On Monday, a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) advised organizations to take proactive actions in order to protect themselves against ransomware attacks during the upcoming holiday season.
Yesterday, the Federal Bureau of Investigation (FBI) issued a new warning to alert the public of recent spear-phishing email operations aimed at customers of brand-name companies via their online User IDs and associated email accounts. These attacks are also known as brand-phishing.
This warning was issued as a public service announcement (PSA) via the bureau’s Internet Crime Complaint Center platform, in collaboration with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).
How Does It Work?
The potential victims are directed to phishing landing pages through methods such as spam emails, SMS, or mobile and web applications that may spoof the identity or the email address of an organization’s legitimate website.
The scammers may then include login types or malware into their phishing webpages with the intention of accessing and stealing their targets’ login information, credit card details, or other types of personally identifiable information (PII).
Moreover, cybercriminals are probably creating software to trick potential victims into disclosing information in order to dodge account protection measures such as two-factor authentication (2FA) by intercepting email messages and compromising accounts.
When cybercriminals gain access to a consumer’s online and email accounts, cyber criminals may be able to intercept emails with 2FA codes that are used to make significant changes to online accounts, update passwords, verify user access, or change security rules and setup before the account owner is notified and aware.
The FBI has observed cybercriminals selling scamming software and offering these tools with the appearance of their own ongoing technical support.
Cybercriminals are financially motivated to develop these scampage tools to enhance their scamming tactics and more effectively harvest the credentials of consumers to compromise and takeover account access.
Most Impersonated Brands in 2021
As per a report by cybersecurity firm Check Point, Microsoft is the most impersonated brand in phishing attacks in 2021. According to the researchers, WhatsApp, LinkedIn, and Facebook made the top ten most impersonated brands list for the first time this year.
FBI Recommendations
The FBI keeps raising awareness that spear-phishing techniques are a rising threat across sectors in the United States and abroad, and it encourages the public to report through the Internet Crime Complaint Center (IC3) to help the victims and avoid future cyberattacks.
Private sector partners are advised to stay vigilant, assess internal policies, and communicate with their customers about account security procedures.
Here is what customers should do in order to be protected against phishing attacks:
- Be suspicious of unsolicited contact via email or social media from any individual you do not know personally and/or containing messages enticing you to open a link or attached file.
- When receiving account alerts, rather than clicking a link within an email or text, opt to navigate to the website using the secure URL to review any logs, messages, or notices.
- Closely verify the spelling of web addresses, websites, and email addresses that look trustworthy but may be imitations of legitimate websites, to include the username and/or domain names/addresses (i.e., capital “I” vs small “L”, etc.).
- Use strong unique passwords, and do not re-use the same password across multiple accounts.
- Do not store important documents or information in your email account (e.g., digital currency private keys, documents with your social security number, or photocopies of a driver’s license).
- Enable 2FA and/or multi-factor authentication (MFA) options to help secure online accounts, such as a phone number, software-based authenticator programs/apps, USB security key, or a separate email account (with a unique password that does not link to other consumer accounts) in order to receive authentication codes for account logins, password resets, or updates to sensitive account information.
- When possible, do not use your primary email address for logins on Websites. Create a unique username not associated with your primary email address.
Because of the large number of individuals who use brand-name services and the level of confidence and authenticity associated with these organizations, threat actors continue to attack brand-name customers as they make more transactions, conduct business, and receive assistance online and via mobile apps.
How Can Heimdal Help You?
Heimdal Security has developed two email security software aimed against both simple and sophisticated email threats: Heimdal Email Security, which detects and blocks malware, spam emails, malicious URLs, and phishing attacks and Heimdal Email Fraud Prevention, a revolutionary email protection system against employee impersonation, fraud attempts – and BEC, in general.
For example, you may want to consider HeimdalTM Security’s Heimdal Email Fraud Prevention, the ultimate email protection against financial email fraud, C-level executive impersonation, phishing, insider threat attacks, and complex email malware. How does it work? By using over 125 vectors of analysis and being fully supported by threat intelligence, it detects phraseology changes, performs IBAN/Account number scanning, identifies modified attachments, malicious links, and Man-in-the-Email attacks. Furthermore, it integrates with O365 and any mail filtering solutions and includes live monitoring and alerting 24/7 by our specialists.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.