Two new studies reveal how serious the threats have become and offer some advice on how to protect your business.
Of all the ways businesses can be compromised, email remains one of the more potent – and two new studies reveal how that threat is getting worse.
“Spam accounts for nearly two-thirds (65 percent) of total email volume,” says Cisco's 2017 Annual Cybersecurity Report, and the “global spam volume is growing due to large and thriving spam-sending botnets.”
“About 8 percent to 10 percent of the global spam observed in 2016 could be classified as malicious,” the report continues. “The percentage of spam with malicious email attachments is increasing, and adversaries appear to be experimenting with a wide range of file types to help their campaigns succeed.”
The bad guys are also taking advantage of lapses in patching and updating software, luring users into socially engineered traps, and injecting malware into supposedly legitimate online content such as advertising, according to the report.
So these basic security measures may help:
- Use an email service with good spam filtering or using a good commercial spam filtering service such as Mailguard
- Keep all your software up to date – operating system, applications, add-ons, plug-ins and what-have-you
- Stay on the alert for emails and other communications – even if they appear to come from someone you know and trust – that aim to trick you into opening documents or visiting web pages that could contain malware or collect information that you shouldn't share with scammers.
Phishing for CEOs
Meanwhile, according to Sophos, recent research found that in 35 percent of surveyed phishing attacks the email had impersonated the business's own CEO.
Sophos APAC technology solutions director Justin Peters offers the following (slightly paraphrased) suggestions to help avoid being phished:
- Know what to look for: Check out the Australian Communications and Media Authority (ACMA) example screenshot for the fake login page for the ANZ bank, next to the real thing. ACMA's Scamwatch site also provides some tips for spotting fake emails (click on the "Clues for spotting a fake email" button.)
- Be wary of unsolicited attachments. Cybercriminals trade on our curiosity, so don't open such attachments just to find out what they are. Be particularly sceptical when receiving emails purporting to be from a bank, tax office or insurance provider. (We would add Australia Post and courier companies to that list.)
- Do not enable macros in document attachments received via email. Microsoft deliberately turned off auto-execution of macros by default years ago for good reason, so don’t let malware infections make a fool of you by tricking you into turning them on.
- Only use an account with administrator rights when you really need to. Opening malware documents while logged in as an administrator makes the cyber criminals' job so much easier. For your day to day usage ordinary user rights normally suffice.
The rise of Android malware and malicious adware
The Cisco report also pointed to the growing incidence of Android malware. Android Trojans are now among the ten most common types of malware. The usual advice is to only obtain apps from Google Play and other 'official' sources such as stores operated by carriers or phone makers.
There have been reports of malware getting into Google Play (see, for example, how HummingWhale Android malware infests Google Play). So adding a reputable security app to your Android devices could be a sensible precaution.
Other tips mentioned by Cisco include:
- Removing unnecessary plug-ins such as Flash
- Taking care when using OAuth to connect online applications with each other or with on-premises applications (check exactly what rights this gives an application to access data stored by other applications)
- Watching out for adware (a class of malware that downloads or displays advertising content that would not otherwise reach the computer, opening new opportunities to take control of the affected system).
Good security software should detect adware, but Cisco warns that: "Malicious adware is delivered through software bundles; publishers create one installer with a legitimate application along with dozens of malicious adware applications."
This is presumably happening without the knowledge or consent of the legitimate application's vendor, suggesting special care is needed when obtaining software through unofficial channels.