The year 2015 and the first half of 2016 has witnessed an unprecedented increase in malware attacks, especially the comeback of ransomware threats with increased sophistication. Cybercriminals have reprogrammed the older versions of malwares to carry out these attacks, and although the scripts in the malicious content are rejigged, criminals’ modus operandi remains the same. Hackers still tend to victimize their targets through two major ways; password hacking and phishing emails.
A research that came out last month found that 89% of security breaches on an enterprise level happen mostly through phishing emails and data theft, such as stealing of login credentials. On the flip side – and equally scary – the research found that almost 9% of those attacks were carried out by from state-sponsored groups.
However, phishing emails based on “social engineering” tactics still seemed to take the lead by sending unique content to businesses that could easily surpass any security software in a network. Essentially, hacker groups are recoding older versions of malwares to make them undetectable to the network filters and deploy them stealthily to break through the security barriers. According to the finding, almost 70-90% of malwares affecting corporate networks were new and unique, as reported by security software vendors.
It’s noteworthy that although the groups behind such crimes changed the codes in the malwares – like changing the signatures or hashes to turn them new programs – the impact of the malwares followed the same pattern as their predecessors. Most of these unique malwares still aimed at encrypting files for ransom, capturing login data and so on. Also, the phishing emails have come a long way because compared to the obviously-fake looking mails that cybercriminals sent in the past, the malicious emails are impeccably designed to resemble a well-known brand or business that hackers are trying to impersonate. Add cybercriminals’ well thought out prudence to that and you have a cleverly crafted phishing mails each customized to fit their unsuspecting victims’ preference so that the latter are prone to download a malicious link without much thought.
One of such cases emerged last month, when a US federal agency fell prey to a spear-phishing attack carried out by a hackers that identify themselves as Sofacy group. Discovered by a California-based security company in its finding, the firm doesn’t disclose the identity or location of the federal body, but revealed that the government body fell for an email with malicious link sent by the hackers.
Spear-phishing is nothing new for US federal offices; they both have a long-standing tryst with each other which usually ends up in the government agency losing some precious data. However, the government has taken some stern measures in the recent years and vowed to punish culpable groups or individuals. They have also started educating their employee pool to become more alert of phishing mails and not clicking on links regardless of where they come from; instead, staffs are instructed to copy and paste URLs into the browser to avoid falling victim to links that redirects users to a malicious page.
The saddest fact about malware agents spreading their lasso to cripple more and more enterprises is that the attacks have grown in numbers within the past two years despite increased media awareness about phishing and hacking among the internet community.
A fundamental way to protect yourself from falling in the phishing (and possibly, hacking) trap is to install a trusted antispam software in your computer. Comodo KoruMail, an anti-spam solution from the leading antivirus vendor fits the bill perfectly when it comes to fighting spams, phishing emails and virus-infected attachments. The KoruMail, or Comodo Antispam Gateway (CASG) as it is also known, is configurable in any email system without any hassles and it works as a cloud-based email filtering solution to block unwanted email-borne mails from impinging any damage to the enterprise data.