It’s 2018, and phishing emails are just an expected part of life for email users around the world, containing all manner of malware within concealed links and dodgy attachments. Most of us can recognise poorly spelled phishing emails that lack any real context, but what happens when something more complex hits your inbox? What if a cyber criminal emailed you your password – a real password you’ve used – and told you that they had compromising videos of you and more? What if they said that unless you pay a Bitcoin ransom, they would share this incriminating footage with everyone on your contacts list? That’s exactly what has been happening to thousands of Irish users, to both personal and corporate email addresses.
Cyber criminals have always targeted users, finding it easier to trick unsuspecting employees than to bypass complex technical security measures – and this trend has been growing steadily the last few years. Identify fraud, where criminals impersonate someone else in order to steal their money or use their account to manipulate others, is now one of the most common types of cyber crime there is. Account takeover attacks, where criminals gain access to a user’s account and use it to send spam or phishing emails, is also on the rise, often allowing malicious emails to bypass email security filters.
Phishing remains one of the most common attack vectors for criminals – one study alarmingly found that 93% of phishing emails contained ransomware
New research from DataSolutions, an Irish IT solutions provider, has revealed that a majority (60%) of senior IT decision makers consider human error to be the greatest threat facing Irish businesses and organisations at the moment. This is consistent with results of similar surveys in other countries such as the US or UK, as cyber criminals evolve to target end-users and take advantage of improperly-trained staff instead of trying to bypass or hack complex technical security measures. The survey also revealed that 93% of respondents claim that they have a formal cyber security and defense strategy in place to help navigate today’s online threat environment, particularly in a post-GDPR world.
Cyber criminals are becoming increasingly smart and how they target organisations, targeting un-training staff instead of complex technological security measures
Harvey Norman, the retail giant with 13 stores in the Republic and a further two stores in Northern Ireland, has admitted to customers that it suffered a data breach through a third-party tool used on its website. “We wish to alert you to a data breach that has occurred in the systems of a third-party website service provider, Typeform, which has resulted in the unauthorised access to some Harvey Norman data,” the company said earlier this week in a statement.
Harvey Norman was just one of the many companies affected by a breach at Typeform, a third-party website service provider
It’s 2018, and cyber crime is on the rise. It seems every other week there is another data breach or cyber attack somewhere in the world, and many people are rightfully apprehensive that they may be hacked too, or even that their details may have been exposed online through a breach of a service that they use. What if your email and password were compromised in the Adobe breach in 2013, the Yahoo breach in 2016, or the LinkedIn breach in 2012? What if your email had been obtained online and sold to cyber criminals as part of a spam list, such as Exploit.In, or the Anti Public Combo List, both discovered in 2016? If so, you may be at risk of hackers gaining access to your accounts, or even committing identity fraud against you. Luckily, security researcher and Microsoft regional director Troy Hunt has developed a database so that you can check to see if you’ve been compromised – so you can secure your online presence again.