Tuesday, April 28, 2026
Home Blog Page 137
AI cybersecurity guidance for small businesses

Know where your business is exposed, what matters most, and what to fix first.

CyberExperts gives small businesses AI-generated cyber checkups, practical recommendations, and recurring cyber hygiene monitoring — without enterprise consulting complexity.

Get an AI Cyber CheckupSee how it works
AI Cyber CheckupIdentify likely weak points and get a prioritized action plan.
Recurring MonitoringStay current with updated cyber hygiene guidance over time.
Built for SMBsPractical recommendations for real-world small business setups.

Most small businesses know cybersecurity matters. Very few know what to fix first.

CyberExperts turns cybersecurity confusion into a practical action plan. Instead of vague fear, generic checklists, or expensive consulting, you get AI-generated guidance focused on likely risks, weak spots, and the most important next steps.

How it works

1. Tell us about your businessShare your team size, tools, email setup, device practices, and current security habits.
2. CyberExperts analyzes your setupOur AI reviews likely weak points, common risks, and practical cyber hygiene gaps.
3. Get a prioritized action planReceive clear next steps in plain English — focused on what matters most.
4. Stay current with ongoing monitoringAdd recurring cyber hygiene monitoring if you want updated guidance over time.

Start with a checkup. Continue with monitoring.

AI Small Business Cyber Checkup

A one-time AI-generated assessment that identifies likely weaknesses, highlights the biggest issues, and gives you a practical action plan.

  • Likely weak points and avoidable risks
  • Top-priority recommendations
  • Plain-English next steps
Start Checkup

AI Cyber Hygiene Monitor

A recurring cyber hygiene subscription that updates your recommendations, flags likely weak spots, and helps you stay current over time.

  • Recurring reassessment
  • Updated recommendations
  • Refreshed priorities over time
See Monitoring

What CyberExperts does — and does not do

Done by AICyberExperts is built as an AI-delivered cybersecurity guidance product.
For small businessesDesigned for operators who want practical guidance without enterprise complexity.
Not a magic guaranteeIt helps identify likely risks and prioritize what to fix first.
Recurring option availableContinue with ongoing Cyber Hygiene Monitor updates over time.

See your biggest cybersecurity gaps in plain English.

Start with an AI Cyber Checkup and get a practical view of what to fix first.

Get an AI Cyber CheckupView Monitoring

Cybercrime rates surge during the COVID-19 pandemic

Donald Korinchak, MBA, PMP, CISSP, CASP, ITILv3
-
0
Cybercrime rates surge during the COVID-19 pandemic

Cybercrime rates surge during the COVID-19 pandemic.

Coronavirus has influenced almost every area of our lives. It’s mostly visible in business as restrictions make it harder every day for people to do things as they have always have done.  To avoid losing money, they change the ways they operate.

Unfortunately, this also means that they face new threats, some of which they aren’t prepared for.

During the pandemic, many of us are forced to stay at home. Thus, companies need to allow their employees to work remotely to survive. For many, this is the first time working away from their office. Such a huge change means not everyone will adapt, which creates a perfect opportunity for cybercriminals.

Cybercrime rates are increasing.

According to an INTERPOL report, during just one four-month period between January and April, there were over 900,000 spam messages sent, 737 malware-related incidents, and almost 50,000 malicious URLs related to COVID-19. Because of its international nature, criminals can use it anywhere in the world and still expect results, whether it’s by phishing or other activities that they use to deceive you.  But, dangers aren’t limited to fake links.

Working from home is less secure.

Because many of us have switched to working from home, we often find ourselves using less secure networks than those at our regular places of work. The laptop your employee gave you most likely has good antivirus software installed, but, unfortunately, it’s often not enough to stop those with malicious intentions from stealing whatever’s on your device.

Man-in-the-middle attacks

The way you access the Internet is through a router. It’s that device that ultimately connects to the Internet and exchanges data with your computer. There’s a common way to take advantage of the way this system works, called a man-in-the-middle attack, where a cybercriminal places themselves between you and the router, intercepting everything you send or receive, including but not limited to the websites you visit, files you download and, most importantly, your passwords.

But I’m safe

You may think that you’re protected from those kinds of attacks, but you most likely are mistaken. If you have antivirus software, it won’t protect you from people intercepting your connections. That’s because those attacks are different and therefore require a different kind of protection that you most likely don’t use. What’s even worse is that you’re not alone as many people forget about this crucial aspect of cybersecurity.

There are no safe networks.

You may think that your network is secure. It’s probably true at your workplace where the IT staff are continually working to ensure safety. However, at your home or a coffee shop, there isn’t anybody to check it, and therefore, those networks remain vulnerable. It’s especially true in public places where virtually anyone can access the network, thus gaining full access.

How to protect yourself?

The way to protect yourself from man-in-the-middle attacks would be to do something with your data so that it doesn’t go directly between you and the router where it can easily be intercepted. Luckily, there’s a tool that does just that, and it’s called a virtual private network. You’ve probably heard about it as it’s been getting more and more popular recently. Still, many people have no idea how it works, let alone use it.

What’s a VPN?

A VPN, or a virtual private network, is a piece of software that connects you to a server that can be located anywhere in the world. Through that server, you connect to the Internet, meaning there’s no way the data you send or receive can be intercepted. Although it works exactly as your local network does, the information is not visible to anybody who places themselves in the middle of that connection, making it fully secure.

How do I start?

If you’d like to protect yourself from this type of threat, a free safe VPN is the best choice. We’re living in the era of the Internet, so there are multiple options you can pick from. What differentiates them is how much data they allow you to send or receive, how many servers you can connect to and where they’re located, and, most importantly, whether you have to pay for the software.

The bottom line

While having your data stolen through a wi-fi network sounds scary, there’s a simple way to stay safe from those kinds of attacks, and you can do it absolutely for free. We encourage you to protect not only yourself but also others by installing VPN software on your device. Even if you don’t need it now, it may turn out to be useful someday, so it’s always a good idea to keep it on your machine.

21 Top Hacking Extensions for Chrome

George Mutune
-
0
21 Top Hacking Extensions for Chrome

Hacking extensions for Chrome permit security professionals to use the browser as a security tool. Modern web browsers have a robust architecture and can be unlocked to provide spectacular functionalities.

Google Chrome is one of the most popular browsers globally, mainly due to its clean interface and lightweight. It is designed with various features that result in a faster and more comfortable browsing experience. Chrome browser supports extensions or add-ons that assist users in enhancing the browser’s functionality. The browser currently supports thousands of extensions that directly add useful tools, eliminating the need to install them separately. Some of Chrome’s extensions allow the browser to be used as a security tool for ethical hacking and penetration testing. Users can download and install most of these programs for free.

Here is a comprehensive list of the most popular hacking extensions for Chrome.

1.  Tamper Data

Tamper Data Hacker Extensions for Chrome

Tamper Data extension is a hacking extension for Chrome that enables Chrome users to monitor or modify HTTPS, HTTP, or other browser responses and requests not visible to the user. Most ethical hacking techniques are based on fuzzing, which requires professionals to modify or change requests and inputs.

The Tamper Data extension provides such functionalities. It is an essential tool that supports ethical hacking processes through the Chrome web browser.

2.  Wappalyzer

Wappalyzer Hacking Extensions for Chrome

When performing a penetration testing exercise on a web application, a security researcher must gather information regarding the application’s hardware, domain, software (e.g., the current version of the operating system), and its current version.

The information-gathering process is also known as banner grabbing. It assists in leveraging the advantages of the Common Vulnerabilities and Exposures (CVE) database.

The Wappalyzer chrome extension extracts essential information regarding a web application to facilitate a penetration testing exercise. It is available for use in Google Chrome browsers. Other similar extensions include IP Address and Domain Info, and Firebug.

3.  Proxy SwitchySharp

Proxy SwitchySharp Chrome Extension

All ethical hackers appreciate the essence of a reliable proxy. Proxy SwitchySharp Chrome extension is useful as it provides the proxy and other advanced features for technical users and ethical hackers.

The extension contains a tab switching proxy feature that changes the proxy configurations depending on the requested URL. Essentially, this means that hackers can use multiple proxies for different websites simultaneously without the need to handle the proxies manually. The extension is designed for Chrome browsers only. A similar proxy extension is FoxyProxy.

4.  D3coder

d3coder hacking extension

D3coder Chrome-based extension uses various encryption standards to decrypt and encrypt hashes and texts instantly. The extension utilizes a dictionary to crack some of the common hashes.

Also, D3coder extension supports decoding and encoding, with an example being base64 encoding. It is a useful tool for ethical hacking since hackers always require to decode and encode hashes and keys instantly.

5.  HackBar

Hackbar hacking extension

HackBar provides web pen testers with an intuitive interface and ease of access. The extension offers a user-friendly space for fuzzing URLs and inputs and is therefore used for ease in XSS, SQL, and other types of attacks.

The HackBar extension assists in hash generation, XSS queries, decoding, encoding, and SQL functions other than an interface. Moreover, the extension helps users easily copy, read, and request URLs, such that the users can quickly test or pen test a web application.

6.  Open Port Check Tool

Chrome Open Port Check Hacking Tool

As the name indicates, the Open Port Check Tool is one of the hacking extensions for Chrome that helps hackers detect if a computer has any open ports. The extension alerts users to turn off all unused ports to reduce the possibility of an intrusion.

Therefore, it plays a critical role in pen testing since professionals can identify vulnerable, open ports. Open ports are a security threat since they invite malicious adversaries to exploit underlying vulnerabilities. Easy detection of unused open ports ensures they are shut down to enhance computer security.

7.  Bishop Vulnerability Scan

Bishop Vulnerability Chrome Extension

The Bishop Vulnerability Scan extension is used to scan for vulnerabilities in a website. Ethical hackers use it to check a website for common vulnerabilities, such as unsecured version control systems, child and parent directory transversal on the targeted website, and misconfigured files.

The extension runs in the background and automatically checks a website for basic vulnerabilities. Bishop Vulnerability Scan Tool is mainly designed for testing purposes and can also be used in an authorized site to scan other websites.

A similar extension is HPP Finder, often used to scan for HTTP Parameter Poisoning (HPP) exploits.

8.  Penetration Testing Kit

Penetration Testing Kit Hacking Tool

The Chrome-based Penetration Testing Kit contains a bundle of useful pen testing exercises for professional, ethical hackers. The extension provides an interface through which users can view and send responses and request information.

Furthermore, it allows ethical hackers to build their requests and use them for XSS, SQL injection, and other similar vulnerability types. Hackers accomplish this by using the tool as a request builder and viewing the resulting responses.

9.  Note Anywhere

note anywhere hacking tool for chrome

The first step in most ethical hacking exercises is gathering advanced and essential information about the targeted website or web application. Ethical hackers often use various word processors to collect and save data and quickly load when necessary.

Note Anywhere Chrome extension permits the hackers to gather, load, and save the ethical hacking information quickly. It lets users write anywhere on the site in question and bring back the notes when they revisit the website or whenever needed. Besides, the extension shows the notes created from information gathered on a specific web page. It contains other functionalities that help users export, import, and share the notes for further usage.

10.  Site Spider, Mark II

Site Spider Hacking tools for Chrome

Site Spider, Mark II chrome extension is an updated version of Site Spider extension. The tool equips users with the capability to crawl entire websites and follow all web links. Site Spider, Mark II uses the data collected during crawling to develop a table listing all identified URLs. It includes the URLs’ MIME types and HTTP status code.

The extension runs on the client-side using the Google Chrome browser and utilizes user authentication to access all of the website’s web pages. However, users can stop or pause the extension or restrict its depth using regular expressions.

Besides, an ethical hacker can use the extension to locate broken links and inform the client. The extension also helps determine whether a target website contains vulnerabilities that can lead to adversarial exploitations and sensitive information theft.

11.  Cache Killer

casche killer hacking extension

Although Cache Killer is not used for any hacking activities, it is an essential Chrome extension for ethical hackers. White-hat hackers tend to open numerous tabs when performing an ethical hacking exercise. Subsequently, the tabs may rapidly fill up the browser cache, resulting in various issues when users attempt to view a web page.

Installing the Cache Killer extension permits ethical hackers to work more efficiently and quickly since it clears Chrome’s cache automatically before opening a new page. It is easy to use since users can disable or enable it at a click of the button.

12.  Request Maker

Hackers find the Request Maker extension useful when conducting fuzz tests to detect security vulnerabilities and coding errors. Employing the fuzzing technique requires users to alter requests and inputs. The Request Maker tool simplifies the process since it is designed as a core pen-testing tool.

It enables users to create or capture webpage requests, use the POST data to create new headers, and modify the URL. Although the extension captures requests done using XMLHttpRequests and HTML forms, it is possible to bookmark the requests.

13.  Proxy SwitchyOmega

Proxy SwitchySharp Chrome Extension

The Proxy SwitchyOmega extension is a successor of the Proxy Switchy, SwitchyPlus, and SwitchySharp tools. Hackers use the extension to hide their IP addresses whenever they perform a penetration testing exercise.

The tool allows pen testers to switch in between proxies effortlessly and quickly. It contains an Auto Switch feature through which users can use a URL to configure automatic proxy-switching. As such, it makes it easy to use multiple proxies for different websites concurrently.

14.  iMacros for Chrome

iMacros for Chrome Hacking Extension

iMacros for Chrome extension is the perfect tool for users seeking to automate repetitive processes. Performing a wide range of website or webpage testing, including recalling passwords and filling out various web forms, requires pen testers to complete numerous repetitive tasks.

iMacros for Chrome enables users to record macros to be used later or share with others. The plugin has general features applied in web transaction monitoring, performance testing, and regression testing. Users can opt to combine it with other testing and web development tools.

15.  Form Fuzzer

Ethical hackers use the Form Fuzzer Chrome extension to populate predefined objects into various form fields. The tool also allows users to select radio buttons, items, and checkboxes in forms.

It contains a configuration menu through which users can access and manage the extension’s settings. It is useful in testing forms as users can configure the payloads for forms and rapidly populate the payloads. Hackers find it efficient for performing SQL injection and XSS attacks.

edit this cookie hacking extension for chrome

Cookie Editor is a handy Chrome extension that permits users to edit browser cookies. Hackers deem the tool to be helpful in hijacking vulnerable cookie sessions. The extension’s features enable users to add, delete, edit, or search cookies. Besides, Cookie Editor allows users to export, block, or protect cookies in JSON format. It contains ads that can be disabled from the tool’s settings page.

17.  XSS Rays

XSS Ray is a nice Google Chrome extension that helps users locate existing XSS vulnerabilities in a website. The tool identifies the method a site uses to filter the code, inspects objects, and scans for injections. Users can use the extension to easily extract, edit, and view forms without destroying them, even if other tools cannot edit the forms. Numerous penetration testers prefer using the XSS Rays extension as a dedicated tool for testing XSS vulnerabilities.

18.  WebSecurify

WebSecurify is a robust web security testing extension used across different platforms. The extension is available for use in other browsers, mobile platforms, and desktops. It is the first web security testing tool designed to run directly from the Google Chrome browser. Pen testers use it to identify URL redirection, XSS, SQL injection, CSRF, File upload, and XSRF vulnerabilities.

The extension contains a built-in web crawler used to crawl and scan all website pages to detect existing vulnerabilities. Although it is not an automatic tool, it lists all possible vulnerabilities present in a URL. Users, however, require to confirm the vulnerabilities manually. WebSecurify pulls various features from its server; hence users should not worry about its database updates.

19.  Port Scanner

The Port Scanner extension adds port scanning functionalities to a Google Chrome browser. Users can use the extension to scan if there are any listening TCP ports. It also analyses a given URL or IP address and scans it to establish the presence of open ports. It is a useful tool for securing vulnerable, open ports to enhance security.

20.  XSS Chef

xss cheff hacking estensions for chrome

XSS Chef is not built like other Chrome extensions since it is developed as a framework. As such, the installation process of the XSS Chef extension is, therefore, different. It is a popular extension that assists users in identifying XSS vulnerabilities present in a web application. It works directly in Chrome and has the following functionalities:

  • Monitoring the open tabs of a victim
  • Executing JS on all tabs
  • Write/read cookies and extract HTML from the local storage
  • Acquire and manipulate a browser’s history
  • Bypass Chrome script sandbox and extensions to interact with page JS
  • Remaining persistent until the entire browser is shut down
  • Conducting further exploits, such as keyloggers
  • Explore a file system using the file:// protocol

21.  Domain and IP Address Information

IP Address and Domain Information Chrome Extension

The Domain and IP Address Information extension is a tool used to gather information to assist users in locating DNS, domain neighbors, routing, geolocation, hosting, search results, ASN, BGP, and DNSBL information of any IP address. It is an essential tool used during the information gathering phase during a penetration testing exercise.

What is skimming in cybersecurity?

George Mutune
-
0
What is skimming in cybersecurity?

What is skimming in cybersecurity? Skimming in cybersecurity refers to cybercriminals’ strategies for capturing and stealing cardholders’ personal payment information. Identity thieves use various approaches to obtain card data. One of the most advanced methods is using a small skimming device designed to read a credit card’s microchip or magnetic strip information. Criminals can execute skimming attacks whenever a cardholder opts for electronic payment methods in a physical location.

Digital skimming methods are also widespread. Often referred to as e-skimming, digital skimming is similar to card skimming. The main difference is that hackers can execute e-skimming remotely and collect card information in real-time.

Why you should be worried

According to the Kaspersky Security Bulletin Statistics of the Year Report, unique malicious objects increased by 13.7% in 2019. Web skimmer files largely contributed to the growth since they registered a 187% rise, reaching a total of 510,000. The web skimmers were also among the top 20 online malicious objects, sitting at position ten.

With the outbreak of COVID-19, most countries enforced lockdowns to contain the virus from spreading. Subsequently, online shopping increased tremendously, and so did credit card skimming. Malwarebytes reported a 26% increase in credit card skimming in March 2020 compared to the previous month. Although there was a small rise of 2.5% in web skimming blocks from January to February before the 26% increase in March, Malwarebytes holds that the trend will continue rising in the coming years.

Credit card skimming accounts for 30% of all data breaches targeting retailers. Attributing nearly a third of retail data breaches to credit card skimming signifies how widespread the vice is. The situation worsens since at least 60% of websites lack HTTPS security, leaving credit card information exposed to e-skimmers. It is also vital to note that of the reported credit card skimming attacks, 87% target self-service stations like petrol stations.

What is skimming in cybersecurity? – The 4 types

Credit card skimming

Debit and credit card skimming occurs in different forms. These include:

1.  Hand-held point of sale skimming

Similar to other types of attacks, insider threats are the most common in skimming schemes. A hand-held skimming method is where an insider, such as a waiter or store clerk, uses a skimming device to copy credit card details. Cybercriminals mostly employ the tactic in retail establishments. An adversary only requires to swipe the credit card in a skimming device to capture the information stored in the magnetic stripe. The information can be downloaded later for use in malicious activities. With skimming devices being small, adversaries can conceal them easily, making hand-held POS skimming common.

2.  POS swaps

POS swaps are prevalent skimming methods in cybersecurity. The process entails fraudsters replacing a secure POS device with one whose protection features have been compromised. Also known as POS device tampering, a POS swap attack occurs once adversaries tamper with a POS and PIN entry device. Cybercriminals usually steal the devices from specific retailers and manipulate them by infecting them with malware or placing a small skimming device in the terminal software. A fraudster then returns the compromised devices and waits for the skimming devices to copy and collect card data from all customer transactions. The cybercriminals wait for an opportune time and come back to replace the skimming devices and steal the copied card data.

3.  Self-service skimming

Criminals execute self-service skimming attacks on self-service terminals, such as ATMs, gasoline pumps, and other similar terminals. Cyber adversaries usually pose as technicians to gain easy access to the service terminals and install a skimming device. The fraudsters install the devices inside the terminals’ enclosures such that they cannot be detected from the outside.

Attackers then connect the devices directly to the service terminals’ card readers and keypads such that they copy all card PINs and data once a user swipes them. Some criminals use advanced skimming devices to relay the copied information through wireless technologies, such as Bluetooth, to a computer hidden in a close location. Other fraudsters enhance their methods by installing pinhole-sized cameras in strategic locations to collect PIN information as soon as a customer enters it. Card data and PIN details provide criminals with enough information to compromise credit cards and use them nefariously.

4.  Dummy ATMs

Despite not being common today compared to yesteryears, dummy ATMs pose significant threats to the cybersecurity industry. Dummy ATMs resemble actual entry-level and smaller ATMs, usually purchased online, but do not dispense any cash. Criminals use dummy ATMs for the sole purpose of collecting card PIN details and data. Cyber adversaries set up the dummy ATMs in high-traffic areas to trick more people into inserting their cards.

E-skimming

Security researchers recently discovered e-skimming, which is a new skimming threat in cybersecurity. Compared to the pervasive skimming schemes, where attackers usually place skimming devices in physical POS systems and later collect the copied data, e-skimming can be done remotely. The difference permits e-skimmers the ability to pull off the attack from any part of the world.

E-skimming occurs when a cybercriminal inserts malicious software into a retailer’s website and uses it to steal credentials. It is harder to detect since it does not involve the tampering of a physical facility. Customers may perceive that they are checking out using their debit or credit cards, whereas hackers use malicious software to steal payment information in real-time. Attackers use the stolen information for harmful reasons or sell it to multiple criminals on the dark web. The website owner can only discover an e-skimming scheme through an investigation.

An e-skimming campaign usually involves several hacking groups that collaborate in developing strategies for targeting vulnerable websites. Hackers compromise website security by hacking into the site’s web server or breaking into a web server used to support multiple websites. The attackers then introduce a malicious skimming code in websites with exploitable vulnerabilities.

A malicious script known as Magecart is involved in all e-skimming attacks; hence the attacks are referred to as Magecart Attacks. Hackers commonly introduce the Magecart script by hacking administrative control or using phishing methods and places the code using compromised accounts. Besides, cybercriminals can hide the malicious skimming code in a website’s JavaScript to compromise third-party suppliers. Compromising third-party suppliers provide hackers with instant access to thousands of victims. The Magecart skimming script captures user account and credit card information and sends it to a specified server.

Recent e-skimming cases

1.  Macy’s

Macy’s, a U.S. department store chain, was the victim of a Magecart script attack in October 2019. The store released an official statement that revealed that attackers had installed the malicious script on two pages of its official website; checkout page and macys.com. The malicious code collected customer card information, such as credit card numbers, expiration dates, addresses, customer names, phone numbers, and card verification codes.

2.  Puma

Puma’s Australian was a victim of the Magecart malicious script. According to Willem de Groot, a security researcher, the hidden code skimmed the credit card details of all customers who used the website for online shopping during the checkout process. The stolen information included credit card names, numbers, and customer addresses, transferred to a remote server in Ukraine.

3.  British Airways

British Airways was a victim of the same malware, and the incident saw the theft of more than 380,000 credit card details. Hackers had injected the malicious code on the company’s global website and scraped various credit card data. The stolen information included billing addresses, names, bank details, and names.

Skimming and identity theft

Identity theft often entails chipping away a victim’s digital identity as opposed to being a single incident. Skimming in cybersecurity permits criminals to access hard-to-get digital information, such as login credentials, emails, bank accounts, and social security numbers.

Card skimming breeds identity skimming since attackers typically execute independent incidents using different methods and malware. A successful skimming attack gives fraudsters enough time to maliciously use the credit card information before the owner or bank notices the fraudulent activities. Although cardholders may be lucky enough to get a refund of the misused funds, the damage is usually irreparable.

For instance, card skimming provides criminals with access to the encoded information, including the cardholder’s CVV number, country code, expiration date, card number, and full official names. Fraudsters can use the information to commit various crimes or sell them on the dark web. Besides committing nefarious actions, cybercriminals can use a skimmed card to get a timestamp of all the cardholders’ activities and locations. As such, skimming not only compromises the security of the victims’ identity, but it also threatens their privacy.

Card skimming leads to the theft of vital identity information. Cybercriminals often withdraw all funds before the owner discovers, others create clone cards and disperse them to be used for calculated fraudulent activities, while others play a waiting game. The waiting game is where fraudsters make small and infrequent cash withdrawals or purchases to avert detection among the cardholders or banks.

Recently implemented skimmer laws require victims to report skimmers within 24 hours of discovery, but law enforcement agencies will not share the skimmer locations. As such, card users seeking to prevent potential skimmer fraud are left vulnerable to instances of identity theft. Therefore, the most effective way of preventing identity theft through skimming is to closely monitor card statements to flag unaccountable or suspicious card activities.

Who is at risk the most?

All e-commerce websites that lack sufficient security systems are at risk of being a victim of skimming attacks. Hackers evolve and use new attacking methods frequently to realize a higher success rate. Websites that lack the latest security controls are vulnerable to skimming incidents.

A recent report showed that 1 out of 5 Magecart-infected stores is re-infected within several days of the initial infection. It is essential to clean infected systems and mitigate or patch underlying vulnerabilities to prevent a re-infection. Otherwise, evolving threats could easily lead to re-infection. Additionally, open-source applications like Magento are vulnerable to skimming attacks unless they are frequently patched.

Measures for curbing skimming in cybersecurity

Account monitoring

It is essential for cardholders to routinely monitor their card and bank accounts to identify suspicious transactions. Consumers typically have a window of time to dispute unaccountable charges if they become victims of an e-skimming campaign. Stolen card credentials can be used or sold to other criminals, and reporting abnormal card usage behavior shields cardholders from accepting the responsibility of illegal usage of the card information.

Prioritize low-limit cards

Cardholders should ensure they use low-limit credit cards when making online purchases and transactions. A low-limit card provides the option of restricting the maximum amount charged on the credit card. If a hacker pulls a successful e-skimming attack, a low-limit card can minimize the damage a criminal can do on a stolen card. As such, it is easy to establish if the credit card information has been compromised, depending on card usage.

Pre-plan online shopping

It is a recommended practice for a consumer to plan what to purchase and from which online retailers. While pre-planning assists consumers to stick to their shopping budgets, it plays an essential role in preventing users from being lured into accessing numerous online accounts. Purchasing items from multiple online stores spread the credit card information from one website to another, increasing the possibility of encountering an e-skimmer. Limiting online shopping locations reduces the risks of a consumer becoming a victim of an e-skimmer.

Shop from trusted websites

The more trusted an online retailer is, the higher the possibility that the retailer has implemented robust security protocols to protect card information. Also, consumers should only shop from secure websites. Secure websites implement SSL certificates, which encrypt the information exchanged between a client and a server. Websites with security encryption protect card information from e-skimming practices.

Top 6 Reasons Why is Cybercrime Expanding Rapidly

George Mutune
-
2
Top 6 Reasons Why is Cybercrime Expanding Rapidly

Hackers do not discriminate between big or small enterprises, which is a reason that answers the question, why is cybercrime expanding rapidly. The rise of data breaches, ransomware attacks, and cyberterrorism incidents is unprecedented. Recent publications of high-profile attacks are a testament that adversaries are unrelenting in their malicious intentions. For example, malware variants, such as ZCryptor, Petya, and WannaCry, have caused untold reputational and financial damage to organizations all over the world.

As cybercriminals leverage emerging technologies to advance their malicious campaigns, companies are increasingly exposed to cybersecurity threats. Moreover, digital innovations are being applied in critical sectors on a large scale. In turn, hackers have exploited digital technologies’ opportunities to gain high payoffs from the proceeds of cybercrime. The rapid expansion of cybercrime requires organizations to implement stringent precautions to eradicate vulnerabilities that can cause attacks. Various reasons have led to the rapid increase of global cybercrime.

Common Types of Cybercrime

Cybercrime consists of all activities that use or target a networked device, computer network, or any I.T. infrastructure. Cybercriminals use computer technologies to commit illegal actions, such as stealing user identities, violating personal privacy, or trafficking in intellectual property and child pornography. They exploit security weaknesses in digital systems to attack information assets via the Internet.

The following are some of the most popular types of cybercrime:

1. Identity theft

Identity theft is a scam practice where criminals use the identification credentials of another person for malicious reasons. For example, hackers may gain unauthorized access to a person’s banking account or credit card information and use it to steal funds or make purchases using the owner’s identity.

Although the identity theft concept has been around even before the Internet advancements, the increased use of digital information makes it easier for adversaries to steal a victim’s identity. Identity theft crimes are prevalent in various online deals and often come in forms like ad pop-ups, spam emails, and phishing attacks.

2. Phishing scams

Cybercriminals use phishing attacks to trick victims into revealing sensitive information, such as passwords, bank account information, social security number, and other personal information types. Phishing scams have proved to be highly effective since criminals require minimal resources to execute the attacks.

Hackers can create a phishing website, which mimics a real website to trick users into providing sensitive information. Criminals may also send email messages in bulk containing links to malicious websites or attachments, hoping that users will click them.

3. Malware attacks

Malicious cyber actors use malware attacks to infect a computer network or system with viruses, trojans, ransomware, and spyware. Malware is any program developed to harm a computer. A malware infection can enable cybercriminals to compromise an organization and steal highly confidential information, such as intellectual property and competition strategies.

One of the most popular types of malware is ransomware. This attack enables a cybercriminal to lock a victim’s computer systems and only provides a decryption key after paying a ransom. An example of a ransomware attack is the global WannaCry attack. Cybercriminals infected thousands of computer systems across the world.

4. Distributed Denial of Service (DDoS) attacks

Cyber adversaries use DDoS attacks to take down organizational networks and computer systems. Hackers target a company with an overwhelming amount of network traffic to prevent authorized users from accessing or using the network resources. DDoS cybercrimes overwhelm a computer system using standard communication protocols for spamming the system with numerous connection requests.

Cybercriminals often deploy the strategy in cyber-extortion schemes, threatening a DDoS attack unless they are paid a certain amount of money. Malicious actors may also use DDoS tactics as a distraction while they commit other types of cybercrimes. A recent example is the 2017 DDoS attack that impacted the U.K. National Lottery Website. The unavailability of the lottery’s mobile application and website prevented online users from playing.

Recent Cybercrime Statistics

There has been an unprecedented increase in cybercrime threats in recent years. Despite this, many people and organizations fail to take cybersecurity seriously, with individuals using common credentials to secure their accounts and devices while others use devices with inadequate security.

The following cybercrime statistics indicate the severity of the cybercrime threat:

1.  There is an attack every 39 seconds: A University of Maryland study revealed a computer attack occurs every 39 seconds. The adversarial incident could be in the form of a phishing attack, malware attack, or direct hacking.

Live Cyber Threat Map

Screenshot: A live threat map showing more than 27 million attacks have occurred in a single day (Source: Check Point Software Technologies)

2. 78% of U.S. organizations have been victims of attacks: Most hackers target companies that process personal or financial information due to monetary gains. Financial motivation is among the reasons why cybercrime is expanding rapidly. Cybercriminals usually go for small- and medium-sized enterprises.  They often lack the resources to implement robust cybersecurity measures. Such businesses are the majority and, therefore, form the majority of the victims.

3. There has been a 54% increase in mobile malware variants: The increase of mobile malware indicates how cybercriminals have continually enhanced their attack techniques. An increase in the usage of mobile and IoT technologies has seen malicious adversaries develop newer sophisticated malware variants.

4.  63% of businesses have been victims of data breaches: A Dell survey found that the data of 63% of companies were compromised due to a software or hardware-level security breach. The same survey indicated that only 28% of organizations are satisfied with vendor-implemented security measures.

5.  There was a 14% increase in unique malware programs: According to Kaspersky, its web antivirus solution detected 24,610,126 unique malware programs in 2019, a 14% increase from 2018. The sharp rise of malware advancements subjected almost 20% of internet users to various malware attacks.

Why is cybercrime expanding rapidly? The 6 reasons

1. An unprecedented rise of cyber-stuff

The prefix cyber has become common in virtually all crimes involving digital technologies. We have become accustomed to words like cyberwar, cybercriminals, and cybercrime. Therefore, it is vital to stop perceiving cyber-related attacks as sophisticated concepts and instead think of them as crimes hackers commit through easy tactics.

Today, it is much easier to steal personal information or compromise the security of a company remotely. Numerous automation tools with A.I. and ML capabilities have advanced, enabling criminals to commit cybercrimes without the need for high skills or technical expertise. The tools are readily available on the dark web for a small amount of money. Anyone with trivial technical inkling can easily find and use them. As a result, there have been higher levels of cybercrime compared to yesteryear.

2. The Internet architecture

The Internet infrastructure’s original architects focused more on durability and stability and gave little thought to security. They were not security-conscious when designing and building network infrastructure. Besides, the architects never thought that the Internet would provide a platform for transmitting millions of dollars or information worth a lot more than it is today.

As the Internet advanced to become more of a social and commercial space than for academic purposes, measures to make it more secure continue to be developed. Nevertheless, most of the underlying design depends on insecure transportation methods that can be hijacked with ease.

Cybercriminals have continued to exploit the security shortcomings to carry on their malicious campaigns. The Internet has also become central to most vital processes, including controlling critical assets and infrastructures. Hackers continue to capitalize on the Internet’sInternet’s insecurity to rump up attacks, resulting in the continued rise of cybercrime.

3. The role of hackers in information security

Most people today are paid to be professional hackers, professionally known as security researchers or ethical hackers. Their roles include enumerating security vulnerabilities in information systems and creating tools for demonstrating and detecting the flaws. The researchers then release the tools to the general public, most of which end up in malicious individuals’ hands.

Many cyber criminals use legitimate hacking tools to compromise systems and steal sensitive information. Also, other black hat hackers develop similar tools to facilitate the expansion of cybercrime activities. Since hackers have become more experienced and continuously gain access to newer technologies, there has been an explosion of hacking tools. Therefore, the cyberspace and information security field has become a race between the adoption of protective technologies and advancements of hacking tools and processes. The result is a rising wave of cybercrime.

4. Companies are slower in adopting strong security.

The reality of the current cybercrime landscape is that most companies don’t deem it profitable to overhaul their security systems unless the need arises. Profit-minded organizations usually hold off redesigning their security systems until they suffer an attack or their customers demand better security. A prime example is where Facebook failed to implement secure sessions until its CEO, Mark Zuckerberg’s account was hacked. Facebook only took user security seriously once the company deemed it as a personal problem.

Many other companies have the same security approach. Some may be aware that their systems or networks are insecure or vulnerable but fail to remedy time issues. Furthermore, most private and public entities have poor security practices, which further contributes to the continued rise of cybercrime.

5. Targeting people

For the longest time, humans have been the weakest link in the cybersecurity chain. Many computer users and company employees are untrained on the best security practices and secure system usage. While numerous users focus on security and software tools to detect and eliminate malware, cybercriminals have channeled their efforts on humans.

Most of the successful attacks begin by tricking unsuspecting victims into clicking on malware-laden attachments and websites. Cyber adversaries are adept at exploiting human trust through social engineering methods and other similar scams. Tricking users to volunteer information, such as passwords, banking details, healthcare information, and personal data, has caused cybercrime to rise significantly.

6. Internet of Things (IoT) proliferation

The current global IoT market is valued at $82.4 billion and is estimated to register a compounded annual growth rate of 21.3% between 2020 and 2028. IoT comprises devices that can connect to the internet. Each IoT device represents an attack surface, and the high usage of IoT systems has contributed to the rise of cybercrime.

Many businesses permit employees to use IoT devices since they are known to enhance productivity and streamline crucial operations. With so many endpoints introduced to a network, hackers can easily detect a vulnerable device and exploit it to commit a cybercrime. Besides, IoT systems are increasingly being used to control critical infrastructure and factory operations, thus attracting more adversaries. Vendors are also racing to release the most products due to the large market. The rush to outdo competitors causes manufacturers to include security as an afterthought, resulting in devices with exploitable vulnerabilities.

How can businesses protect themselves?

Since cybercrime is expanding rapidly, businesses should take proactive measures to protect themselves. The following recommendations can help in reducing cybercrime levels:

  1. Regularly update software: Updating software and operating systems regularly deny cybercriminals the opportunity to exploit vulnerabilities. Patching security flaws make one a less likely target, which is essential to lowering cybercrime.
  2. Outsource security services: Outsourcing security is the best strategy for small- and medium-sized businesses that lack the resources to strengthen their cybersecurity posture. Managed service providers have access to the latest and most effective security practices, tools, and professionals. Outsourcing security reduces cybercrime significantly.
  3. Protect against identity theft: Using VPNs in a home or corporate network can help prevent identity theft. It is essential to securely share personal information and passwords to prevent cybercriminals from intercepting the communication.
  4. Normalize training: Cybersecurity training and awareness should be a common occurrence for businesses and individual computer users. Being conversant with the best security
  5. Use robust antivirus/antimalware tools: Antivirus software programs enhance cybersecurity since they detect and eliminate harmful programs. Users must ensure to update the antimalware solutions regularly to gain access to the latest threat definitions.

Top 9 End-User Guidelines for Password Security

George Mutune
-
0
Top 9 End-User Guidelines for Password Security

End-user guidelines for password security can keep you out of trouble and even save your reputation and job.  Passwords remain a popular security control for authenticating and authorizing access to online resources.  But if you do not follow proper end-user guidelines for password security, you are at serious risk.

There are many strong opinions on password security, as there are possible passwords. Different enterprises draw different lines between acceptable and unacceptable behaviors in password security. Users can consider a range of best practices when using password-secured systems.

Importance of Password Security

Passwords are in use everywhere as a form of authorization mechanism. Meanwhile, the world of security keeps evolving. What enterprises consider secure today deprecates and gets compromised tomorrow. Passwords remain a weak link and a source of a wide range of cybersecurity vulnerabilities.

Today, there is an increasing new wave of phishing attacks aiming to dupe users and steal their passwords. Password stealers hit individuals when they download malicious documents in phishing emails that have affected tens of millions of people. Besides, hackers deploy browser extensions and other malicious programs to hunt login data that grants them access to multiple systems and applications a victim is attached to.

As a result of these attack trends, users and system developers must stay knowledgeable about password security best practices and trends.

Everyday Password Mistakes Users Make

  • Password Reuse

Despite heightened awareness of password security, many users continue to reuse passwords and rarely change them. Though 91 percent of end-users profess to understand the risks of using the same access credentials across multiple accounts, an online security survey by Google in partnership with Harris Poll found that password reuse is still a common practice. Fifty-two percent of users reusing the same password for multiple accounts. Only 35 percent use a unique password for all accounts. Surprisingly, 13 percent of end-users reuse the same password for all their accounts.

Microsoft analyzed a database of three billion publicly leaked credentials to identify users who reused passwords. Their assessment revealed that 44 million Microsoft users reused login data in the first three months of 2019. Once a third-party service experiences a data breach leading to the loss of users’ credentials, it inadvertently puts other accounts at risk, even in situations where an individual used a complex password.

  • Use of Default and Easily Guessable Passwords

Default and easy-to-guess passwords, such as 12345, admin1234, have resulted in personal and corporate account compromises lately. A recent SplashData’s Worst Password list drawn from more than five million stolen passwords revealed that the top two worst and most popular passwords were “123456” and “Password.” Other usual suspects in the list include “qwerty,” “football,” and “iloveyou.”

The Payment Card Industry Data Security Standard (PCI DSS) encourages end-users to avoid using vendor-supplied defaults for passwords and other security parameters.

  • Failure to Change Passwords Periodically

Failure to change passwords is a gloomy issue in password security. A recent survey found that 53 percent of end-users confess to not changing their passwords in the past 12 months, even though they were aware of the risks. Six in ten of the respondents polled rarely change their password over time. Funnily enough, 15 percent of end-users say they would instead do a household chore, while 11 percent would rather sit in traffic than change their passwords.

However, as NIST recommends, organizations should use the widely adopted practice of regularly changing passwords sparingly. The argument against shorter periods of changing passwords lies with the human trait to select a password sequence or patterns to ease the workload of remembering complex passwords every once in a while. The Payment Card Industry Data Security Standard (PCI DSS) requires that passwords must expire every 90 days.

  • Using Names of People, Places, Pets

End-users should avoid using passwords that reflect the name of people, pets, date of birth, or their addresses. Hackers can research a victim and discover the personal details online, which they use to guess login data. Even slight variations of such names do not guarantee reliable password security.

End-User Guidelines for Password Security

Password security neglect creates massive cybersecurity risks and undermines the overall cybersecurity posture for an enterprise or individual.

  • Password Length and Composition

A secure password should contain at least eight characters in length, including upper and lowercase alphabetic characters (A-Z, a-z), numerical characters (0-9), and special characters. NIST Special Publication 800-63B recommends the following: “Memorized secrets SHALL be at least eight characters in length if chosen by the subscriber. All printing ASCII characters, as well as the keyboard space, SHOULD be acceptable in memorized secrets.” NIST also suggests using passwords up to 64 characters in length.

  • Use a Password Manager

Only 24 percent of end-users use a password manager, despite many admitting they need an efficient method to track passwords. Organizations and individuals must ensure they have appropriate password management tools to enforce password best practices. End-users must ensure that a password manager leverages strong encryption and requires authentication before granting access. A password manager should have a master password and, if possible, a two-factor authentication.

  • Use a Multifactor Authentication

According to Microsoft, a multifactor security measure for user accounts blocks 99.9 percent of all attacks. Currently, MFA bypass attempts are so rare that security teams do not have statistics on this type of threat. NIST Special Publication 800-63B recommends using a multifactor authenticator that requires two factors to execute a single authentication event. Some of the MFA solutions that offer an additional protection layer include a combination of two or more of the following factors:

  1. Something you know – passwords, PIN, code words
  2. Something you have – keys, smartphones, smart cards, token devices, USB drives
  3. Something you are – fingerprints, palm scans, voice recognition, retina scans, iris scans, facial recognition

  • Use Long and Random Multi-Word Phrase as Password

End-users should avoid using a series of words found in a standard dictionary. Instead, end-users should consider using passphrases comprising a sequence of words with numeric and symbolic characters inserted throughout. Passphrases, such as a favorite quote or lyrics with special and numerical characters, are easy to remember for the user and complex for an attacker to crack. Additionally, the use of blank spaces in the multi-word phrase enhances password security.

UK’s National Cyber Security Center (NCSC) recommends using three random but memorable terms in a password to reduce the risk of cybercriminals breaching an account. “Using hard-to-guess passwords is a strong first step, and we recommend combining three random but memorable words,” states Ian Levy, NCSC Technical Director. “Be creative and use words memorable to you, so people can’t guess your password.”

  • Do Not Share Your Password

LastPass survey shows that password sharing is rampant, with 95 percent of respondents admitting to sharing six passwords averagely with other people. Typically, users share passwords with their spouse and children, with the study showing that 76 percent of individuals share their login credentials with their significant other.

End-users seemingly have good reasons for sharing passwords since it enables multiple individuals to access an account. In some cases, employees leave passwords on sticky notes under keyboards to allow co-workers to log into their work accounts in case of an emergency. Managers, similarly, share their login details so they can delegate tasks to other employees. LastPass survey discovered that 61 percent of employees would share a corporate password over a personal one.

The most frequently shared passwords include Wi-Fi, movie streaming, financial accounts, email and communication, social media, work-related, and utilities. Seventy-three percent of users, in all likelihood, will not resent their password after sharing it.

Sharing reused passwords increases the threat a single stolen password poses for business. Avoid sharing passwords with others, including colleagues, friends, and family members. A well-intended password sharing is substantially a security threat to systems and confidential information.

  • Avoid Writing your Login Details Down on Paper

As a rule, end-users should avoid writing down their passwords and storing them in insecure locations. In some instances, it might be acceptable to write the password on a piece of paper to make it available for everyone who is authorized to access the system or a device. However, end-users should only use that approach if no outsiders enter the office or home. More preferably, users should hide sticky notes with passwords. CNET recommends that end-users should keep the sheet of paper in a safe place, like a locked desk drawer or cabinet, and out of eyesight.

  • Do Not Use Automatic Logon Feature

End-users make the task of memorizing multiple account login credentials possible by storing the information in browsers to log them in automatically. However, this seemingly safe shortcut introduces vulnerabilities that hackers can exploit. Using automatic logon functionality on sites and applications negates the value of using a password. If a malicious actor gains physical access to a device with configured automatic logins, they can easily compromise the system and access sensitive information.

Although it might seem a good idea to avoid typing individual passwords every time an end-user accesses an account, the action is like unlocking the front door to a house and leaving it wide open.

  • Proscribe Password Hints

Sites and online accounts use password hints to help end-users remember their login credentials. However, this measure can undermine password security. It is customary for users to set clues that make it easy for them and malicious cyber actors to determine the password. Efficaciously, NIST has outlawed the use of knowledge-based authentication questions, such as what street did you grow up on, which hackers can effortlessly discover online.

  • Use a Password Blacklist

Undoubtedly, hackers can crack user-generated passwords effortlessly using advanced password hacking tools. Fortunately, end-users can minimize their exposure by checking login credentials against a compromised list. For instance, the NCSC publishes the top 100,000 most hacked passwords that users can avoid while signing up on online sites. Third-party password filtering services provide a more comprehensive list comprising of billions of previously compromised passwords. Vendors provide tools that scan Active Directory to find out the accounts using weak or blacklisted passwords.

You can also monitor your passwords to find if hackers have leaked them through a data breach. Mozilla’s Firefox Monitor and Google’s Password Checkup show users which of their email addresses and login details hackers have compromised in a cyber incident.

Beyond any doubt, end-users still do not seem to adopt better password hygiene. Since security experts tie 80 percent of hacking-related breaches to stolen or reused credentials, it is essential to secure passwords. This end-user guideline encourages individuals and enterprises to take password security more seriously to mitigate cyber risks.

What to Do If You Think You’ve Been a Victim of Identity Theft

Oliviah Nelson
-
0

Identity theft is a major problem for many people, and there are several steps you can take to protect yourself. First, you can set up a fraud alert on your credit report. You should also monitor your credit report closely for signs of fraud. Then, you can request copies of any documents related to accounts or transactions that were opened using your personal information.

Preventing identity theft

One of the most important ways to prevent identity theft is to secure your personal information. Identity thieves often find personal information in wallets, mailboxes, or online shopping. You should protect this information by ensuring each household member knows the dangers of sharing personal information online. This is especially important if you have a special needs child.

First, you should notify companies that have access to your financial information. If your account has been compromised, contact your bank, credit card issuer, and the Social Security Administration. They will work to close down any compromised accounts and place fraud alerts. You should also contact your phone and utility companies if you have been a victim of identity theft.

Next, you should contact your creditors to let them know you’ve been a victim. Calling these companies is important as they can help you avoid further losses. You should also close any accounts opened without your permission or whose activity was unauthorized. In addition, you should keep your computer free from malicious computer programs. This will prevent hackers from accessing your private information.

Using a people search site to monitor suspicious activity

Sites that look for people online usually contain information you can use to monitor your identity. For example, you can use a people search site to check for new accounts or transactions opened in your name. These sites can also help you see if any court records are associated with your name.

If you have any new or suspicious activity on your credit report, you should file a police report. This will help you get the information you need to fix the problem.

Adding a fraud alert to your credit report

If you’ve become a victim of identity theft, you can add a fraud alert to your credit report to alert creditors of suspicious activity. This alert will trigger credit reports from all three credit reporting agencies to look for unusual activity. Once added, your alert will remain active for 90 days.

Adding a fraud alert to your credit report is an effective way to protect your social security number and its private account details. You can call the three major credit bureaus or use their online reporting options.

You can add a military-style fraud alert to your credit report if you’re in the military. This will keep companies from sending you offers unless they verify your identity. These alerts last 90 days and can be renewed annually.

Monitoring your credit report for signs of fraud

If you’ve been a victim of identity fraud, monitoring your credit report for signs of fraud is important. TransUnion offers three types of fraud alerts. The first, called the initial alert, will remain on your credit report for one year. An extended fraud alert, on the other hand, will remain on your report for seven years. This type of fraud alert requires additional documentation but can help protect you from future fraud attempts.

If you notice any new or unfamiliar charges or inquiries on your credit report, you should dispute them. This activity will appear on your credit report and may impact your credit score. In 2020, credit card fraud was the second most common form of ID theft, with more than two million victims. The best way to protect yourself from financial fraud is to monitor your bank accounts and credit reports for unusual activity.

When you check your credit report for signs of fraud, look for unusually large amounts of debt and sudden changes in your credit score. Fraudsters may use your name to open new accounts, and they can even file for bankruptcy in your name! This can severely damage your credit score.

Obtaining documents related to fraudulent transactions or accounts opened using your personal information.

If you suspect that your financial information was used to open an account, it is important to obtain the relevant documents. The best way to do this is to contact the financial institution you’re dealing with and follow up in writing. If possible, use a certified letter with the return receipt requested. The financial institution must acknowledge receipt of your letter, and you should keep a copy of it.

Conclusion

If you think you’ve been a victim of identity theft, there are steps you can take to protect yourself. These include monitoring your credit report, adding a fraud alert to your credit report, and disputing any unfamiliar activity on your report. You should also obtain documents related to any fraudulent accounts that may have been opened in your name. By taking these steps, you can help protect your identity and your financial information.

Avoiding Cyber Threats When Dealing With Cryptocurrency

Donald Korinchak, MBA, PMP, CISSP, CASP, ITILv3
-
0
Avoiding Cyber Threats When Dealing With Cryptocurrency

Cryptocurrencies have caught on in a pretty big way over the course of the last several years. However, there are still plenty of people who haven’t bought in, and some of the common reasons for this concern trust and security. From individuals to financial institutions, to governments, there’s a feeling that the supposed inherent security of cryptocurrencies just isn’t reliable. And even where new and emerging cryptos are concerned, there’s little faith that the kinks have been ironed out. Case in point, Facebook’s long-awaited crypto offering already has a trust problem.

All of these concerns are understandable. There are established cybersecurity threats associated with cryptocurrency, from wild value fluctuations driven by disproportionately powerful influencers, to breaches in crypto wallets and exchanges, to relatively common scams (like crypto-jacking and ransomware). And even aside from these, cryptocurrency is new! Even if we assume it’s generally secure most of the time, it’s easy for people to have misgivings about something unfamiliar.

That said, cryptocurrency isn’t an all-or-nothing proposition either. You don’t need to simply decide whether or not you trust it, and let that be that. There are ways to handle and invest in cryptocurrency in ways that protect you from most security threats.

Don’t Pay Unknown Recipients

As mentioned, ransomware is among the common cybersecurity threats associated with cryptocurrency. This is a difficult sort of hack, which traditionally involves the files on a device being encrypted by a malicious entity — only to be unlocked if an untraceable cryptocurrency payment is provided. It’s a sophisticated issue, and one it’s difficult to stop. But there are also less sophisticated scams via which unknown entities will simply ask for cryptocurrency. They may claim to offer a service; they may claim to be in desperate need; or they may claim to have information of yours, effectively attempting to leverage you into supplying a payment. These threats need to be taken on a case-by-case basis, but the easiest way to avoid them is to establish a firm policy of not paying unknown recipients with cryptocurrency. It sounds simple, and it is. But setting this policy in place consciously is still wise.

Invest Without Purchasing

If you’re curious about cryptocurrency from an investment standpoint, but you’re unwilling to trust the various wallets and exchanges at your disposal, you can take advantage of a trading method known as “contracts for difference.” This is a method that allows you to invest in the value of cryptocurrency without ever having to buy, store, or sell it on your own. In short, trading cryptocurrency CFDs is investing in an idea — specifically, the idea of the crypto asset in question gaining or losing value. Without ever holding the cryptocurrency, and thus without exposing yourself to cybersecurity risk, you can set up a CFD with a reliable trading platform and profit simply by choosing the right direction for an asset’s value to move in overtime.

Review Exchanges & Wallets

If you do decide to acquire your own cryptocurrency, either to spend or store as an investment, you’ll have to place some trust in an exchange (where you purchase the cryptocurrency) and wallet (where you store it). Unfortunately, there is no way to fully guarantee that your chosen wallet and exchange will be invulnerable. Issues arise, and in theory, any wallet or exchange could be compromised. However, due diligence is still worth something. By reviewing your options carefully, and reading up on security measures and any past issues, you can reassure yourself that you’re picking the most secure platforms available.

Explore Crypto Debit Cards

As you may have heard, it is now possible to load crypto funds on a debit card, so long as you’re using the right service and a compatible card. This is not a complete workaround of crypto exchanges or wallets, given that you still need to load the cryptocurrency from a digital source. But it’s still a method that some users feel more secure about because they don’t need to access their crypto wallets and conduct direct transfers on a regular basis. Instead, they can simply swipe debit cards to spend cryptocurrency.

There are still some risks associated with these ideas, as there are with most financial dealings these days. But in taking these approaches, it is possible to spend, manage, and invest in cryptocurrency without making yourself vulnerable to the bigger known cyber threats.

(Image: Pixabay)

What Cybercriminals do to Make Money (Top 9)

Joseph Ochieng
-
0
What Cybercriminals do to Make Money (Top 9)

What cybercriminals do to make money is based on an analysis of what works.  Hackers experiment with different types of cybercrime to understand the types of cybercrime that are most profitable.

Most hackers rely on extortion as the primary technique for monetizing their stolen information. Extortion has been a successful form of cybercrime for years. But there are many other ways that hackers can make money besides extortion.  We examine and explain many of these methods.

Some people hack for the thrill, but the primary intent of malicious hacking for financial gain. With the right skills, any hacker can earn money.

Cybercriminals sell credit card data to make money.

The simplest and most common way that hackers earn cash is to steal your credit card data. Credit cards are used all over the internet for purchases, memberships, sending money, etc. Credit numbers are stolen by compromising databases that contained saved credit card information or intercepting the data while the transaction is in progress.

One high-profile attack involved over 300,000 British Airways customers. A malicious line of JavaScript called Magecart was used in this attack. Magecart allows hackers to steal credit card details when the script is placed into embedded payment pages. The Magecart script was an example of an attack where the hackers did not have to compromise databases but used a script to grab the credit card data during the transaction.

Cybercriminals sell personal data on the dark web to make money.

Some hackers make money by selling valuable information on the dark web. It is challenging to compromise confidential corporate databases, but it can also be very lucrative. Hackers need to penetrate the various security layers to access hundreds of millions of records containing personal information. This data is then often sold on the dark web or to private buyers who intend to use the information for fraud.

On the dark web, personal data and confidential credentials stolen from compromised databases are placed for sale. Personal data is a valuable asset and can be sold for millions. Those who buy the data will likely use it to commit identity theft.   Many hackers target big organizations and corporations, while others go after any organization with penetrable security walls.

Hotel chain Marriot was hacked in 2018. It was hacked again in 2020. Do we blame this kind of attack on the organization’s IT department, or blame the hackers? The hackers are responsible, but the IT department is liable for not securing the data correctly.

In some cases, senior hackers sell credentials to junior hackers and other fraudsters who commit phishing campaigns. These parties attempt to send emails used to spread malware. The malware could be crypto-mining software, adware, or even ransomware. Each of these types of malware can make money for the hacker.

Cybercriminals use Botnets to make money.

The use of botnets is often in the news. A recent news story is about last month’s arrest of the man allegedly behind the Mega-D botnet. Another news story describes the angry supporters of the WikiLeaks organization. They have voluntarily allowed the computers to be part of the LOIC (Low Orbit Ion Cannon) as part of Operation Payback.

Most botnets are used to facilitate criminal enterprise, with their primary purpose being to make money for the hackers in charge.  According to Martin Lee, a senior software engineer at Symantec Hosted Services, botnets can be defined as a system of computers that have been infiltrated with malware and placed under the control of a single individual.

When your computer gets infected by botnet malware, it is under the control of whoever wrote that malware. After infection, the computer contacts the control and command server. Then the person in control of the botnet can issue whatever instructions they would like. The instruction might be to send emails to specific or various email accounts, to connect with other PCs within the network, or to install additional software that will enable the malware to remain undetected as long as possible.

So what’s the next move by cybercriminals after they have built a botnet? How do hackers make money with botnets?

Cybercriminals make money with botnets by sending spam.

There are several ways that hackers can use to make money via botnets. Sending spam is one of the most common ways that hackers use to generate cash. People have become more cyber-aware, and this leads to a low click rate on spam emails. Despite this, hackers are still able to make millions of dollars annually out of spam campaigns. These spam campaigns often sell products such as pharmaceuticals. A study on pharmaceutical spam has shown that most of the products are counterfeit or are of the wrong dosage.

Although spam has a meager response rate, the volume of spam sent by a botnet can make up for the gap. When millions of spam emails are sent, there is a consistent profit generated.

Hackers have realized that by shortening URLs, they get more people to open their messages. Hackers have changed their tactics to allow them to launder or whitewash the actual URL that you see in the email.

A breakdown

Most of the emails that a spammer sends will not be delivered. Of those that are delivered, very few are opened by the targeted victims. Even if they do open the emails, very few will click on the links. Out of those who click the link, very few will buy the advertised products.

Only an incredibly tiny fraction of the sent emails will be successful. But it costs very little for hackers to send many millions of spam emails.  So,  spamming is still a lucrative way for hackers to make money.

Cybercriminals steal money from bank accounts.

Competent hackers aim at financial institutions to attempt to bypass the A-class security systems. Hackers can utilize malware to steal from online bank accounts. An unknowing user might be operating on an infected machine. The hidden malware waits until the user connects to a bank’s internet service, then the hacker takes over or steals the required credentials. The malware allows the victim to log in to their accounts, do their authentication, and then take over the connection. The software then injects money transfer commands into the system and hides those transactions so that the victim does not see their actual balance.

With malware on your PC, you cannot trust what is being displayed on your screen. The hacker has full control and controls what you see.

Cybercriminals make money by using denial of service (DOS) attacks to ask for Ransom.

Another way that hackers make money is through a modern take on a very old scheme: the protection racket. The catch here is to look for a business that conducts most of its business online and then takes down their website until they pay their demanded cash.

If the attacked company does not pay the demanded cash, the hacker can direct the computers in their botnet to start requesting pages on the victim’s website. Since these are automated attacks, botnets can send hundreds of thousands of requests every second, thus swamping the website or slowing it down so much that it becomes practically impossible to use by the clients and the company staff.

According to past studies on such attacks, extortion demands often range between $10,000 and $50,000. In this range, victims are often more willing to pay the ransom than suffer the consequences of their sites being brought down and potentially losing more.

Stealing Intangible Goods.

Although only a few cases have been recorded, some hackers make money by stealing intangible goods. For example, a hacker might hack into one’s gaming account.  The hacker can then sell the intangible goods the player has accumulated or acquired in the game.

People spent significant time and money on online games. Hackers, therefore,  have developed Trojans that have been customized to steal credentials that are then used to access online games to steal intangible goods that have been acquired.  In Asia, a gang of hackers who specialized in selling intangible goods recently made at least $140,000.

Holding Information for Ransom

Another spin on the extortion angle, hackers make money by holding information on a victim’s computer for ransom. With the aid of malware, data is encrypted on the victim’s hard drive, and the information is made inaccessible.  The person operating the botnet then demands payment to decrypt the drive. This method is rarely used but is one way hackers can use it to make money.

Cybercriminals make money through online marketplaces.

Some cybercriminals make a considerable amount of cash by abusing online marketplaces. The ease of shopping from the comfort of your home or office is fast, making online marketplaces such as Flipkart, Amazon, Jumia, and eBay a preferable mode of shopping globally. However, these online platforms usually require various significant credentials that can be easily harvested and use for numerous crimes by cybercriminals.

Fraud has gone up in the online marketplaces providing cybercriminals with ample opportunity to strike. Some of the methods that cybercriminals use to exploit online market places include:

  • Using stolen credit card details to buy expensive goods and other luxuries.
  • Impersonation – cybercriminals also make money by impersonating legitimate sellers. They then sell fake or non-existent items. There have been several incidents where customers complain of receiving items they never ordered for or counterfeit items instead of what they ordered. Such cybercriminals aim to convince a pool of target victims to purchase their fake goods and then disappear with the money without delivering any service or providing the ordered goods.
  • Money Laundering – cybercriminals often use online marketplaces as a channel to launder money. Using stolen or fake credentials, they create buyer and seller accounts. The phony buyer then purchases goods from the fake seller accounts at inflated prices.  The transactions can be used to trick the IRS that somebody legitimately earned money.

Cybercriminals make money through cryptocurrencies.

Cybercriminals use botnets and “crypto-jacking” to mine digital currency at the expense of victims who have no idea that they are taking part in the mining process. The popularity of bitcoin and the introduction of 1500 other digital coins or tokens have expanded attack surfaces in the cryptocurrency red-hot space hence drawing more criminals to exploit the weak links.  The last two years have seen digital currencies grow into mainstream assets as more financial institutions and corporations expand the use of the underlying blockchain technology.

With various “alt-coins” being launched every week, cybercriminals have come up with creative and complex techniques to gain financially from these launches. There has been a rise in mining fraud, scams against initial coin offering, crypto-jacking, and account takeovers.

Crypto-jacking is where cybercriminals use malware to take control of one’s browser and then use the victim’s PC to mine digital coins without their victim’s knowledge.

Money Money Money

There are some other ways through which hackers earn more money than what we have mentioned above. For instance, there are hacking groups paid by governments to commit crimes for those nations. Others make money by being anonymous penetration testers. Hackers will continue to hack as long as there is money to be made.

12 Essential Password Change Policy Best Practices

George Mutune
-
0
12 Essential Password Change Policy Best Practices

Password change best practices are essential to securing sensitive data for both individuals and businesses. A robust password change policy is necessary to ensure sufficient defense against hackers, scammers, and security threats. Implementing best password protection practices is regarded to be an essential front-line defense. The rules protect critical information and IT infrastructures from unauthorized access to preserve integrity, availability, and confidentiality.

Whereas organizations have made long strides in other authentication methods, such as biometrics and certificate-based authentication, passwords remain among the most widely used techniques. At least 71% of users use password security to secure various accounts. However, there are numerous security challenges as malicious cyber actors innovate better ways of compromising password security. Password change policy best practices should be a top concern for all organizations. It is necessary to understand password security threats to appreciate the need for password change policy best practices.

Common threats to password security

Dictionary attacks: Hackers execute dictionary attacks using a software program that automatically inputs a list of common words in a pre-arranged listing. Cracking software creates a variation of common passwords to increase the success rate of compromising user passwords.

Hacking security questions: Many individuals use the names of relatives, spouses, children, pets, or attended schools as the answers to security questions. Hackers can guess such details when trying to crack a password through a reset process. A little research on social media can provide the information needed to break security questions.

Guessing simple passwords: Cybercriminals are aware most people use a sequence of letters or numbers to create a password. Examples are 123456, qwerty12345, 1qaz2wsx, among others. Using such passwords threatens the security of an entire organization.

Compromising accounts with the same password: Most people tend to reuse the same password across multiple accounts. A breach that compromises one account (See How Does Email get Hacked?) can enable a cyber adversary to access all other accounts using the same password. Reusing a password for social media accounts, banking, email, and work accounts may lead to additional security threats, such as identity theft.

Social engineering: Social engineering is among the oldest techniques used to compromise password security. Social engineering is a method where hackers manipulate their victims into performing actions, such as divulging protected information. The information includes a password used to secure confidential data and critical systems.

Recent password security statistics

  1. Over 300 billion passwords will be in the market by 2020

A recent report predicts that there will be more than 300 billion passwords by the end of 2020. The report attributes the staggering numbers to the growing use of password protection among artificial intelligence and humans. As a result, an average user could be managing approximately 60 to 90 different numbers. Companies and individuals should take such a large number as a warning that reusing passwords or creating weak passwords could result in increased cases of cyber vulnerabilities.

  1. Cyber-attacks are the fastest-growing crimes.

Cyber-attacks are among the fastest rising crimes globally in 2020. The rapid growth should be a massive concern for the private and public costs since the cyber-crimes result in skyrocketing costs. Since financially motivated attacks account for 71% of sensitive information leaks, while 25% are related to spying, cybercrime costs could exceed $5 trillion in the coming years. Such numbers are worrying since password reuse and creating weak passwords cause 81% of attacks and data breaches.

  1. Phishing and spam are among the most widely used methods for compromising password security.

In 2019, at least 76% of businesses were victims of phishing and other related social engineering attacks. Cybercriminals use fraudulent emails, links, and attachments to trick unsuspecting users into revealing confidential information like passwords and credit card details. Although many employees are aware of social engineering attacks, they still click on malicious emails, links, and attachments. The actions put a company’s systems and data at dire risk.

  1. Human errors account for most attacks.

Human mistakes are one of the most challenging issues to detect and prevent. Statistics show that human errors contribute to 52% of attacks and data breaches. Employees can make mistakes due to an inadequate understanding of cybersecurity literacy. Common mistakes made in password security include sharing unencrypted passwords over insecure networks, reusing passwords across different accounts, and creating weak passwords to protect confidential information. As the number of cyber-attacks increases in 2020, it is prudent for companies to give special consideration to the team and individual password security practices.

The 2019 State of Password and Authentication Security Behaviors Report compiled the following results obtained from a survey drawing 1,761 IT security practitioners:

  • 51% of users reuse passwords in personal and business accounts
  • 69% share their passwords with other colleagues
  • 67% of users do not use multi-factor authentication in their personal passwords, while 55% don’t apply the authentication scheme in their work passwords
  • 57% of users who have encountered a phishing attack did not change their password behaviors
  • 57% prefer using login methods that don’t involve password protection

Top Password Change Policy Best Practices

  1. Require Employees to Create a Long, Strong Passphrase

Creating strong passwords makes it harder for cybercriminals to crack them using brute-force, dictionary, and other types of password attacks. Strong passphrases must contain at least eight characters, consisting of lowercase, uppercase, symbols, numbers, and letters. The National Institute of Standards and Technology (NIST) advocates for creating long, easy to remember, and difficult to crack passphrases. According to the NIST Special Publication 800-63, a recommended password change policy best practice involves generating passwords with at least 64 characters maximum length. The characters should include spaces.

  1. Use Password Encryption

Using encryption technologies ensures passwords are protected. Organizational employees should use cryptographic methods to secure stored passwords and encrypt passwords shared over a network. Encryption ensures the passwords are inaccessible even if they fall into the hands of unauthorized individuals. The best password change practice to consider is implementing nonreversible, end-to-end encryption. The encryption ensures employees share passwords securely.

  1. Use Multi-Factor Authentication

Multi-factor authentication has become a crucial standard for measuring access privileges to protected resources. A multi-factor authentication scheme requires users to provide additional details to verify their legitimacy and authenticity. In addition to the usual credentials, such as passwords and correct usernames, users must confirm they are legitimate by providing additional items sent to a specified device. The items can be a code, biometric verification, or a personalized USB token. Multi-factor authentication prevents malicious individuals from using stolen password credentials to access protected data and systems. The idea is that by using multi-factor authentication, cracking or guessing passwords alone cannot enable attackers to gain unauthorized access.

  1. Test New Passwords

Most users create new passwords and leave it at that. While changing passwords is a health practice for maintaining password security, there is a probability of using an already compromised password without knowing. Since criminals use a list of known passwords when executing dictionary attacks, creating a compromised password exposes the protected resources to unauthorized access instances. As such, organizations should require their employees to test new passwords using online testing tools. The tools also determine if a password can be hacked easily. An example of such tools is the Microsoft password strength checker.

  1. Avoid Using Dictionary Passwords

Dictionary passwords are user credentials created using dictionary words. Currently, there are 171,476 usable words in a dictionary. Hackers develop sophisticated and powerful software programs capable of cracking passwords by inputting several words a second. The software programs also generate a variation of each word to increase the success rate. As such, software running a dictionary attack can end up trying millions of combinations until a hacker finds the correct password. Employees should avoid using dictionary words to create passwords. Instead, they should use various random characters, including alphabetical letters, special characters, and numbers, to create a long passphrase.

  1. Use Different Passwords for Each Account

Using different passwords is one of the most recommended password change best practices. Reusing a password in other accounts exposes them to the dangers of unauthorized access since a hacker will require to compromise the security of one account. In particular, employees should restrain from using a single password to secure their work accounts. A password manager is a suitable alternative to reusing passwords. Individuals can create a strong master password to secure all other passwords stored in a password manager tool. It requires users to remember the master password only to access the stored passwords.

  1. Change Passwords Only When There is a Potential Compromise or Threat

A long-standing password security practice forces employees or system users to change their passwords after some time. However, recent NIST password security guidelines advise against enforcing a password change policy, citing various reasons. The reasons include that forcing periodic password changes makes users repeat previous passwords to avoid remembering new ones. Reusing passwords is a security threat. Also, frequent password changes may cause employees to write down the new passwords if they forget them. However, written passwords may be accessed due to failing to adhere to a clean desk policy. Therefore, organizations should only request employees to change their passwords only when there is a potential threat or compromise.

  1. Change the Credentials for Accounts Not in Use

Companies must ensure to change the login credentials of accounts no longer in user. The employees assigned the accounts could be transferred to a different department or terminate their employment with the organization. Failing to change the password credentials of idle accounts exposes an account to various threats. For example, disgruntled employees could access the account and commit malicious actions on a company network or steal sensitive information due to revenge motivations. Also, insider threats could use inactive accounts to facilitate cybercrimes to cover their tracks. System admins must ensure all accounts that are not in use are disabled or have login credentials known to trusted individuals only.

  1. Enhance the Security of Privileged User Accounts

Passwords used to secure privileged accounts require special security considerations. Privileged accounts are user accounts that contain higher privileges compared to ordinary user accounts. For example, they can remove or install new software, modify an application, network, or system configurations, or upgrade an operating system. Privileged accounts have far-reaching consequences if unauthorized actors gain access. Therefore, the passwords used to secure privileged accounts need special protections. They include changing the password immediately after use and restricting access permissions to one or two trusted individuals. /

  1. Enforce a Password History

Although repeating or using passwords exposes critical systems to multiple threats, most companies have not implemented measures for curbing the vice. Enforcing a password history policy prevents a user from using a password used previously. A password history policy prevents users from reusing a specified number of previous passwords. For example, a company can create a policy where employees can not repeat twenty previous passwords. The policy protects against password hacking since it requires users to create new passwords each time they want to change old passwords.

  1. Create a Password Audit Policy

Password policies enable a company to keep track of all recent password changes. The policy allows system admins to monitor password changes in a user account. Password audits are essential since they facilitate the identification of suspicious password habits. For example, accounts where passwords are changed a few times every day, could mean malicious intent. Moreover, a password audit policy assists in identifying account users not adhering to password change best practices. Identifying such users enables an organization to implement more robust password policies to maintain high-security levels.

  1. Secure End Devices

End devices, such as smartphones, are used to reset account passwords or for multi-factor authentication. Failing to secure the end devices allows anyone with access to use them to hack or manipulate passwords. Individual users should ensure end devices have sufficient security to safeguard password protection. Strong passwords, or alternative methods like biometrics, should be used to secure end devices that can enable changes or modifications of passwords used to protect confidential accounts.

How Cybercriminals Plan Attacks (5 steps)

Joseph Ochieng
-
0
How Cybercriminals Plan Attacks (5 steps)

How cybercriminals plan attacks is a basic question that every cybersecurity expert needs to know. Cybercriminals use various tools and techniques to identify the vulnerabilities of their target victims. The target can either be an individual or an organization. Most cyber-attacks aim at stealing valuable information or breaching systems. Criminals plan active and passive attacks.

Active attacks actively aim to alter the targeted system. On the other hand, passive attacks only attempt to acquire as much information as possible about their target.

Active attacks may affect the integrity, authenticity, and availability of data, whereas passive attacks lead to breaches of privacy.

Cyber-attacks can also be classified as either outside attacks or inside attacks. An attack originating or executed from within the security perimeter of an organization is called an inside attack. In most cases, inside attacks are engineered and performed by employees who have access to the organization’s credentials and knowledge of the organization’s security infrastructure.

However, attacks executed from outside an organization’s or entity’s security firewall are referred to as an outside attack. This type of attack is performed by someone that does not have a direct association with the organization. The attack can be made over the internet or via a remote access connection.

In this article, I’ll walk you through many concepts so that you clearly understand how the mind of a cybercriminal works and the exact thought process of how they plan cyber-attacks. I will cover topics including types of hackers, attack techniques, types of cyber-crime, attack thought processes, how cyber criminals choose their target.  I will also explain other relevant areas that will give you an in-depth understanding of a cybercriminal’s mind frame or instead thought process.

Who are cybercriminals?

Most cyber-attacks are spearheaded by individuals or small groups of hackers. However, sizeable organized crime also exploits the internet. These criminals, branded as “professional” hackers, develop new and innovative ways to commit crimes. Others form global criminal conglomerates and treat cyber-crime like an income-generating investment.

Criminal communities operate as a unit, where they share strategies and tools to launch coordinated attacks, either from the same place or from different remote locations. The “business” has advanced over the past few years with the emergence of underworld cyber-markets, where you can conveniently purchase and sell stolen credentials and other information of significance.

The internet makes it very difficult to track down cybercriminals. It allows cybercriminals to collaborate anonymously. Attacks can be launched and controlled from any location across the globe. Hackers often use computers that have already been hacked, and any form of identity is removed.

This makes it extremely difficult to identify the attacker, tool, or gadget used to execute the attack.  Crime laws vary from country to country, making the situation very complicated when an attack is launched from a different country.

Types of Cyber Crime

1. Cyber-crime targeting an individual

In this type of attack, criminals exploit human weaknesses such as innocence, ignorance, and avidity. Attacks targeting an individual include copyright violation, sale of stolen or non-existent properties, financial frauds, harassment, etc.  The latest technological advancements and developments of new innovative attacking tools allow cyber criminals to expand the group of potential victims.

79% of security professionals think that the biggest threat to endpoint security is the negligence among the employees for security practices. We are all human, and we all make mistakes.  However, many people are scheming day and night to take advantage of a single silly mistake.  This mistake can cost you tremendous financial loss.

2. Cybercrime against an organization

Cyber-attacks against an organization are also referred to as cyber terrorism. Hackers rely on computers and the internet to perform cyber terrorism, steal confidential information or destroy valuable files, take total control of the network system, or damage programs. An example is a cyber-attack on financial institutions such as banks.

How Cybercriminals plan attacks

3. Cybercrimes target valuable assets

This kind of crime involves stealing property such as laptops, pen drives, DVDs, mobile devices, CDs, iPad, etc. In some cases, an attacker may infect the devices with a malicious program such as malware or Trojan to disrupt the functionality. One of the Trojans used to steal information from target victims is known as a Shortcut virus. The Shortcut virus is a form of a virus that converts your valid files into a form that cannot be accessed on your PC’s hard drive or Flash drive. The shortcut does not delete the actual file but instead hides it behind the shortcut files.

4. Attacks using a single event

From the victim’s point of view, this attack is performed with a single action. For example, an individual mistakenly opens an email containing corrupted files, which may either be malware or a link that redirects you to a corrupted website. An attacker then uses the malware as a backdoor to access your system and take over the control of the entire system if need be. This type of attack can also be used to cause organization-wide havoc, and it all starts with a single click by an “ignorant” employee.

5. Cyber-attacks considering a chain of events

In some situations, hackers perform a series of events to track a victim and interact with them personally. For example, an attacker may make a phone call or chat room to establish a connection with the victim and afterward steal or explore valuable data by breaching the relationship between the two parties. Nowadays, this type of attack is prevalent. Therefore, you should be extremely cautious before accepting a friend request on Facebook or joining a WhatsApp group using links from unknown sources or WhatsApp groups.

How Cybercriminals Plan Attacks

Below are the three phases involved in planning a cyber-attack.

  1. Reconnaissance – this is the information gathering stage and is usually considered a passive attack.
  2. Scanning and scrutinization of the collected data for validation and accurate identification of existing vulnerabilities.
  3. Launching the attack – entails gaining and maintaining access to the system.

1. Reconnaissance

The first step in how cybercriminals plan attacks is always Reconnaissance.  The literal meaning of reconnaissance is an act of exploring with an aim or goal of finding someone or something about the target. Concerning cybersecurity, it’s an exploration to gain information about an enemy or a potential enemy. In cybersecurity, reconnaissance begins with “Footprinting”, the initial preparation towards the preattack phase, and entails collecting data about the target’s computer infrastructure as well as their cyber-environment.

Footprinting gives an overview of the victim’s weak points and suggestions on how they can be exploited. The primary objective of this phase is to provide the attacker with an understanding of the victim’s system infrastructure, the networking ports and services, and any other aspect of security required for launching attacks.

Thus, an attacker attempts to source data from two different phases: passive and active attacks.

2. Passive attacks

This is the second phase of the attack plan. In this phase, an attacker secretly gathers information about their target; the aim is to acquire the relevant data without the victim noticing. The process can be as simple as watching an organization to see when their CEO reports to work or spying on a specific department to see when they down their tools. Because most hackers prefer executing their duties remotely, most passive attacks are conducted over the internet by googling. For example, one may use search engines such as dogpile to search for information about an individual or organization.

  1. Yahoo or Google search: malicious individuals can use these search engines to gather information about employees of the firm they are targeting to breach their system.
  2. Surfing online communities like Twitter, Facebook, Instagram can also prove useful sources to gather information about an individual, their lifestyle, and probably a hint to their weakness that can then be exploited.
  3. The organization’s website may also provide useful information about specific or key individuals within the organization, such as the CEO, MD, head of the IT department, etc. The website can be used to source personal details such as email addresses, phone numbers, roles, etc. With the details, an attacker can then launch a social engineering attack to breach their target.
  4. Press releases, blogs, newsgroups, and so on, are in some cases, used as the primary channels to gather information about an entity or employees.
  5. Going through job requirements for a specific position within a company can also help an attacker identify the type of technology being used by a company and the level of competency of their workforce. An attacker can then decide on what method to use when breaching the targeted system from the data.

3. Active Attacks

An active attack involves closely examining the network to discover individual hosts and verify the validity of the gathered information, such as the type of operating system in use, IP address of the given gadget, and available services on the network, collected during the passive attack. It involves the risk of detection and can also be referred to as “Active reconnaissance” or “Rattling the doorknobs”.

Active reconnaissance can be used to confirm the security measures put in place by an attacker, but at the same time, it can alert the victim if not well executed. The process may raise suspicion or increase the attacker’s chance of being caught before they execute the full attack.

4. Scrutinizing and Scanning the Gathered Information

Scanning is a key step to intelligently examine after as you collect information about the network infrastructure. The process has the following objectives;

  1. Network scanning is executed to understand better the IP address and other related information about the computer network system.
  2. Port Scanning – to identify any closed or open ports and services
  3. Vulnerability scanning – to identify existing weak links within the system.

In the hacking world, the scrutinizing phase is also referred to as enumeration. The objective of scrutinizing includes:

  1. To validate the authenticity of the user running the given account, be it an individual or a group of persons.
  2. To identify network resources and or shared resources
  3. To verify the operating system and various applications that are running on the computer OS.

5. Attack

The attack phase is the last step in the attack process. It involves the hacker gaining and maintaining full control of the system access. It comes immediately after scanning and enumeration, and it launched sequentially as listed in the below steps.

  1. Brute force attack or any other relevant method to bypass the password.
  2. Exploit the password.
  3. Launch the malicious command or applications.
  4. If requires, then hide the files.
  5. Cover the tracks, don’t leave any trail that can lead back to you as the malicious third party. This can be achieved by deleting logs so that there is no trail for your illicit actions.

The Deep Web

The deep web is the core of online underground cybercrime activities. It is inaccessible with the standard browsers and can also not be indexed by the available search engines. It entails the dark web as the most significant component. Other components include TOR, Invisible Internet Project, and Freenet.

The deep web can only be accessed by very sophisticated technologies as most owners of the site prefer to remain unknown. The contents of these websites are hidden from the general public and can only be accessed by those with A-level computing skills. The Onion Router (Tor) is used to access the Deep Web, as the browsers allow one to surf anonymously and hide your IP address with a different one.

The Deep Web is a paradise for cybercriminals. Underworld criminals can freely trade in illegal drugs, buy and sell malware, crimeware, ransomware, identity cards, deal with cyber-laundering, credit cards, and the list goes on and on.

Conclusion

Cybercrime is a complicated and vast phenomenon. The rapid increase in phones, Wi-Fi networks, and the internet has increased the complexity and cyber-attacks. The advancement in technology has led to an expansion in cyber-criminality and the cyber victimization of the vast ignorant population.

Protection against cybercriminal activities starts with taking individual precautionary measures. It then expands to organizational, corporate, military, societal, national, and international levels. Comprehensive protection at all levels and the installation of various layers of security minimizes, prevents, and decelerates the rate of cybercrime.

Most hackers use the commonly available tools to exploit the less knowledgeable population. Installing the right technology at your organization or personal level alone is not enough to efficiently protect against cybercrime.

Integration of fields such as awareness, employee training, culture, social aspects, laws, International corporations, and prosecutions are needed to blend with technical solutions to tackle cybercrime.  Of course, it is essential to understand how cybercriminals plan attacks.

The creation of national governance and International entities formed by various countries to prosecute cybercriminals are areas to be improved. Cybersecurity is a global responsibility and should be jointly handled by major countries across the globe, if not all. Train your employees. Please give them the right technology, and always be woke to avoid the fatal damages caused by cybercriminal activities.

Multi Factor Authentication (MFA)

Donald Korinchak, MBA, PMP, CISSP, CASP, ITILv3
-
0
Multi Factor Authentication (MFA)

More and more companies and private individuals have been looking for better ways to keep their data secure in recent years. No one is truly safe, with huge companies like Facebook, Ticketfly, and T-Mobile suffering from devastating data breaches in 2018. With data breaches happening so frequently, many individuals are understandably worried about exposing their data and suffering from financial loss and must turn to multi factor authentication.

Key cybersecurity measures like enabling a firewall, installing antivirus software, and using encryption technology can only do so much against cybercriminals. Hackers have been using more sophisticated software to steal corporate and private data, so you should do everything you can to keep your data secure. One way of doing this is by enabling multi-factor authentication (MFA) as an extra security measure.

In this post, we’ll be looking at everything you need to know about MFA.

How MFA Improves the Security of Your Accounts

In a nutshell, MFA is a security system that necessitates more than one way of authenticating a user. Usually, it combines two or more types of authentication credentials: something a user knows, something they physically have, and something they are.

The MFA creates an extra layer of security to make it harder for hackers or an unauthorized person to access your account. Since there is more than one way of accessing an account, any hacker who’s able to get through the first tier of security (like cracking your password) will be stopped in their tracks as they won’t have access to the other security factors you’ve enabled.

The Different Types of MFA

Below we’ve detailed the different types of MFA you can enable to keep your data secure.

Possession Factors

This pertains to physical items that a user possesses to authenticate their login process. These could be a key fob, smartphones, USB drives, security tokens, or the phone’s SIM Card. For example, you might receive a notification on your phone asking if you’re authenticating the login of one of your accounts on a new device. One-time passwords (OTPs) also fall in this category since this is usually sent to your email or phone number.

Knowledge Factors

What falls in this authentication factor category are passwords, PINs, or answers to secret questions. Whatever a user can recall and remember is considered a knowledge factor. This is usually the first level of security you’ll encounter when you try accessing your account.

Inherence Factors

To put it simply, anything that falls under this category is a part of a user’s body that can be used for authentication purposes. ‘Are Selfies the Next Best Security Tool?’ by HP highlights how companies have begun using facial recognition to improve the security of their products and services. For instance, numerous phone manufacturers like Apple and Huawei have installed facial recognition systems to map out a unique detailed depth map of your face ⁠— serving as a biological trait that can be used to confirm a login. Others that fit in this category are iris scans, voice verification, and palm scans.

Is MFA Perfect?

As with all security methods, nothing is 100% prone to vulnerabilities. In ‘The Security Downside of SMS-based Multi Factor Authentication (MFA)’ by George Mutune, he mentioned the security flaws of popular methods like SMS-based MFA. SIM swap attacks to SS7 network vulnerabilities, SMS-based MFA is far from being the perfect MFA method.

A Medium article by Stuart Schechter also illustrates the risks of enabling MFA. For one, you can permanently lose access to your account if you fail to answer a question on your chosen secondary MFA method. Another risk of enabling MFA is that it can make you careless since you now have the notion that your accounts are 100% secure. This can make you vulnerable to trusting unknown publishers and phishing scams.

Regardless, it’s still recommended to enable MFA on all your accounts ⁠— be sure to be on the lookout for security vulnerabilities that may compromise your data. If you want to learn more tips on how to practice cybersecurity, head on over to our article ‘Top 20 Cybersecurity Practices that Employees Need to Adopt’.

What do Virtually all Phishing Emails have in Common? (5 Things)

Joseph Ochieng
-
0
What do Virtually all Phishing Emails have in Common? (5 Things)

What do virtually all Phishing Emails have in common?  By understanding what Phishing Emails have in common, you can quickly identify them and avoid these threats.

What is phishing?

Phishing is a method used by hackers to collect personal information using deceptive e-mails and websites. It’s a form of attack that uses disguised email as a weapon.

The main objective is to trick the target into believing that the message is legitimate. It could be crafted to look like a note from a senior employee within their firm. Sometimes they are made to look like a request from their bank. It may direct the victim to download an attachment or to click to link.

However, phishing emails are distinct and can be easily identified by someone who is well informed about the characteristics of this kind of cyber-attack.

In most cases, phishing emails appear to be from a real person, a trusted entity, or a company with which the target is likely to do business.

Phishing attacks are one of the oldest techniques used in cyberattacks, dating back to the 1990s. Despite being in existence for quite some time, phishing attacks are becoming more sophisticated and sinister with a rapid technological development rate.

Phishing is still one of the most widespread and most exploited techniques by black-hats, especially during crises such as SARS or COVID-19.

In this article, we will address some of the striking similarities between various phishing emails. We will look at multiple types of phishing attacks. We will describe vulnerabilities mostly exploited and show how to position your company or yourself against such security incidences.

Phishing Kit

A phishing kit is a collection of software tools that makes it easier for people with little or no technical skills to execute an attack. A typical phishing kit is made of website development software with a simple, low/no-code graphical user interface (GUI).

The phishing kit comes complete with graphics, sample scripts, and email templates that an attacker can readily use to create legitimate correspondences. Some phishing kits come along with telephone numbers, a list of vulnerable e-mail addresses, and various software to automate the malware distribution process. Phishing-kit

phishing-kit-2

Types of phishing

One thing that all phishing emails have in common is the disguise. Attackers cover their email address so that it looks like it’s coming from a legitimate user. Or, they create fake websites that look like legitimate ones trusted by the target. In some cases, they use foreign character sets to disguise URLs.

With that in mind, we can classify various forms of attack as phishing attacks. Classification can be done in several ways, including the purpose of the phishing attempt, intrusion technique, etc. Generally, phishing emails aims at two things:

  • Trick the victim into handing over sensitive information, often a username and a password, that the attacker can easily breach a system or account.
  • Download malware. In this case, an attacker aims at deceiving the target to infect their computer by installing malware or a local access Trojan to infect their computers. For instance, a phishing mail may be sent to an HR officer with an attachment that claims to be a job seekers’ resume. The attachments are mostly in .zip files or Microsoft Office documents embedded with malicious codes or links.

1. Email Phishing

Most phishing attacks are sent via email. In these techniques, the hacker sets up a fake domain that mimics a genuine organization and then sends lots of generic requests to an identified target through the mail. The fraudulent substitution always involves replacing characters, such as ‘n’ and ‘r’ (‘rn’)close to each other to appear as ‘m’. In some cases, the crooks may decide to use the organization’s name in the domain, such as al*****@*****ok.com, hoping that it will appear as ALIBABA in the target’s inbox.

There are several ways to spot a phishing email, and by the end of this article, you should be able to spot one quickly.  You will also be able to guide others to identify Phishing emails.

As a general rule, always check and carefully scrutinize the email address of a message asking you to click a link or download an attachment. It is also wise to run an email lookup on unknown emails so that you can stay safe from potential phishing scams.

2. Whaling

Whaling attacks target senior executives. Despite having the same goal as any other form of a phishing attack, whaling attacks tend to be more subtle.

Because the technique is used on high-profile individuals within an organization, the methodology does not employ fake links and malicious URLs in breaching a system.

There have been increasing cases of whaling attacks on various sectors involving bogus tax returns in the recent past. Tax forms are valuable to hackers. They contain a wealth of important information such as social security numbers, addresses, bank account information, and the targeted individual’s official full names.

3. Vishing and Smishing

When using either vishing or smishing techniques to hack a target, telephones replace emails as the primary communication method.

In smishing attacks, a cybercriminal sends phishing texts to a target through text messages using a telephone. The message is drafted and tuned just as the email could have been. The objective is to convince the victim that the message is from a legitimate or trusted source.

In Vishing attacks, the cyber-criminal deceives its target through an actual phone call.

One of the common tricks used by hackers to execute a vishing attack is posing as a fraud investigator. The attacker may pose to be from a card company or a bank and pretend to inform the target about accounts that were breached.

4. Spear Phishing

Spear phishing is a sophisticated method of attack involving email. This technique is used to breach a specific person. Cyber-criminals who exploit their targets through these techniques already have some information about their targets, such as;

  • Name and physical address
  • Place of employments
  • Title of job
  • Specific information about duty at work
  • Email address

One of the most detrimental phishing attacks ever done, the hacking of the Democratic National Committee, was accomplished with the aid of spear phishing. The first round of attacks involved sending emails containing malicious attacks to more than 1 000 email addresses. The second wave of the attack led to a better part of the committee members sharing their passwords.

5. Angler Phishing

Social media platforms have given hackers a new attack vector. There are various fake URLs, tweets, cloned websites, instant messaging techniques, and posts that can be used to persuade people to download malware or divulge sensitive information.

For instance, Elon Musk and Bill Gates are among the top profiles whose Twitter accounts have been recently used to spike attacks. The latest one was done using bitcoins and a message convincing targets to give back to society.

Data willingly posted by people can also be used to create highly targeted attacks. In 2016, a group of hackers conducted a sophisticated attack through Facebook. Facebook users received messages informing them that they had been mentioned in a post. Cyber-criminals initiated this message. Upon clicking the link, it would install malware or Trojan into their personal computers. The second phase of the attack comprised of the target’s account being breached. Immediately, they used the compromised web browser to access their Facebook account. The hackers managed to control various accounts, steal important data, and spread the infection to victims’ friends through their accounts.

What do Virtually all Phishing Emails have in Common?

1. The message is sent from a public email domain

There’s no legitimate organization that can send emails from an address that ends with ‘@gmail.com’. Not even Google can use such addresses. Most organizations, even the small ones, have their domain and company accounts. For instance, Google is most likely to use ‘@google.com’ when sending legitimate emails to their clients. Therefore, if the domain names match that of the sender, the message is probably from a legitimate user, and the message is most likely to be legitimate.

You can always verify an organization’s domain name by typing the company’s name into a reliable search engine. This makes it simple to detect phishing emails. However, cybercriminals are more advanced, and therefore it requires one to be more vigilant to detect these intruders.

An important tip to note: look at the email address and not just the sender.

Below is a phishing mail mimicking PayPal. Most crooks can create bogus email addresses and even select a display name that does not relate to the email in any way.

What do Virtually all Phishing Emails have in Common

This is a nearly flawless scam email.  It is professionally styled and believable. The email uses PayPal’s logo at the top of the message, making it undetectable to an ‘ignorant’ target. However, there’s a huge red flag; the sender’s address is noted as ‘pa****@***************73.com‘ instead of having an organization name in the domain to indicate that it had come from an individual at PayPal, for instance, (@) PayPal.

Most hackers maximize their target ignorance, and in most cases, mere inclusions of a known company name anywhere in the message are enough to trick people. The targeted individual may glance at the word PayPal in the email address and be satisfied. In some cases, others may not even differentiate between the domain name and the local part of the address.

2. They are poorly written emails with an odd writing tone

Poor spelling and grammar should always be the first red flag for any email received, whether from a known or unknown source. Some people are convinced that such errors arise due to an inefficient “filtering system”; however, hackers exploit this technique on the most gullible targets only. The catch here is that if an individual is unable to pick the minor hints at the first stages of the intrusion, then most likely, they won’t be able to pick clues during the scammer’s endgame.

Automated attacks

When executing a phishing attack, hackers do not have to monitor inboxes and send tailored responses. To reach a wider audience and lure more victims, they prefer randomly dumping thousands of crafted messages on unsuspecting persons.

Important tip: look for grammatical errors and not spelling mistakes.

In most cases, hackers will use a translation machine or spellchecker when crafting phishing messages. These apps can give the right words with accuracies close to 100, but they do not necessarily arrange the words into the proper context.

What do Virtually all Phishing Emails have in Common?

For example, the image shown above is a phishing scam imitating windows. Every word is spelled correctly except for various minor grammatical errors that a native English speaker wouldn’t make, such as “We detected something unusual to use an application.” There is also an array of missed words in various sentences such as “Please contact Security Communication Center,” “a malicious user might trying to access,” etc.

Everyone makes typing mistakes from time to time and especially when in a hurry; however, you should be able to thoroughly scrutinize the error if it’s a clue to something more sinister.

3. There are suspicious attachments or links

Phishing emails are launched in various forms. Although this article has majorly focused on email phishing, scammers can also use phone calls, social media posts, and text messages.

However, despite the channel or techniques through which phishing emails are presented, they will always contain a payload. All phishing emails are embedded with links to bogus websites or infected attachments, prompting you to download them.

An infected attachment, in this case, is any document that contains malware. Below is an ideal example of a phisher claiming to send an invoice.

suspicious phishing attachment

From the above image, it’s impossible to know what the message entails until they open the attachment, whether the recipient was expecting to receive an invoice from the sender or not. Upon opening the message, the receiver will realize that the message is not intended for them, but then it will be too late, and the malware will have been unleashed on their computers.

4. There’s a sense of urgency, or the message calls for prompt action.

Hackers are aware that most human beings are procrastinators. Despite the significance of the message, most people will decide to deal with the information later.

The law of nature has it that the more you think or focus on something, the more likely you notice that something is off. Maybe in the day, you realize that the claimed organization doesn’t contact you at the same address, or perhaps you realize that your other colleagues at work did not receive the same email. Even if you don’t get the “Ahaa!” moment, reading the message with fresh eyes might unveil its true nature.

And for these reasons, most phishing emails request that you act immediately or that chance will be gone. A trait that is very evident in almost every example we’ve used above.

Below is a typical example:

typical phishing example

Such phishing scams are very sinister and dangerous at the same time since it jeopardizes the recipients’ (possibly a junior employee) position at work.

5. They have Oddly Generic Greetings

Phishing scammers target millions of people and therefore send lots of phishing emails a day. With this work volume, they heavily rely on phishing tools or applications to help them generate phishing templates. Commonly used greetings include “Dear Customer” implying “Your Company” or “Your Bank.” This kind of sensitive email should have more details about you as they originate from someone who knows you better, a partner you’ve met before, or a colleague you once served with at the same workstation.

Educate your employees to prevent phishing

Education is power, and knowledge liberates. Regularly remind your employees of what they should be looking for when handling mails or information within the organization. This does not necessarily mean having frequent awareness training programs as a few well-placed posters within the office can serve the purpose.

Top Managed IT Service Companies Share Insights Into NortonLifeLock & Avast Merger

Donald Korinchak, MBA, PMP, CISSP, CASP, ITILv3
-
0

NortonLifeLock( one of the global leaders in cyber safety) and Avast (one of the global leaders in digital security and privacy) recently announced that they have reached an agreement on the terms of a merger worth more than $8 billion.  According to reports, Norton will acquire all shares of Avast and will create a larger cybersecurity firm. ”Great merger. The combination of Avast’s product line with the power of LifeLock personal monitoring is a great combination for the channel”, said Michael Goldstein of LAN Infotech.

”Based on NortonLifeLock’s closing share price of USD 27.20 on July 13, 2021 (being the last trading day for NortonLifeLock shares before market speculation began in relation to the merger on July 14, 2021, resulting in the commencement of the offer period), the merger values Avast’s entire issued and to be issued ordinary share capital between approximately USD 8.1B and USD 8.6B, depending on Avast shareholders’ elections.”

The agreement comes nearly one month after both companies provided confirmation they were discussing a possible merger of both companies, which are publicly listed. 

According to the terms of the merger deal, Avast shareholders will receive a combination of cash consideration and newly issued shares in NortonLifeLock. The new company, which has not been named, will serve over 500 million users, including 40 million direct customers.

Transforming Cyber Safety

Vincent Pilette, NortonLifeLock CEO, said:

“This transaction is a huge step forward for consumer Cyber Safety and will ultimately enable us to achieve our vision to protect and empower people to live their digital lives safely.

With this combination, we can strengthen our cyber safety platform and make it available to more than 500 million users. We will also have the ability to further accelerate innovation to transform cyber safety.”

Ondřej Vlček, Chief Executive Officer of Avast said

“At a time when global cyber threats are growing, yet cyber safety penetration remains very low, together with NortonLifeLock, we will be able to accelerate our shared vision of providing holistic cyber protection for consumers around the globe.

“Our talented teams will have better opportunities to innovate and develop enhanced solutions and services, with improved capabilities from access to superior data insights. Through our well-established brands, greater geographic diversification and access to a larger global user base, the combined businesses will be poised to access the significant growth opportunity that exists worldwide.”

For quite some time, many online platforms have been facing various cyber threats and cyberattacks. The data of millions of users on different platforms and systems has been compromised. Ransomware continues to be on the rise. Cybercriminals are able to hide malware in different systems and applications, and consumers are often the victims when databases that have financial information and personal information are compromised. 

IT leaders and experts are hoping this merger leads to a more powerful cybersecurity protection product. The new product will include the benefits of Avast’s and NortonLifeLock’s. Cybersecurity continues to be crucial for consumers and businesses of all sizes, and there is hope that this step will lead to a more safe and secure life on the internet. 

”The cybersecurity industry is a team effort to combat the latest cybersecurity threats. Therefore, it is a great idea to combine the resources to fight for the same cause. The merger between NortonLifeLock and Avast will strengthen the cyber safety platform and provide it to many combined users. Furthermore, the merger should lead to antivirus products that include the benefits of Avast’s focus on privacy and NortonLifeLock’s experience in identity, all at a time when cybersecurity is critical for both consumers and businesses”, said Dr. Bennet Hammer,  President of Hammer IT Consulting, Inc.

Securing The Digital Landscape

NortonLifeLock, has promoted paid safety and anti-identity theft solutions for many years, whereas Avast has promoted both paid and free antivirus solutions. The merger combines Avast’s focus on privacy and NortonLifeLock’s focus on identification, producing a complementary product 

”Both these companies have largely been playing in the end consumer space. This segment has increasingly gotten more aware of the need for cybersecurity when it comes to protecting personal data. Also, these products are quite complementary to each other, wherein Avast helps prevent the breach and LifeLock comes in when a potential breach has happened already. We see this is quite a synergistic and strategic merger and a win for our customers as the merged entity comes out with a more holistic solutions that are inherently complementary to each other”, said Ashu Singhal who runs Orion Networks, an IT support company in Maryland.

”Mergers are usually a doubled-edged sword. From a “business standpoint,”  these companies saw great value in joining forces. One saw an opportunity to innovate, another saw money (in many different forms). But what does this mean for the customers using the lower-end security? Does this mean they must now pay fees? The cyber world gets more complicated every day and perhaps it is time the consumer world embraces the reality of paying for personal cyber, much the same way the consumer pays for home/auto/life insurance. The work from home paradigm shift is going to accelerate this. I am sure LifeLock looks at this as perfect timing and, from a marketing perspective, is tremendous branding for them. It builds their reputation and expands their product set”, said Mike Shelah of Advantage Industries.

”Also, acquiring the Avast database is a huge win. What I personally want to see from this merger is real innovation to bring enterprise-class service and solutions to the typical family or individual”, added Shelah. 

While the latest information did not reveal any specific or particular product plans, consumers and organizations should not be surprised if NortonLifeLock begins providing Avast solutions and vice-versa.

As mentioned previously, the new name following the merger has not been released. However, it will function by means of twin headquarters at NortonLifeLock’s main location in Arizona and Avast’s main operations, which lies within the Czech Republic. The deal is predicted to be completed in mid-2022 after regulatory approval is finalized. What are your expectations on the merger? What impact do you think it will have on the cybersecurity and digital landscapes?

1...136137138...149Page 137 of 149

CyberExperts is your cybersecurity news and education website. We provide you with the latest breaking news and videos in the cybersecurity industry.

Contact us: [email protected]

© Copyright - CyberExperts.com