The original LinkedIn 2012 databreach turns out to have been much larger than the estimated 6.5 million username and passwords that were stolen. There are really more than 100 million records compromised and LinkedIn is sending emails to these users that they need to change their password.
The bad guys however, are jumping on this as well and are sending phishing emails with a fake LinkedIn login page. If you fall for this scam and log in on their fake page, your credentials will be stolen and your LinkedIn account compromised and/or your computer infected with all kinds of malware.
If you receive an email that seems to come from LinkedIn, hover over the links and make sure they are legit before you click. Even better, do not click on anything and just go to LinkedIn using your browser and change your password. If you have used your LinkedIn password for other sites, it’s time to change those as well!”
Go to ww.LinkedIn.com, click Help, (bottom right) and choose Changing Your Password. In case you want to get another layer of password protection, LinkedIn also offers dual factor authentication by which you can have a one time numerical code sent to your smartphone each time you need to access your LinkedIn account.
Research from our partners has spotted an up and coming trend; malicious HTML “attackments” that are used for credentials phishing. There are a couple of reasons why the bad guys have taken a liking to HTML:
- Reduced chance of antivirus detection
- Users are familiar with this, and do not see harm
Bad guys are using .HTML attachments to spoof bank login pages, popular online services, and secure messages from financial institutions.
Internet criminals never stop trying to get past our spam filters and trick you into clicking on phishing links or opening malicious email attachments.
This is a warning against a new type of attack that uses an HTML attachment which tries to scam you into entering your user name and password.
HTML attachments are often used by banks for secure messages, so you might think that these are always safe. They are NOT. If you get an email with an HTML attachment, be just as careful as always and do not open it unless you have asked for it, or have verified with the sender that the attachment is legitimate.
Remember: Always Think Before You Click!
If you would like any information about how to protect your computer network from viruses and malicious attacks, please contact us to discuss your needs.
One thing that is driving mainstream recognition of ransomware is the move by the Dridex banking Trojan gang into ransomware with their Locky strain. They have taken over from CryptoWall, which from their perspective is just an upstart. Locky was linked to the notorious Dridex gang by both Palo Alto Networks and Proofpoint. The Russian Dridex criminal group is the most prominent operating banking malware.
The Dridex Locky ransomware strain isn’t more sophisticated than other latest generation crypto-ransom malware, but it is rapidly spreading to victim systems. Forbes claims that Locky is infecting approximately 90,000 systems per day and that it typically asks users for 0.5-1 Bitcoin (~420 dollars) to unlock their systems. Locky is disseminated through phishing emails containing Microsoft Word attachments. Each binary of Locky is reportedly uniquely hashed; consequently, signature-based detection is basically impossible.
The Dridex gang is the 800-pound gorilla in banking Trojans. Apparently they have seen the profit potential of ransomware and leveraged their extensive criminal infrastructure to get their Locky strain infecting as many machines as possible. Consequently, financial institutions are likely the next major sector to be actively targeted. The FBI just stated that the threat from ransomware is expected to grow, as per an article in the Wall Street Journal.
Five Things To Do About It
- Block any and all emails with .zip extensions and/or macros at your email gateway level.
- Disable Adobe Flash Player, Java and Silverlight if possible. These are used as attack vectors.
- Step all employees through effective security awareness training, so they can recognize the red flags related to ransomware attacks.
- Print out this free job aid, laminate it, and hand it out to employees so they can pin it on their wall.
- Do a Phishing Security Test on your users and find out if they are going to click on something they shouldn’t. Get started here: