Phishing Attacks can Leave Your Company Exposed. Know What Hackers are Doing Today and Prevent Information Leaks.
Mia Ash is a confident, 29-year-old photographer from The United Kingdom and she has accounts on LinkedIn, Facebook, and Instagram. She loves indie music and posting selfies on her social media platforms. The only problem is, Mia Ash isn’t real.
Mia Ash is simply a fake persona used by the hacking group Cobalt Gypsy, and recently exposed by SecureWorks. Mia Ash’s main purpose is to lure high-ranking executives into giving up classified company information. In some cases, Mia even tricks them into allowing malware onto their company computers.
This act is called phishing and is becoming more common every day. Through the combination of social media and email, hackers are getting closer to you. Hackers are getting smarter, and it’s important for you and your business that you become smarter too.
It’s Better to Be Safe Than Sorry
On social media, generally you shouldn’t “friend” anyone you don’t know. This rule can be tough to follow with sites such as the business-networking platform, LinkedIn. LinkedIn is all about making business connections and spreading your name. Mia Ash, however, is the perfect example as to why you should think twice.
Like Mia Ash’s profile, many fake profiles on LinkedIn often seem too good to be true. The easiest way to spot a fake account is through their profile picture. Often the pictures look very clinical, flawless and similar to a stock photo found on the web.
In the case of Mia Ash, the hacking group pulled pictures from another person’s profile entirely, thus the pictures looked more natural and convincing. If you’re unsure, you can find out if the profile picture is fake or not through a reverse image search through Google or TinEye. There’s no harm in being skeptical when your personal information is at risk, and it can be an easy way to determine if an account is fake.
Keep it Private
Another important way to keep yourself safe from potential hacking is by regulating the privacy settings on your social media. If your social media platforms are completely public, it’s possible for hackers to use your web presence against you. With lax profile privacy, someone with ill intentions could gain access to almost everything about you.
From social media alone, someone can deduce your friends, your interests, your job, your hobbies, and even your email if you aren’t careful. With all this information out in the open, it’s easy for a hacker to fake familiarity and get close to you, which is the key to successful spear-phishing.
Beware of Spear-Phishers
Spear-phishing is the newest form of phishing that hackers are beginning to use. Spear-phishing is specifically through email, as email can be an easy way to gain access to someone’s information. It’s as simple as attaching a file containing malware to the email and waiting for you to open the file.
Spear-phishing relies heavily on familiarity. By either earning your trust or knowing your personal information through social media, a spear-phisher can work its way into your email inbox. A spear-phisher may disguise itself as a friend-of-a-friend, looking for you to fill out a survey, or a potential employee asking you to review his or her resume. It may seem innocent enough until you have a virus scraping your computer of its data.
The best way to spot a phishing email is normally through the spelling and grammar. If the phisher is using words incorrectly or the English seems to be broken, it’s probably fake. Along with this, if the email has a sense of urgency or a time constraint, you should be extra cautious moving forward. Because hackers are attempting to get something from you and move on, they’ll want to do so as quickly as possible.
You can help prevent the damage phishing causes by installing certain programs on your computer. Through an anti-malware program, you can help protect your computer and files if you encounter any malware through infected documents.
Overall, the best way to protect you or your businesses information is to protect your information on social media and handle everything carefully by using your best judgment. Remember if something feels wrong, it probably is wrong.
Madison Martin is a senior at Louisiana State University pursing a degree in mass communication with a specialization in digital advertising, and a minor in fine art. In her free time, Madison enjoys drawing, napping, and playing video games.
Work with Catapult Creative Media Inc.
Catapult Creative Media Inc. is a digital marketing and design agency serving clients over the United States but is proud to call Baton Rouge, Louisiana home. Founded in 2007, Catapult provides digital, social and mobile marketing solutions backed by relevant strategy and measurable results. Catapult works the web to their clients’ advantage, launching them to their next level of success.