Sometimes Life Can be a Real Beach: Hackers Steal $800,000 from Cape Cod Community College

by

December 10, 2018

I guess it’s not all fun in the sun down on the Cape. Hackers just stole $800,000 from Cape Cod Community College via a phishing attack and some nasty malware.

Details are scarce, but MSSP Alliance has a great overview you can read here: https://www.msspalert.com/cybersecurity-breaches-and-attacks/phishing/hackers-steal-800000-from-college/?utm_medium=email&utm_source=sendpress&utm_campaign

Social Engineering attacks are nasty things. To refresh yourself on the topic click here: what-is-a-social-engineering-attack

If you don’t have the time to re-read that article we’ve taken some highlights and posted them below.

How can I stop a Social Engineering attack?

That’s a tough question to answer, but there are a few steps you can take to help prevent these kinds of attacks.

  • Slow down and control your emotions – Remember the attacker is trying to manipulate your emotions into making a quick reaction. The more time you take to think about the situation the more likely you’ll start to realize something’s up. We might be animals when it comes to our emotions, but we’re also brilliant.

By slowing down, our rational brain allows us to overcome our feelings.

  • Think about what you’re reading/seeing – The more time you give yourself for rational thought, the better off you are when it comes to seeing through the attacker’s ruse. Look for things like strange word choices or misspellings. Look for visual clues like off-brand graphics (if it comes from someplace like your bank or a store you frequent).

You’re more astute than you might give yourself credit for. If something seems off, it probably is.

  • Check to see who sent the message – Email masking is incredibly prominent in today’s world. Most email clients format the sender address so that it’s easier to discern who it’s from. The problem is attackers leverage this. If you’ve got the feeling the message you’re reading isn’t on the level check to see who sent it. If the name is familiar, but the email address isn’t there’s a good chance you’re experiencing a social engineering attack.

  • Don’t follow blind links – Links are easy to hide, just like email addresses. If you can’t discern where a web-link is going to send you don’t click on it. Always make sure to hover or right-click on an email link (whatever your email client is set up for) to see where it might send you.

  • Be wary of attachments – If you’ve gone through the steps mentioned above, you probably know what I’m going to say here. Don’t download attachments from people you don’t know. Heck, sometimes it’s a bad idea to download attachments from people that you do. Be on the lookout for e-mail attachments that appear to be Microsoft Word or Excel files. They might contain pretty nasty surprises.

Aditional Reading:

how-to-stop-a-tech-support-phone-scam

one-phish-two-phish-red-phish-blue-phish-dot-dot-dot/

Carl Keyser is a Digital Marketing Specialist at Integris.

Keep reading

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

As a business owner, it's important to make the most of your resources. This includes finding cost-effective solutions for managing and maintaining your company's technology. Keeping a competitive edge in your industry requires secure, modern tech that allows your...

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

If you’re wondering where to find top IT services in Minneapolis, it’s important to identify providers that offer a wide range of support, have great service and provide solid tech expertise. Comprehensive technology insight is especially important when it comes to IT...

Webinar: Email Security that Doesn’t Suck…

Webinar: Email Security that Doesn’t Suck…

Trustifi and Security 7 present Email Security That Doesn’t Suck.  In today’s age of over-complicated security tools, it is extremely difficult to manage the fine balance between security and productivity.   {% video_player "embed_player" overrideable=False,...