This article highlights various ways in which cyber criminals use and create different methods & scenario’s to launch cyber attacks on individuals and through them on organisations and how they can be safe by using some safe cyber security practices.
In todays dynamic environment where Internet has become the ubiquitous part of our daily lives cybersecurity has taken the driving seat. Internet can become a live time bomb one is sitting on without cybersecurity. Cybercrimes have not only risen in numbers but also in the sophistication. From attacks on individuals or businesses as specific targets to now targeting the repositories of data, the cybercriminal has come a long way. Apart from these orchestrated attacks are those where innovative use of technology makes committing crime quite easy.

Cyber-attacks can be caused due to negligence and vulnerabilities. Few latest examples

The attack

“By targeting primarily financial-related keyword searches and ensuring that their malicious results are displayed, the attacker can attempt to maximize the conversion rate of their infections as they can be confident that infected users will be regularly using various financial platforms and thus will enable the attacker to quickly obtain credentials, banking and credit card information, etc. Targeted search keyword combinations include “nordea sweden bank account number”, “how to cancel a cheque commonwealth bank”, “al rajhi bank working hours during ramadan”, “free online books for bank clerk exam”, “bank of baroda account balance check”, and so on.

The poisoned search result would seem to be appropriate and benign, because the crooks have compromised legitimate websites that have been rated positively by many users:
Users who follow the malicious links are redirected via JavaScript through a number of compromised, intermediary sites, to the final one that serves a malicious Word document. The document is downloaded automatically, and the victims are prompted to open the file. If they do, they are prompted to “Enable Editing” and click “Enable Content”. This triggers the execution of a malicious macro, which finally downloads and executes the malware – in this case, a variant of the Zeus Panda banking Trojan – in several stages.

The malware does not run and removes itself if the target system uses the Russian, Belarusian, Ukrainian, or Kazakh language; if it detects that it is running in a virtual or sandbox environment (virtual sandboxing allows technology users to run unknown or suspicious programs in a controlled environment without sullying their entire network); or if it detects the presence of one of a number of tools and utilities that malware analysts usually run when analyzing malware.

Malware peddlers also usually employ spam, malvertising the practice of incorporating malware in online advertisements.), and watering hole attacks (Watering hole is a computer attack strategy, in which the victim is a particular group (organization, industry, or region. In this attack, the attacker guesses or observes which websites the group often uses and infects one or more of them with malware. Eventually, some member of the targeted group gets infected) to target users. Search result poisoning, is an attack method in which cybercriminals create malicious websites and use search engine optimization tactics to make them show up prominently in search results) is more often employed for tech support and fake AV scams (Some of you may remember the golden age of rogue antivirus software (AKA FakeAV) circa 2008. These programs that were often pushed via aggressive advertising and bundlers were designed to look like security scanners. However, they were stuffed with intentional fake detections for all sorts of Trojans and Worms)

The business model is simple but yet very effective. By using scare tactics to trick people into believing their computers were severely infected, the crooks were able to make millions of dollars selling license keys for the bogus software.
In fact, the redirection system and associated infrastructure the researchers mapped in this attack has previously been used to do just that and used the excuse of a Zeus infection (Trojan horse malware package) to trick users into contacting the fake tech support.
DDoS attacks, which flood their targets with junk data in order to knock them offline, have grown larger and more powerful every year since the teenage hacker MafiaBoy ushered in the year 2000 with an online assault which took down then-nascent e-commerce sites like Amazon, eBay and Yahoo.

We can use some effective cyber security practises to ensure our safety. Few of them are as follows:

  • Whether you are about to create a new social media account or you already have one, only enter the basic information required to get the account activatedand never provide excessive information that could put you at risk. If you’ve already added excess information set it to hidden; or better still, remove it from your profile.
  • Enable Privacy Settings, increase the default security settings, and set up alerts
  • Many social networks are open by default, privacy is basic or turned off, and security is optional. Review the privacy and security options available to you and enable them. Use an Authenticator application like Google, Microsoft, Symantec. Enable alerts and notifications on your accounts so you are quickly advised of any suspicious activity. Get notified when anyone attempts to tag you. Use $tr0ng3r passwords and change them at least once per year
    Never use the same password multiple times.
  • It’s best not to use a public Wi-Fi network without VPN. Rather use your cell network when security is important(3G/4G/LTE). Disable Auto Connect Wi-Fi or enable Ask to Join Networks. Hackers use Wi-Fi access points with common names like ‘Airport’ or ‘Café’ so your device will auto-connect without your knowledge.
  • Never opt to remember the Wi-Fi network on public access points. Use the latest web browsers as they have improved security for fake websites. This prevents someone from hosting their own ‘Facebook’ website, for example, waiting for you to enter your credentials. Do not click on suspicious links like videos, even via social chat.
  • Beware of advertisements. They could direct you to compromised websites.
  • Use a least privileged user or standard user while browsing as this will significantly reduce the possibility of malicious malware being installed. Always assume someone is monitoring your data over public Wi-Fi..
  • Do not access your sensitive data like financial information over public Wi-Fi. Do not change your passwords, and be wary of entering any personal credentials while using public Wi-Fi. If you have a mobile device with a personal hotspot function, choose this over public Wi-Fi where possible—but still be cautious. Limit on how often you like a status, follow a page, or allow an application to access your social media profile.
  • If you’re a frequent user of any social media platform be aware of the risks of liking posts, following pages or allowing different applications to access your profile.You’re accumulating a trail of activity that is time consuming, or even impossible to reverse. Before clicking on anything, stop, think and check if it is expected, valid and trusted
    We are a society of clickers; we like to click on hyperlinks.
  • Be cautious of any message you receive that contains a hyperlink, even if it looks like a legitimate message from a friend or a trusted organization. Stop and ask yourself if this message was expected. Do you know the person who sent it, and is it really from them? Or could they have been hacked? Could it be a phishing email—a message that looks exactly like one you might receive from a familiar organization but is really a set-up to get your information. If you’re unsure of the authenticity of the message contact the sender by phone or via a newmessage and ask if they sent you the link. It could be malware, ransomware, a remote access tool or something that could steal or access your data. Nearly 30% of people will click on malicious links.

We all need to be more aware and cautious. Before clicking, stop and think. This way you can stay safe rather than veer towards avoidance of technology and its innovative uses, emerging government policies and processes including making India ‘digital’ or ‘smart’ may make learning; not just to use technology but to also enable reasonable security practices as mandatory. The promotion of digital payment systems across India is just one example of government encouragement of use of technology in everyday life.Innovation and growth and changes that they bring about are inevitable, and running away from technology is definitely neither the answer to avoid harm nor is it really going to protect us in the long run. Stay Alert & Stay Safe !!

This article is by Shilpa Anja. Shilpa is one of our Senior folks at Arrka and loves to put various items together to make this a safer place for other citizens of the web.