Ransomware is by far the biggest threat among Enterprises. So what is Ransomware? It is a malicious code that blocks or encrypts the contents of a device and demands a ransom to restore access to the data.
According to research done by ESET, Companies named ransomware their number one concern.
In response to customer needs and concerns, ESET integrated Ransomware Shield into its security solutions. ESET has long been providing its customers with very good behavior-based malware detection and also with Host-based Intrusion Prevention System (HIPS) that allows users to set custom rules for the protection against ransomware. However, should something slip past the 11 other security layers, Ransomware Shield will be automatically activated.
While ransomware infection often starts with clicking a suspicious link or a fictitious invoice, ESET found that email remains the most common distribution method.
To combat
these scenarios, enter ESET Dynamic Threat Defense (EDTD). EDTD provides
another layer of security for ESET products like Mail Security and Endpoint
products. It utilizes a cloud-based sandboxing technology and multiple machine
learning models to detect new, never before seen type of threats. In result,
attachments that were classified as malicious are stripped off the email and
the recipient gets information about the detection.
To learn more about how ESET can protect your business, and to book a FREE in houseCybersecurity Training Session for your employees, please sign up below.
The scam
machine shows no signs of slowing down, as fraudsters continue to dispense bogus
health advice, peddle fake testing kits and issue malware-laced purchase orders
As the
Coronavirus pandemic continues to escalate, more companies
are now shifting to remote work as a way of containing the spread of the
disease. Similarly, lockdowns and travel bans, among other stringent measures,
have become the order of the day across several nations. And to worsen the
situation, there is a massive shortage of the required medical kits.
Such a crisis
provides fraudsters undue advantage over a vulnerable lot that is financially
destabilized, as well as emotionally drained as a result of the pandemic.
In this case,
you would likely receive fake updates regarding the pandemic, as well as
non-existent offers for personal protective equipment, among others. Likewise,
if you’re a business, you would certainly receive faux purchase orders and
payment information.
Fortunately, as a follow up to our previous article about the ways scammers are exploiting coronavirus fears, we provide you with a few examples of the new campaigns aimed at stealing your money or personal information. To enable you to keep your guard up. Shall we?
Fake news/information
As the virus
continues to escalate, more people are currently searching for practical
information on how they can protect themselves. As a result, scammers have
conveniently positioned themselves as the true COVID-19 information
“crusaders” by impersonating well-known health organizations, such as
the World
health organization.
Don’t act
surprised if you receive an email (containing an attachment) supposedly coming
from a reputable health organization offering you “vital information”
on how you can protect yourself from the disease.
For instance,
our research team identified one such file containing a Trojan designed to
steal personal credentials.
Apart from the
WHO, fraudsters are also impersonating the US Centers for Disease Control and
Prevention (CDC). Accordingly, the FBI has given a warning about scummy
emails mainly riddled with malware-infested attachments and links purporting to
originate from the CDC.
To reduce the number of people falling for
such schemes, the WHO shares examples of its official email addresses and
methods of communication on its website.
Urgent purchase orders and late payments
Owing to the
increased pressure from governments to reduce the spread of the virus,
Companies, as well as factories, have been forced to streamline their
operations according to the current situation. As an example, companies to
integrate work from home modules, while factories to either increase or reduce
their production capacities depending on their products.
Such erratic
changes have brought about a climate of uncertainty that offers fraudsters a
thriving environment.
In this case, as
a factory owner or executive, be on the lookout for “urgent purchase
orders” from “company representatives.” Since this fake orders
come from scammers who want to make a kill out of your desperation of making
some revenue before things go south.
Sadly, if you
download such “urgent orders” (usually in attachments), your PC will
be installed with malicious
code designed to steal your details.
Below is an
excellent example of such an “urgent order”:
Similarly, you
would receive a “proof of payment” for you to take care of the order.
However, like the last example above, instead of receiving a bank statement,
the attached document contains a Trojan injector.
High demand products
A massive
increase in demand compounded with an inadequate supply for essential
protective items, such face masks has created another avenue for scams.
A typical
example of such a scam involves a fraudulent site that is offering
“OxyBreath Pro” face masks at a reduced price. These can lure you
since there is a shortage of masks, and what is available is highly-priced.
However, if you
click on the provided links, you’ll be at risk of exposing your sensitive
personal information to the scammers.
Bogus testing gear
The
unavailability or short supply of medical kits for testing folks for the virus
has also attracted fraudsters in droves.
For instance,
the existent low supply of masks, respirators, and hand sanitizers, among other
necessities, has prompted scammers to impersonate medical officials. So that, they can provide non-existent or
fake COVID-19 test kits, as well as illegitimate “corona cures.”
As an
illustration, more than 2000, links associated with fake coronavirus products
have already been identified. Similarly, law enforcement bureaus alongside
other relevant bodies have been able to seize US$
13 million worth of potentially hazardous pharmaceuticals.
To contain these
despicable actions, the U.S. Food and Drug Administration (FDA) has issued
warnings that it hasn’t allowed the sale or purchase of coronavirus
self-testing kits; therefore, it is currently bursting such sellers.
Final thoughts
In a wrap, what
we have shared is a representative of the many current fraudulent campaigns
doing rounds in our media spaces due to the prevailing situation.
Thus, it is
critical to maintaining high alertness to avoid falling victim to both the
COVID-19 pandemic, as well as the ensuing scam epidemic escalating through the
internet. To keep yourself safe from the scams, you can practice the following
basics:
Avoid downloading files or
clicking on links from unknown sources
Never fall for unrealistic
offers or order goods from unverified suppliers. You may also make a point of
checking out the purported vendor’s reviews
Invest in an excellent endpoint
solution which can shield you from phishing
attacks, as well as other forms of scams
If an email suggests coming
from a reputable organization, double-check with the firm’s website to confirm
its authenticity
If you require
consultation, as well as endpoint solutions for your cybersecurity needs, then
ESET has been here for you for over 30 years. We want to assure you that we
will be here to protect your online activities during these uncertain times,
too.
Protect yourself
from threats to your security online with an extended trial of our
award-winning software.
As the COVID-19
pandemic has many organizations switching employees to remote work, a virtual
private network is essential for countering the increased security risks
Probably, you
have been forced to work
from home due to the COVID-19 outbreak (recommended to reduce the spread of
the virus). However, you are wondering how you will set up your VPN
to enable secure communication.
Well, don’t agonize too much; we shall first explain to you what a VPN entails. And then, provide you with a step by step procedure for setting a basic Virtual Private Network. Here we go!
First, what is a Virtual Private Network (VPN)?
Essentially, a
VPN is a private channel within a wider (open) network that enables you to
communicate with your peers (other nodes with similar settings) without leaking
your information through the use of encryption.
Besides, you can
utilize a VPN to initiate communication through any network without revealing
your location. In any case, a significant number of vendors deal with clients
needing such services to avoid being tracked or be able to bypass particular
network filters.
However, in our
case, we shall consider a home office VPN that will create a communication
tunnel for your practical and secure home office communication.
Is it necessary to set up a virtual private network?
For there to be
any communication between two endpoints ─ your pc and the computer in the main
office –, they must be configured.
In this case,
you’ll require the services of your IT department (if you have one), who will
guide you regarding the applications to install, as well as provide you with
VPN credentials depending on your needs. Upon installing and configuring the
said app, you can automatically establish communication through the provided
link. Easy-peasy, right?
On the other
hand, if you don’t have an IT department behind your back, then you may have to
do it yourself. These shouldn’t; however, scare you at all; it’s not as tough
as you might imagine.
But before we
explore the nitty-gritty of setting up the VPN, we first need to identify the
options we have. In our case, we shall examine two options:
Open VPN: standard in small
office/home office and business-class routers
IP Sec: Is Built-in and
commonly used by desktops, smartphones, and laptops
The Open Virtual Private Network
This type of VPN
has been around for a long time and has proved itself secure and reliable. It
is ideal for small office/ house offices, as well as business-class routers,
thanks to its open-source nature.
Procedure for installation
On a contemporary device, go to the router’s configuration screen and click the relevant buttons to access your office network
Download the configuration file generated by the router
Use this file to configure/setup the OpenVPN in your pc, smartphone, or desktop that you want to use to access the Network behind that particular router. In case you get stuck somewhere, you can download or follow an online tutorial for your specific router.
Download the required apps that will enable you to access your new home office VPN from this website.
Install the downloaded applications and then configure them using the files generated when setting up the Open VPN on your office router.
In
the event you find the going tough, you can always consult with an online
tutorial or IT personnel.
Internet Protocol Security
IPsec is also
another technology that has been in use for an extended period to provide
reasonable security. It utilizes the same working principles as the OpenVPN;
however, it is mostly used on lower-cost routers. Besides, it is a built-in
technology in most desktops, laptops, and smartphones; therefore, it eliminates
the need for installing another application on your device.
The installation
process is similar to that one of OpenVPN. However, implementing a particular
router IPsec can sometimes be a little more complicated compared to installing
an open VPN.
Fortunately,
with the use of native tools on your remote endpoints, you can offset this by
just typing in a few things, such as the required IP address and credentials.
Final thoughts
Conclusively,
these are some of the simplest virtual net protection options you can install on
your home system without requiring massive/no input from IT experts.
Importantly, you
will need a beefier than standard broadband for quick communication over the
VPN. Also, you may experience slower connections due to the much horsepower
required to keep the connection encrypted and tunneled. Nevertheless, this is a
small price to pay in exchange for a secure home office communication.
In case you
required any advice regarding VPN options or installation services, then ESET
has been here for you for over 30 years. We want to assure you that we will be
here to protect your online activities during these uncertain times, too.
Protect yourself from threats to your security online with an extended trial of our award-winning software.
ESET East Africa
