CYBERSECURITY
WEEKLY NEWSLETTER
Keeping an eye on cyber news and threats
Issue 13
FedEx and DHL phishing email targeting Microsoft users
Over 10,000 Microsoft email users have been hit with a phishing campaign pretending to be FedEx or DHL in an attempt to steal their work email credentials.
The campaign is fairly convincing and it is clear that some effort has gone into it. The emails even direct to pages hosted on verified domains such as Google Firebox or Quip to make sure it passes through any mail security filters.
The context is usually missed deliveries or scanned documents, which people will usually click on fairly quickly. The FedEx email is titled ‘You have a new FedEx sent to you’ and even includes minor details such as number of pages, a document ID and type of document to make it seem more convincing.
Of course, if the recipient follows the link in the email they are prompted to enter some credentials to view the document or delivery note in either a fake Microsoft portal or an Adobe sign in box, pre-filled with the users email address. It even ‘previews’ a document or spreadsheet in the background behind the sign in box that looks like shipping documents.
As always, stop and think before entering any credentials.
30,000 Apple devices infected with ‘mysterious’ malware
A new strain of malware has been identified by a security company called Red Canary that has infected around 30,000 Apple devices.
The purpose of the malware is unknown, but it is targeting devices with the M1 chip. The malware, called ‘Silver Sparrow’, does not show usual behaviour traits of adware commonly seen on macOS and seems to phone home to a server every four hours for further instructions. It also has a self-destruct ability that can erase any trace of its existence.
It seems to be a common misconception that macOS can’t get viruses, and theory is that because this malware hasn’t actually done any damage, it is an effort to highlight that this simply isn’t true, and any device or operating system can get viruses. It is true that you see more viruses for Windows, but this is simply down to Windows being the most used operating system worldwide by a huge margin so a virus can infect a higher number of users.
With Apple devices becoming more popular than ever now though, we are starting to see more viruses appear for macOS or iOS and users need to be vigilant.
What if this seemingly harmless virus isn’t harmless at all? Another theory is that the malware will spread to as many devices as possible and lay dormant until it receives an instruction to deliver a payload or take part in what’s known as a ‘botnet’. A botnet is when many devices are infected with a particular type of malware that lays dormant and when instructed it takes control of the computer and all the other computers it has infected at once to combine the computing power and attack a large network or target system.
I’m digressing here, but Apple have effectively stopped the malware spreading to new devices, but this is a wake-up call to Apple users that their devices can still get viruses and should protect themselves accordingly.
119,000 threats per minute detected by Trend Micro in 2020
62.6 billion threats were identified and blocked by cybersecurity software company Trend Micro in 2020, a 20% rise since the previous year. That’s 8 threats per every human on the planet, and that’s only the ones they identified.
91% of those threats were email-based phishing attacks with home networks being the primary target as 15.5% of home networks were attacked, targeting routers or smart devices in the home. That’s a 210% increase on home network attacks, quite clearly linked to the increase in amount of people working from home.
As I keep saying, cybercrime really is on the rise and these figures show that. The numbers will only keep going up so it’s on everyone to make sure we are vigilant and educated on spotting things such as phishing attempts and making sure that our home networks and devices are secure.
This week’s top tip – Check for HTTPS or the ‘padlock symbol’ on websites
You know that little bit at the start of a website address ‘https’? Those letters are the protocol that a website is using to send and receive information. Without getting too technical, HTTP stands for ‘hypertext transfer protocol’ and the ‘s’ on the end stands for secure.
For a while, every website used HTTP, but this just wasn’t secure enough, particularly for things like online banking or purchases where your bank or card details were at risk. It only made sense to develop a more secure protocol to protect any information people were sending over the internet, and so HTTPS was born. Now, nearly every website you visit has HTTPS (those that don’t, really should) making sure that your connection to the website is secure, and your information is safe.
So always check the address bar at the top of your browser to make sure the website you are on is using HTTPS, particularly if you are doing any online banking or shopping, or anywhere that you are entering personal information.
Most browsers these days don’t show this part by default, instead they show a little padlock next to the address to let you know the site is secure. It will also tell you if it is not secure. You can also check the full address by clicking on the address bar.
That’s all for now, stay safe and see you next week.
Mike