With technology and the Internet becoming increasingly prevalent fixtures in our lives, most people are getting pretty savvy when it comes to protecting themselves and their data against cybercriminals. Computer users know to use strong, unique passwords for their important accounts and not to download applications from disreputable websites. And while those are good defense techniques, they don't help with perhaps the most commonly overlooked method hackers use to infect computers with malware: phishing emails.
Phishing schemes are an equal opportunity attack method, targeting everyone from individual computer users to employees of major corporations. The latest victims of this type of cybercrime are companies in the energy sector, with industry workers being sent malicious emails containing attachments infected with malware. Hackers have gotten so good at crafting convincing messages using publicly available information that even users who would normally know how to avoid malicious software can be tricked into opening the messages or clicking on links.
"Hackers are so good at writing convincing messages that even the savviest users can be tricked."
According to software security firm Symantec, opening malware-laden attachments can leave victims vulnerable to cyber-snooping, a major problem for energy companies dealing with highly sensitive information. The majority of the companies singled out for this particular cyberattack operate within the energy sector, leading Symantec to believe that the cybercriminals are looking to profit from corporate espionage.
"Whoever is behind these attacks may have a strategic interest in the affairs of the companies affected," wrote Symantec analysts in a blog post about the attacks.I would be sure to cite the source that quoted the Symantec analysts}
Security researchers with Symantec explained that the attack is a three-step process. First, the user opens the malicious email, downloading malware onto their device. Then, a Trojan does an initial survey of the machine and collects information about the computer – what types of software are installed, what security precautions have been taken, hardware specifications, etc. – and sends the data back to the hackers. Once the attackers have all the necessary information, they infect the machine with further malware delivered by servers based in the U.S., U.K. and Bulgaria. The additional malware allows the hackers to steal even more confidential information and open backdoors on the device that leave systems open to breaches in the future.
Eliminate email, reduce data breaches
Corporate cybercrime and theft of intellectual property is becoming an increasingly common occurrence, and one of the most popular methods is phishing schemes. Many companies may feel helpless to stop criminals as their scams become more convincing and damaging, but there is a simple answer: Stop using email for all business communication. This may sound crazy, but it is not as drastic as it seems. Email is growing less reliable all the time, and yet businesses continue to rely on it as their main method of communication despite the risks. A reliable alternative to email for enterprise communication is fax-over-IP services.
FoIP utilizes a company's existing Internet connection to send faxes, creating a much more secure channel than traditional faxing or email. Service providers like FaxCore protect message transmission by utilizing back-end encryption techniques to ensure only the recipient is able to read sensitive messages. Messages transmitted with fax-over-IP reside on an organization's dedicated server and are also protected by encryption, making FoIP the safest way for businesses to communicate.
Enhance enterprise communication, collaboration and compliance efforts with a proven FoIP solution from FaxCore. Contact FaxCore today to learn more about their 'Partly-Cloudy' fax solutions.