New cyber threat targets SMBs

Security awareness training firm KnowBe4 warned of a new security threat to small and mid-sized businesses (SMBs). The threat, called Advanced Persistent Threat, or APT, is usually initiated via spear-phishing attacks orchestrated by teams of fraudsters, according to KnowBe4. The attack targets company executives who have access to businesses' most sensitive and secure information. KnowBe4 said APTs are typically sponsored by governments that have the capabilities and intent to persistently target specific entities.

KnowBe4 founder and Chief Executive Officer Stu Sjouwerman explained how the attacks work. Fraudsters target a business and hone in on key employees, then research and harvest data about those individuals, including emails, pictures and financial records.

Sjouwerman said the APT then carries out its attack by sending the target an email from a seemingly recognized source. The email contains an attachment. When the attachment is opened, the computer is infected with malware that allows fraudsters to gain undetected access to the organization's computer system. Sjouwerman noted that victims may remain unaware of the virus for years because of the subtle nature of the attack.

Phishing in growth mode

In an August 2012 blog post on the website of RSA Security Solutions, the Security Division of EMC Corp., RSA documented the global rise of phishing attacks in the first half (1H) of 2012. Compared with fraud statistics from the second half (2H) of 2011, RSA said businesses experienced 19 percent more phishing attacks in the January to June 2012 timeframe, with attacks heavily targeting organizations in the United Kingdom, the United States and Canada.

The blog post, entitled "Phishing in Season: A Look at Online Fraud in 2012," said the number of 1H2012 phishing attacks averaged 32,581 a month, and represented the fourth straight increase in the number of attacks recorded since 2H2010. The estimated global fraud losses from phishing attacks in 1H2012 surpassed $687 million, up 32 percent from 1H2011, RSA stated.

Human emotion is the reason phishing attacks persist and, in fact, continue to grow. "What makes phishing so successful is its social engineering component which drives the schemes used by cybercriminals today to manipulate online users into disclosing private information," said the post. "In social psychology, one of the routes to persuasion is designed to get a person to purposefully not think – but rather react emotionally and react immediately."

RSA noted that the most successful phishing scams play upon common human motivators and emotions through:

• Tax refund and prize offers
• Unwarranted lottery winnings and "419" scams (originating in Nigeria)
• Accusatory tax fraud reports from purported authorities
• "Look who has been searching for you" schemes
• Fake order confirmations from well-known online merchants or shopping sites
• Fake emails from banks, service providers, investment firms, social networking friends or professional network colleagues/ business associates

Red flag warnings

SMBs are being victimized by APT attacks because they are not taking proactive measures to prevent attacks, according to Sjouwerman. One measure is for SMBs to train employees on how to detect potential phishing attacks. The security firm said various fields in emails can provide red flags of potential attacks, such as:

• An unusual email address from the email sender in the "From" field
• An email that was cc'd to an unknown individual or individuals in the "To" field
• An unusual time the email was sent, such as 3 a.m., in the "Date" field
• Irrelevant or discordant wording in the "Subject" field that does not match the content of the email
• Content that includes bad grammar or spelling errors
• A hyperlink that shows a strange web address when the hyperlink is hovered over
• Email attachments that were not expected or would be unusual from the particular email sender

KnowBe4 offers SMBs the Kevin Mitnick Security Awareness Training online program, which includes case studies, live demonstration videos and short tests. Mitnick, who heads Mitnick Security Consulting LLC, is notorious for hacking exploits perpetrated in the early 1990's.

Editor's Note:

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.