address in any message that asks you to do something. Never click on a link in an email. Always go to the website you know is correct. Remember, secure websites always start with \u201chttps\u201d and not \u201chttp\u201d.<\/p>\n

Your employees are your first line of defense to keep your information and computers safe.<\/u> By properly teaching them how to deal with cybersecurity attacks, you can lower the chance that your business will be affected by a security breach.<\/p>\n

Unfortunately, many organizations train employees on security awareness only once or twice. Cybercriminals are constantly developing new techniques to trick people into giving away confidential information or downloading malware. It\u2019s critical to conduct recurring security training to ensure your employees stay up to date on the latest security threats and how to avoid them. Regular reminders, such as changing network passwords or recognizing the latest spear-phishing scheme will save you a lot of trouble in the long run.<\/p>\n

Make Cybersecurity a Priority<\/strong><\/p>\n

Always back up your files to an external hard drive or secure cloud storage. My Managed Services Provider says that it\u2019s best to use a comprehensive solution with remote, offsite backup and data recovery services to ensure our business information is safeguarded and files are recoverable. Your Managed Services Provider should do this for you as well. They can also keep your security solutions up to date.<\/p>\n

In ours and other cases, the spear-phishing attacks could have been blocked with the latest Email and Spam Protection solutions. These provide:<\/p>\n