Hackers Archives - NuTech Services LLC

Nov, 2022

Nothing Good Comes from Card Skimmers

Card skimming is a very real problem for companies and individuals alike, but there will always be those who are more impacted by these kinds of financial scams—particularly those who rely on prepaid cards provided by the government for food assistance and so on.

Skimming Losses Really Hurt Those Receiving Assistance

It has been confirmed by authorities that those who take advantage of Electronic Benefits Transfer, better known as EBT, which permits those paying for their food purchases through the Supplemental Nutrition Assistance Program, or SNAP, are at greater risk for loss from card skimming.

This is largely due to the way that the SNAP card works. The associated EBT account is debited to reimburse the store for the purchase, making the EBT card the same as a debit card. The card also has a PIN associated with it that allows the user to withdraw money from an ATM.

The issue with EBT cards is that they lack the protections that other payment cards have, like smart chip technology or fraud protections. SNAP funds can be stolen and spent, and without these protections in place, those who need the funds are left in a tight spot.

This shouldn’t come as a surprise to anyone who uses cards for payment—after all, hackers have been stealing card data for as long as they have existed—but they are getting much better at doing so inconspicuously. One way that they do this is through the use of card skimming devices which they hide inside cash machines, or those that are camouflaged to look like they are a part of the machine itself. This puts people at risk of having their card data stolen and duplicated by hackers and scammers, who can then use that information for fraudulent purchases or to sell them online to the highest bidder.

What Can You Do?

Until more states implement improved security measures for EBT cards, like eliminating the magnetic strip and replacing it with the modern security chips that other cards use, most of the security measures taken will depend on the user being more aware of how and where they are using their cards. Be on the lookout for signs that a machine has been tampered with, especially if the devices are found in a place that isn’t out in the open. And, of course, if you see something suspicious, say something so that others don’t become victims, too.

We want to help you be as secure as possible in your use of technology, so for more great tips and tricks, be sure to call us at 810.230.9455.

Oct, 2022

Why Security Questions are Terrible for Security

What is your mother’s maiden name? What street did you grow up on? What is your favorite movie?

How about: What good do you really think these questions are going to do to help keep your accounts any more secure?

Seriously, there are a few big problems with the security questions that a lot of businesses, websites, and other accounts rely on. Let’s discuss why these security questions don’t work, and what some alternatives might be.

So, What’s So Bad About These Security Questions?

Let’s walk through an example to illustrate just that!

So, let’s say I was a mean little cybercriminal, and I wanted to help myself to the contents of your bank account. So, I go to your bank’s website, which I confirmed by sending you a phishing message. I also happened to confirm your username (and why I didn’t just take your password along with it, the world may never know) which I can then input into the bank’s website.

Oh darn, I still need that password…or, I can click the handy little Forgot password? link next to the entry field. I’m presented with a few options for your security question, and I have an easy enough way to potentially deduce any of them.

What was your mother’s maiden name? Off to Facebook, for which you either haven’t set your privacy settings or an update reset them without your knowledge. From your profile, I can easily go through and find who your mother is, who just so happens to use her maiden name in her profile so old friends can find her. Security question answered.

What is your favorite book/movie/etc.? Again, Facebook can come in handy here, as it’s somewhat likely you set up your bank account’s web credentials at around the same time as your Facebook. Facebook lists out the books and movies and shows and general interests that people have, and these pages are never as popular as when a Facebook account is first created.

Otherwise, a little bit of perusing through your photos might tip me off, especially if I find countless pictures of you wearing Twilight merch in the early days of you having Facebook, or see lots of John Grisham novels in the background.

What was the name of your first pet? Once more, Facebook is a handy resource. All I’d have to do is search a profile for any mention of a pet and I’ve got a pretty good chance of finding the answer.

Once I’ve completed my bit of Facebook snooping, I can simply give the bank the answers they need for their “security” questions, and I now have total access to your finances.

Keep in mind that Facebook is just one social media platform, too. By posting our entire lives on the platform, we’re putting a lot of trust in their security and in our own capabilities not to overshare or create secure passwords.

It Gets Worse, Too

While it’s getting to be a little old at this point, a study conducted by Google back in 2015 found that many of these security questions have horrifyingly predictable answers.

For instance, the study found that an attacker had a 19.7% chance of correctly answering, “What is your favorite food?” if they only had one guess and knew that the user spoke English. If a user spoke Arabic and the attacker had ten guesses, they had a 24% chance of correctly answering “What was your first teacher’s name?” If the targeted user spoke Korean, ten guesses gave the attacker a 43% chance of answering “What is your favorite food?”

That’s not even mentioning how the cultural differences between the person writing the questions and the person using them to secure their account can pigeonhole the user into selecting a more-easily-guessed answer because these cultural differences make for different experiences. Maiden names aren’t a globally-accepted tradition, after all.

Finally, if the attacker has a bit of technical skill, they can always try a brute-force attack against the recovery question—which, without the complexity requirements that passwords are subject to, is likely to take much less time.

So, If Not Security Questions, What Can We Use to Secure Accounts?

There are a few measures that can be taken to improve security safeguards. For instance, multi-factor authentication and biometrics can make it easier to access your accounts, without making it easier for attackers to do so.

Reach out to us today to learn more about the different authentication and security measures that we can help you implement. Give us a call at 810.230.9455 today!

Oh, and go check that your social media accounts have the right privacy settings.

Oct, 2022

Multi-Factor Authentication isn’t Infallible, But It Shouldn’t Be Abandoned

We haven’t been shy about pushing for multi-factor authentication, AKA MFA, and there’s a reason for that: if implemented correctly, it can help prevent many cyberthreats. Having said that, cybercriminals have managed to find a way to undermine MFA. Let’s consider how they’ve managed to do this.

First, let’s examine why we’ve trusted MFA up to this point:

What Makes Multi-Factor Authentication as Effective as It Is?

Phishing—or the act of manipulating the user, instead of the computer system, in order to gain access to data—has become a hugely common tactic, mainly because it works. Hackers are also still able to guess weak passwords and gain access. MFA adds an additional layer of security by requiring an additional proof of identity. Without this credential—typically something other than a password that’s harder to replicate—a hacker theoretically can’t get in.

Unfortunately, this is no longer always the case.

Hackers Have Figured Out Ways to Work Around MFA

Microsoft has observed a few recent attacks that demonstrate that hackers can in fact bypass MFA protocols that businesses put in place. The term bypass is important. It isn’t that hackers have cracked MFA, they’ve just figured out how to get around it.

It’s like driving through a city to find that your normal route is under construction, so traffic has slowed to a crawl. Sure, you could simply wait it out and hope to get through in a reasonable amount of time, or you could find another route.

Most hackers use something called an adversary-in-the-middle attack. The hacker sets up a proxy server between their target and the service they want the credentials for. By phishing their target, the hacker is able to steal both their password and the session cookie. This way, the user accesses their account as normal, with no knowledge that it’s been undermined, while the hacker gets what they want.

Hackers Have Used Other Methods, Too

MFA can be worked around in other ways, as well. MFA systems that rely on text messages or emails with single-use codes have little defense against a user being convinced to provide these codes as they are generated. Trojans can be used to spy on users, while other means can take over the devices used to actually authenticate the involved systems. Like many other forms of cybersecurity, it really comes down to how vigilant the user is.

So, How Do You Keep Your Business Systems Secure?

In our humble (expert, but still humble) opinion, the best cybersecurity strategy is one that relies on both the right technical security system and the capabilities of the people using it, working in tandem to better secure the protected assets. This is why we still recommend, even encourage, businesses to implement MFA despite these security hiccups. Our one caveat is that these businesses also need to educate their teams as to their importance.

We can help you do both, implementing enterprise-grade security while also providing comprehensive cybersecurity training and testing to ensure your business is as prepared as possible. Reach out to us today to learn more about how we can assist your business by calling 810.230.9455.

Oct, 2022

Who’s Sitting at the Other Keyboard While You’re Being Attacked?

It can be too easy to think about hackers and cybercriminals in an almost abstract way, diminishing them to little more than a faceless entity at a keyboard. Naturally, this is far from the truth. Let’s examine the reality of the cybercrime industry, which actually does as much harm to the perpetrators as it does to the people they scam…if not more.

How is this possible? Well, all one has to do is look at an ad that was up on the White Shark Channel of the Telegram messaging service:

“Selling a Chinese man in Sihanoukville just smuggled from China. 22 years old with an ID card, typing very slow.”

That ad, listing the sale of a human being, offered a price of about $10,000.

Many of the People Actively Operating These Scams Have Been Defrauded and Enslaved

Imagine that you were offered an employment opportunity that had a good enough offer that you agreed to travel to their location, only to be held there against your will and forced to work, under threat of physical beatings, torture, and starvation.

This is the reality for tens of thousands of people from China, Taiwan, Thailand, and Vietnam. Promising employment opportunities, victims are lured in and forced to work defrauding people online, all around the world. These victims are held captive, forced to engage in fraud until their negligible wages allow them to pay the fee to leave.

The thing is, these victims are regularly moved or sold to other organizations, with the price of freedom rising by a few thousand dollars each time.

These people are then forced to engage in “pig butchering” scams, where the scammer metaphorically fattens up their target before going in for the kill. Essentially, the scammer—pretending to form a friendship or even a romantic relationship—draws as much money from their target into an investment platform, but once the target is out of cash, the scammer cuts them off and makes off with the funds. Naturally, this kind of fraud isn’t reported very often, largely because of the shame associated with being bamboozled and betrayed in such a fashion.

These operations have this process down, to the point where documentation is provided to their enslaved workforce. They are encouraged to create social media accounts for their fraudulent personas, with photos available from specialized websites for this specific use. These profiles are then populated with photos and interests that communicate affluence, like those of luxury cars or posts about investing. They are even encouraged in one example of the scammer’s documentation to focus on family values, as this sort of belief helps encourage trust from others.

Once these profiles are created, these trafficking victims are then expected to reach out to their prospective victims. One forced scammer reported working on a team of eight such scammers, organized under a leader, and provided with 10 phones each to use as they reached out to a list of names in an attempt to draw them into these scams. From there, the scammers take note of any promising information that those who respond reveal, to see if there are any “pain points” to take advantage of. This “customer mapping” gives the attackers the opportunity to gauge how promising of a mark an individual may be.

Meanwhile, all of this is done behind bars, with barbed wire fences. Calling the police isn’t really an option for victims, either, as they will be harshly punished for doing so and likely sold to another operation…ultimately increasing the price for their freedom further. In addition, they are also coerced into making statements that absolve the company of any misdeeds.

Is What Forced Scammers Do Bad? Absolutely…But For Many, It Isn’t Their Choice

Don’t get us wrong: we are in no way apologizing for what hackers and scammers do. We just want to point out that, in many cases, the person actually taking advantage of you is just as much a victim as you are (and arguably, more so).

It’s also worth understanding that criminals treat cybersecurity like a business, albeit they are doing a wide range of horrifying and abhorrent things to accomplish their goals, it’s organized and optimized like a business that’s designed to cause harm.

Regardless, it is important that you and your team are able to identify and mitigate as many of any scammers’ attempts as possible. We’re here to help you do that, amongst our other services. Give us a call at 810.230.9455 to find out more about how we can help protect you.

Sep, 2022

Hackers Circumvent Traditional Cybersecurity with Phishing

Business owners often get unsolicited emails from individuals who want to sell them goods, services, or products. Depending on the message, they might even come across as a bit suspicious, prompting you to question the authenticity of the email. If you’re not careful, you might accidentally expose your organization by clicking on the wrong link in the wrong email, thus falling victim to the oldest trick in the book: the phishing attack.

The greatest threat from phishing attacks often comes from the fact that you might not expect a particular type of phishing scam. Phishing attacks are growing increasingly more common, and it’s for a very good reason: they work. Cybersecurity professionals have their work cut out for them, as hackers are frequently trying to overcome the latest security measures out there by utilizing a stagnant part of most companies’ security infrastructures: their employees.

Phishing attacks can come in countless different forms, and they all target the human element of your company’s security infrastructure. Whether it’s an unsolicited email, a phone call asking for sensitive information, a physical mailer asking you to pay a fine or fee, or even text messages asking you to click on links to confirm shipping details for an order you can’t recall placing, they all circumvent your most carefully placed security measures by leveraging your employees.

Furthermore, some phishing messages are so convincing and well thought out that spam filters might not even catch them in the process. If a hacker invests time into researching your business—including the recipient of the email—they could be so personalized that they can circumvent the spam filter entirely. These are very real threats to your organization, and if users don’t know what to look for, they could make a mistake that is hard to walk away from unscathed.

At the end of the day, the best way to combat phishing messages is not to implement the best security solutions on the market (although they do go a long way); it’s to train your employees on how to identify and respond to security threats like phishing messages so they don’t fall for social engineering tactics.

We always encourage businesses to use an enterprise-grade spam filter, but we also want them to train their employees to address threats in a way that minimizes risk. These are preventative measures that address issues before they become significant problems or detriments. They aren’t going to solve all of your problems, but they will prevent most of them from evolving into bigger and more dangerous ones. As per usual, your security is only going to be effective if people are aware of your solutions and policies.

While we cannot guarantee that you’ll never encounter a phishing attack again, acknowledging that these issues will appear from time to time can go a long way toward preparing to handle them effectively. NuTech Services can help your business acquire the IT resources and training needed to take the fight to phishing attacks. To learn more, contact us today at 810.230.9455.

Aug, 2022

We Think You Should Know What Social Engineering Is

Social engineering is a dangerous threat that could derail even the most prepared business. Even if you implement the best security solutions on the market, they mean nothing if a cybercriminal tricks you into acting impulsively. Let’s go over specific methods of social engineering that hackers might use to trick you.

Let’s start with a look at what social engineering is and why it works so well on users.

Social Engineering Targets the Human Part of Your Brain

Social engineering is designed to get you to act impulsively. In other words, it’s the manipulation of your emotions and thought processes. If we hear that something needs to be done, and it comes from someone whom we believe and respect, then we will naturally want to perform the task, even if it might not necessarily make sense in the moment.

In regards to business and social engineering, the stakes are considerably higher than if someone were to play a prank or a trick on you. In these cases, social engineering tactics prey on the fears and anxieties associated with the workplace. All of this takes some preparation on the hacker’s part. Here are some of the steps involved in this process, from the hacker’s perspective.

The Steps Involved in a Social Engineering Attack

Depending on the target and the victim, the social engineering attack might go through various stages. More often than not, the attacker will plan out their attack through the use of research. Let’s get in the mindset of an attacker to see it from their perspective.

If you wanted to attack a company, for example, you might first collect as much data as you could. The Internet can be a treasure trove of information on its employees thanks to its open nature, and you might be able to find information publicly on social media and networking sites like LinkedIn, Facebook, and others. You might discover some of the likes and dislikes of these employees. Afterward, it is just a matter of using this information in a way that gets the user to act a certain way.

There are other ways of going about an attack, too, like fear tactics. Employees don’t want to get in trouble in the workplace, and if they get a message from someone claiming to be their boss, they will likely act to keep their integrity and job in check.

A resourceful attacker might use a combination of both to get their way. If someone posts a picture on social media with their webcam in the background, the attacker could use this to instill fear in the user’s heart that they have been caught doing incriminating things. The attacker might then threaten to release the footage to personal or professional contacts, and then they might demand a ransom in exchange for not doing so.

How Can Your Team Avoid Social Engineering Attacks?

If you want to help your team avoid social engineering attacks, it starts with helping them spot some of the dead giveaway signs:

Messaging and tone that incites fear or makes a threat
Links that were not requested and don’t match their apparent destination when you hover over them
Close-but-not-quite email addresses and domain names
Malicious email attachments

It also never hurts to confirm the identity of the message’s sender through secondary means. You might go check on your boss to make sure that the message came from them, or you might contact the third party that the message claims to be through a number you might have on record. As long as your employees are aware that social engineering exists and that they can become the target of attacks, then you can’t go wrong here.

Let Us Help You Get Ready for These Threats

We want to help you ensure that your team is ready to tackle important security problems in a way that doesn’t put your organization at risk. To learn more, reach out to us at 810.230.9455.

Jul, 2022

Get Your Cybersecurity Answers with Penetration Testing

Hacking attacks can be stressful to manage, but when you add in that they can strike when you least expect them to, it gets a lot worse. You’ll never know how you respond to such an event unless you simulate it and replicate it somehow. This is what the penetration test is used for; it provides your business with a way to prepare for cyberattacks.

Understanding the Penetration Test

When you perform a penetration test, you check your infrastructure to see where it cracks against a cybersecurity attack. These tests are performed by trained IT professionals who simulate the methods used by real-life attackers. The goal is to find where your business might be most vulnerable to infiltration.

A penetration test will often be performed with a goal in mind. You might need to know which systems are most vulnerable to hackers, and in the process, you might discover that one particular system is more vulnerable than you previously thought. Penetration tests are vital to stopping data breaches and for laying out how you plan to respond to them. It’s much better to keep issues from developing into larger problems.

The Various Types of Testing

First, we should outline the difference between a penetration test and a vulnerability assessment. With the latter, you are just getting a list of what needs to be addressed, while a penetration test is more of a simulated attack against your infrastructure to see how it responds to the attack. Here are three ways that a penetration test is generally performed:

Black box testing – The tester goes in blind; in other words, they know nothing about the network or what to target. This type of testing might be used if there are no specific problems that need to be addressed.
White box testing – The tester goes in with full understanding of the network, often looking for specific problems that need to be addressed.
Gray box testing – The tester has partial knowledge of the network. In other words, they don’t have the whole picture, but they have some of it.

The results will show just how far the data breach got, what was stolen, and other important metrics that you’ll need to keep in mind for resolving problems like these in the future. Not all security plans are fool-proof, which is why there is a necessity for such a test in the first place. It’s up to you and your security team to ensure that such an attack cannot occur for real.

Get Started Today

Small businesses can often struggle with technology management, especially with so few resources at their disposal compared to larger enterprises. This is why we offer comprehensive IT solutions that can fit into just about any budget. If your business can overcome the challenges presented by cybersecurity, then you can go about your day-to-day operations with greater confidence.

To learn more about how we can assist with penetration testing and other proactive, preventative security measures, reach out to NuTech Services at 810.230.9455.

Jul, 2022

A Look Back at Q1 2022’s Worst Data Breaches

Despite their best efforts, cybersecurity can be a major cause for concern for all kinds of businesses and organizations. Even with a full team of cybersecurity professionals, data breaches can occur, and many of the worst data breaches of 2022 have been quite devastating. Let’s take a look at some of the worst ones so far.

We want to emphasize that data breaches can happen to anyone, not just high-profile businesses. You’ll need to invest not just in protecting your business, but also in training your staff. If you want some help with this, you can contact NuTech Services for any and all concerns with your cybersecurity.

January 2022

Crypto.com

January 17 saw the cryptocurrency market become the target of a hacking attack. In this particular attack, 480 users’ cryptocurrency wallets on Crypto.com were targeted, with the hackers making off with $18 million in Bitcoin and $15 million in Ethereum and other currencies. The hackers managed to bypass the two-factor authentication to gain access to these wallets.

Tourisme Montreal

A hacking group called Karakurt targeted Montreal’s tourism agency. This hacking group became known all over the world for its extortion tactics, stealing data and demanding payment, threatening to release the data if the victim didn’t pay up. Over 60 million people were affected by this prolonged six-month attack.

Bernalillo County, New Mexico

Bernalillo County became the victim of a ransomware attack that forced the county office to close during the first week of January. This attack prevented employees from accessing local databases, which in turn kept them from doing their jobs. As a result, the county implemented cybersecurity policies and invested $2 million in revamping their computing infrastructure.

Ukraine

Before Russia invaded Ukraine, the latter was targeted by a cyberattack threatening the Ukrainian government that they should “be afraid and wait for the worst.” This attack brought down the Ministry of Foreign Affairs and other agency databases, and Ukrainian citizens were directed to the nation’s social media channels until the issue was taken care of.

February 2022

GiveSendGo

A Christian fundraising website called GiveSendGo became the target of a politically motivated data breach. The hackers redirected visitors to the Canadian Freedom Convoy protestors, all while posting the personal information of the 90,000 donors to the Freedom Convoy on the website.

Oiltanking Deutschland GmbH & Co.

A major supplier of fuel for Germany, Oiltanking Deutschland GmbH & Co., was forced to declare “force majeure” and scale back operations following a cyberattack. This declaration resulted in them being absolved of their contractual obligations for a limited time. This incident is estimated to cause the company over $4.5 billion in ransomware demands, downtime, and other costs.

Wormhole

A blockchain company called Wormhole had about $324 million in cryptocurrency stolen by hackers, resulting in a loss of 120,000 wETH (wrapped Ethereum). The company went offline to handle maintenance with a loss of millions of dollars. The company even put out a bug bounty of $10 million to learn more about the cause of the hack.

Washington State

Over 250,000 Washington residents had their personal data exposed as a result of the Washington State Department of Licensing database breach. They had to momentarily shut down their POLARIS system thanks to the breach. Some of the data stolen included personal and financial information for any vocation in Washington that needed a license.

San Francisco 49ers

The NFL team became the target of a ransomware attack, resulting in hackers making off with some of the team’s financial data. The hacking group responsible, BlackByte, gave the 49ers enough of a shock to restructure their entire cybersecurity strategy (but not before paying the ransom).

Ukraine

In the moments leading up to the Russian assault on Ukraine, websites for the Ukrainian army, the defense ministry, and most of their major banks were brought down.

OpenSea

In a heist involving hundreds of NFTs and $1.7 million, users on the peer-to-peer networks of OpenSea were tricked into signing a malicious payload that authorized free gifts of NFTs back to the hacker.

March 2020

Viasat

Millions of broadband subscribers in eastern Europe lost access to their Internet networks as a result of a major cyberattack against Viasat. The company confirmed that it was indeed a cyberattack that brought down these connections—a DDoS attack, specifically.

Samsung

A hacking collective called Lapsus$ managed to steal 190GB of proprietary information from Samsung. The hacking group also teased the hack on social media claiming that they had “confidential Samsung source code.”

At Least Six US States

A cyber attacking group, called APT41, sponsored by the Chinese government took over the computing infrastructures of at least six U.S. states. This breach was a supposed espionage mission carried out by some of the most wanted cybercriminals out there.

Ubisoft

Ubisoft, a France-based video game developer, had its operations disrupted for several days following a cyberattack. Although no personal information was stolen, it became clear later on that Lapsus$ were the culprits behind the attack.

Israel

The Israeli government had their websites taken offline for over an hour thanks to a cyberattack. It was so bad that the National Cyber Directorate declared a state of emergency. It is thought that it was a state-sponsored DDoS attack.

Jefferson Dental and Orthodontics

Jefferson Dental and Orthodontics became the target of a data breach that affected over a million Texans. Hackers stole Social Security numbers, driver’s license numbers, health information, and financial data.

Microsoft

Lapsus$ struck again when it leaked the source code for Microsoft’s Bing search engine and Cortana personal assistant. All it took was compromising a single account. Microsoft was able to shut down the operation before more was stolen.

ELTA

The National Postal Service for Greece was hit by a ransomware attack. Even though the hack was caught early on, operations were brought to a halt. Over 1,400 physical locations were affected, and operations had to be shut down for some time.

Axie Infinity

A cryptocurrency startup tied to Axie Infinity became the target of hackers, resulting in a loss of $540 million. Hackers gained access through the game and emptied users’ crypto accounts, something which became the second largest cryptocurrency theft thus far.

These attacks were the result of various threat methods and actors, proving that your organization cannot overlook anything security-related. NuTech Services can protect your business and help you implement better security practices and solutions. To learn more, reach out to us at 810.230.9455.

May, 2022

How to Know You’re Being Targeted by a Phishing Attack

Phishing attacks are serious business, so it is important that your team members know what they are, for one, and know how to spot them. To facilitate this, let’s review the signs of a phishing attack—or ideally, a phishing attempt (because by spotting it, you’re more able to stop it).

First, let’s quickly touch on what constitutes a phishing attack.

What is Phishing?

Phishing is a horribly common form of cyberattack that is used by cybercriminals to accomplish a variety of goals, whether it’s gaining access to a system or stealing data from your team members. Basically, by posing as a trusted party and communicating with your team members, the responsible cybercriminal leverages the imperfect human element to sidestep your cybersecurity.

Phishing, while perhaps most well-known as an email-centric threat, can take place in many forms and formats. In addition to phishing emails—which themselves come in numerous forms—phishing attacks can also come in the form of SMS messages, phone calls, and effectively any other means of communication.

This makes it crucial that your team is prepared to deal with these attempts—capable of spotting them and properly reacting by reporting their suspicions to your IT resource.

To this end, let’s go over a few ways that your team members can potentially catch a phishing attack before they fall for it.

Signs That a Phishing Attack is Targeting You

There are numerous signs that a message could potentially be a disguised phishing attack. Here’s a basic list, but you can always reach out to us at 810.230.9455 to learn more about any or all of these warning signs::

A tone that doesn’t match the supposed sender
Misspellings and other discrepancies in key details, like email addresses, domain names, and links
Out-of-the-blue messages
Egregious spelling and grammar errors
Unexpected or out-of-context attachments
Excessive urgency behind, or open threats as a consequence of, not complying with the message
Ambiguous messages that motivate the recipient to investigate
Unusual requests, or requests for explicitly sensitive information

It’s important that your team is aware of these warning signs and actively keeps them in mind when dealing with any business communications.

We’re Here to Help Keep Your Team Safe!

Reach out to us to find out how we can assist you in maintaining your business’ security against threats of various kinds, including phishing attempts. Give us a call at 810.230.9455 today.

Apr, 2022

Data Scraping Explained

There are times when you, as a business owner, might receive unsolicited emails from organizations asking you to try a product or asking for your input on something. More likely than not, the one responsible used data scraping to get your contact information. If it’s used appropriately, data scraping can be an effective marketing tool, but it can also be utilized by scammers to make your life miserable.

What is Data Scraping?

Data, or web scraping, is when you export data from a web page to a spreadsheet or local file. Chances are that this is the method you’ve used when taking data off the Internet or a web page. Basically, it’s as simple as data transfer, taking it and moving it to a different location in the form of a file on your computer. This file can be manipulated and adjusted as needed. It’s not the best method of transferring data, but it’s useful for certain situations.

How Can It Be Used?

Here are some of the ways an average business might use data scraping:

Comparing the costs of various goods, products, or services in one single document.
Conducting market research to generate new leads; this is primarily for public data sources, as depending on the location, data scraping of directories, websites, or social media can be illegal.
Researching web content for the purposes of building up your business.
Gathering data for easy analysis and providing it with structure

There are other uses for data scraping, but this should give you a broad general understanding of how it might be used by businesses. It can help you find the best deal on a product, research your competitors, compile data from a web source, and so on. There are plenty of tools out there that can make the process easy and efficient—just get in touch with us and we can point you in the right direction.

What About Hackers?

Data scraping can be used by people for email harvesting, particularly when it comes to scammers and hackers. Many organizations house employee contact information in a publicly available directory on their websites. If someone can scrape this information, they can sell it to spammers and hackers, and you don’t need us to tell you that this information being used in spam and phishing campaigns is bad news. Plus, depending on the location, using this information for commercial purposes is illegal, and it leaves a bad taste in peoples’ mouths. This doesn’t stop scammers and spammers, though, so you’d best be on your guard.

We want to make sure that you stay apprised of the latest practices in business technology, so be sure to follow our blog! We cover interesting topics such as this, as well as other topics related to IT, cybersecurity, and technology best practices.

Jan, 2022

Malware is Everywhere. Even Your Ads

Do you ever see an advertisement for a free download of a popular Windows application and think, “Wow, this sure sounds too good to be true!”? Well, it most definitely is, and hackers use these malvertisements to infect computers with malware and other threats. Specifically, malvertising is used to download three different types of malware, all of which can cause harm to unwary businesses.

This particular type of malvertisement threat, a new campaign targeting users in Canada, the United States, Europe, Australia, and Nigeria, aims to capture usernames, passwords, and other sensitive credentials from users.

The three types of malware commonly installed through this new malvertising campaign–dubbed Magnat by Cisco Talos–include, according to ZDNet, a malicious browser extension that has the same capabilities as Trojan malware. In other words, it provides a backdoor entrance to the user’s system. This malware is as-yet undocumented and appears to be custom-built, and it has been developed over the course of the past several years. The other malware installed using this campaign is a password stealer.

While the malicious browser extension (also a keylogger) itself and the password stealer are cookie-cutter malware that have been around for quite some time, the backdoor is something else entirely. The backdoor, dubbed MagnatBackdoor by researchers, allows attackers to gain remote control over a PC without being detected. It also adds a new user and installs keyloggers and other malware that allow the attackers to steal information like usernames, passwords, and other sensitive credentials. According to researchers, the threat works much like a banking trojan, and aims to steal credentials for either individual sale on the Dark Web or for use by the attackers.

The malware is primarily distributed through malicious adverts–advertisements that link to malicious file downloads–for popular software solutions. These campaigns are obviously causes for concern, but it’s important to remember that they are nothing new. We have been around the block a time or two with these types of threats, so we know how to combat them. Malvertisement is not a new concept, and it has been around for a long time, so it’s no surprise that hackers would continue to use this avenue to infect PCs.

NuTech Services can help your business stay secure from online threats of all kinds, and while we cannot stop your employees from clicking on questionable advertisements, we can help to inform them of why they shouldn’t be doing such a thing in the first place, and block a lot of bad content before it gets to them. To learn more about what we can do for your business, contact us at 810.230.9455.

Dec, 2021

Hackers Aren’t Always Thieves

When we think about security and hackers, it’s easy to think of them all as the bad guys. However, this is far from the truth. Just like with other areas of life, there is a shade of gray involved with hacking, and there are good guys that use these skills to benefit others while the bad guys try to exploit them for their gain.

The hackers who use their skills to benefit others are called white-hat hackers, whereas the ones who abuse their powers are called black-hat hackers. What can we learn about the practice of hacking from these two groups of hackers, and why is it important to see it as two different sectors of the same art? Let’s dive in.

Hacking of a Different Kind

These days, the word “hacker” can be used synonymously with someone who makes a task easier, like a “life hacker” so to speak. However, in the programming and cybersecurity space, a hacker is someone who has devoted their life to understanding the inner workings of computers and IT systems. It wasn’t until people decided that they wanted to use this knowledge for ill intentions that hacking became a bad or dirty thing.

Ethical Hackers: Using Skills for the Collective Whole

In many cases, companies will hire ethical hackers to discover threats or vulnerabilities in their software or network so that they can be located preemptively and resolved before they become issues. You can think about it as a more advanced type of penetration testing; someone is actively seeking access to your network, but they are doing it so you can fix the issues leading to it.

Threat-Actor Hackers: Using Their Knowledge to Create Chaos

These types of hackers are the ones you have to watch out for; they use their skills to perform all sorts of nefarious and illegal activities, including extortion, theft, and so on. These hackers are the reason why others get such a bad rap. Unlike ethical hackers, these threat actors are unpredictable and use their skills to create problems for countless individuals around the world.

Don’t Let Security Scare You to Inaction

Despite knowing that there are people out there using their hacking skills to learn more about the systems and enabling others to resolve issues with their networks, you still need to take action of your own against threats of all kinds. For every ethical hacker, there are hundreds of others who want to see your business suffer. Don’t let these folks keep you from running an effective organization for your clients and employees.

NuTech Services can help your business implement security solutions to keep it safe. In a sense, you can think of us as ethical hackers of sorts; we can run a penetration test to help identify weaknesses in your network. We can then help you shore them up. To learn more, reach out to us at 810.230.9455.

Dec, 2021

Preparing for the Next Wave of Cyberthreats

The past couple of years have been difficult for businesses, regardless of if they are large organizations or small businesses. Likewise, cybersecurity has been a challenge. Let’s take a look at what 2022 could pose for cybersecurity, especially considering recent trends.

Prediction: Attacks Will Shift in Method and Severity

The increase in remote and hybrid work has been great for companies that are able to support these kinds of operations, but there are certain tradeoffs, including security.

Remote Work Has Increased the Attack Surface

Working remotely can do wonders to protect the health and safety of your employees, but it does increase the opportunity for them to fall victim to hacking attacks. Their home networks are likely nowhere near as secure as your in-house network is, so you’ll have to encourage your users to stay alert and remain vigilant, especially while out of the office. All it takes is one unsecured smart device to create a problem for your organization.

Hackers Will Do Their Homework

You can also expect hackers to seek out new vulnerabilities that coincide with where their victims are located and which devices/solutions they are using. There is always a risk when using a new software solution, especially when new patches and updates could potentially bring with them new vulnerabilities in the form of a zero-day attack. Attackers are always trying to use new and developing technologies to their advantage, too, such is the case with deepfake technology.

Prediction: Attacks Will Change Their Targets

It’s expected that breaches will target different types of victims over the next year, and that the largest breaches will target the cryptocurrency space. Even so, we would be surprised to see this shift creating even less of a danger for businesses, so you’ll still want to protect yourself whenever possible.

Prediction: Attacks Will Still Rely on Familiar Methods

Many vulnerabilities stem from failing to update systems in an appropriate manner, so it’s of critical importance that these vulnerabilities are patched as soon as possible, especially in the business technology sector.

Attacks On End Users Will Continue

It’s safe to say that phishing and other cyberthreats are not going anywhere, placing the end user in a precarious position. This is especially true if people continue to work from home without a concerted effort to increase cybersecurity awareness. You must take measures to increase awareness of the risks of working remotely and of the threats that are found online.

We might want to say that the future is bright for security, but you can never count on it being too bright. What you can count on, however, is that NuTech Services will be there to help you out each step of the way. To learn more about how we can help you protect your business, reach out to us at 810.230.9455.

Oct, 2021

Three Signs Your Computer Has Been Hacked

Dealing with a hacked computer can be scary, but depending on the severity of the hack, you might not even know your infrastructure has been breached until it’s too late to stop it, putting you in a reactionary position. Let’s go over some of the telltale signs of a computer hack and what you should do about it.

Increased Network Traffic

Over time you will grow accustomed to a certain level of network traffic on your company’s infrastructure, including the devices connected to it, the devices communicating with it, the endpoints utilizing your Internet connection, and so on. The second you have an increase in your network traffic should be your first clue that something is wrong. Oftentimes, an increase in network traffic could mean that a trojan or backdoor has installed itself on your network, meaning that some hacker somewhere is using your network for some nefarious purpose.

Computer Slowdown

Similar to the previous point is any noticeable difference in your computer or network’s operational functioning. While a slowdown does not necessarily mean that you have been hacked, it is a telltale sign that something is not working as intended and should be looked into anyway. It just so happens that one of the more common slowdown causes is malware and other threats installing themselves on your device or network, so be sure to investigate slowdowns accordingly.

Pop-ups and Other Annoyances

Perhaps one of the most obvious signs of a hacking attack on your computer is a plethora of obtrusive and sometimes downright disturbing ads, as well as other unexplained phenomena. Malware will often install ads that contain malicious links, leading to even deeper-rooted problems than those currently in place on your computer. Furthermore, some malware will install files, delete files, move them, or otherwise create inconsistencies that cannot be explained otherwise.

Basically, when it comes to the more low-profile hacks on your computer (you know, the ones that aren’t blasting you with ads every five seconds), most telltale signs of a hacking attack involve noticing inconsistencies and acting to find the source of them.

The scary thing about many of these signs is that they could also be caused by other things on your infrastructure, so it is generally a best practice to contact your IT provider if you suspect that your network or device has been infected by malware or other threats. It’s also a best practice to actively monitor your network for these issues so as to prevent major data breaches or to mitigate damage.

NuTech Services can equip your business with the tools necessary to take these precautions. To learn more, reach out to us at 810.230.9455.

Sep, 2021

The OnePercent Group: A Slightly Different Approach to Ransomware

A recent trend even amongst ransomware threats is that the FBI is issuing warnings regarding how dangerous it is or how difficult certain variants are. This particular threat—the OnePercent ransomware gang—is no exception. Let’s break down what you need to know about the OnePercent Group and how you can prepare to handle attacks not just from this threat, but most ransomware threats.

What is the OnePercent Group?

The OnePercent Group is a ransomware gang that has been targeting companies since November of 2020. The gang sends out emails in an attempt to convince users to download an infected Word document in a ZIP file. These types of social engineering tactics are surprisingly effective, as people often impulsively download files sent to them via email without thinking to check the sender or the source.

How Does the Threat Work?

Instead of encrypting data found on the infected device, this threat uses macros embedded in the Word document to install a Trojan horse threat on the user’s device. This threat, known as IcedID, is used to steal financial information or login credentials for banking institutions. Furthermore, IcedID can download other types of malware onto the user’s device.

Of particular note is that it can install another type of threat called Cobalt Strike, which is a penetration testing tool. Why would a hacker want this, you ask? It’s simple; it can be used to make a hacking attack that much easier and more efficient by identifying potential pathways for threats on the user’s device.

What’s the Timeline for the Attack?

Using the threats outlined above, OnePercent Group can get a lot of dirt on your business in a relatively short amount of time. After they have collected this information, they issue a ransom note demanding that the victim pay up within a week or risk their data being released online. If the victim refuses to pay up, the group pesters the victims through email and phone calls to pressure them into taking action. If the victim still refuses to pay, they release 1% of the data on the Dark Web. Further resistance leads to the group selling the data to other data brokers on the Dark Web to be sold to the highest bidder.

It just goes to show that as soon as you think you know a threat, they switch things up and try something new. While it can be stressful keeping up with the countless threats found in the online world, it sure is never boring.

Secure Your Business Today

Don’t let the fear of ransomware keep your business from functioning the way it’s supposed to. NuTech Services can help your organization secure its infrastructure and other critical data. To learn more, reach out to us at 810.230.9455.

Aug, 2021

These Are the Most Likely Threats Your Small Business Will Face

Data breaches are a well-known fact in the business environment, and small businesses in particular have many challenges that threaten their operations. It is important that you consider these security issues when putting together your risk management strategy, especially as it pertains to cybersecurity. Let’s take a look at how you can overcome some of the security challenges present for small businesses in 2021.

Phishing

Phishing is a major concern for small businesses as these attacks make up a significant portion of cybersecurity situations. Phishing is more of a scam than an official hack, but it is problematic cybercrime all the same. Phishing attacks can come through any form of communication for your business, be it social media, email, and phone calls. The scary part is that it only has to work once to cause trouble for your company.

Here’s an example of how phishing works. If a member of your staff were to accidentally click on an attachment in an email that they think has something to do with their job, they might find that the email installs malware on your network. This method is not limited to malware; it can install trojans, viruses, or even ransomware.

Phishing can be hard to counter, as hackers have developed sophisticated phishing schemes that can make keeping up difficult. You need to train your employees to ensure that they will be more likely to spot potential phishing attempts.

Poor Passwords

It is unfortunate that poor passwords are one of the biggest reasons why security breaches occur. Just like phishing strategies, hackers have implemented sophisticated measures that allow them to not only guess passwords, but guess countless passwords in a short timeframe. Furthermore, social engineering tactics can be used to guess poor or duplicated passwords with ease.

Password security is an aspect of your cybersecurity infrastructure that bleeds into every other aspect of it. Your employees use passwords to access just about anything online, and while duplicate passwords are easy to remember, they are a far cry from the level of security that your organization needs to be successful. Password best practices are one way to shore up this weakness. Passwords should be complex and changed on the regular to keep them from being stolen, guessed, or compromised.

Holes in Software

Software is often updated to account for security issues and holes that are discovered after the fact, and developers respond periodically to these issues. If you fail to patch your software, you could go about operations with major security issues and run the risk of exploitation. In other words, these holes in software are essentially open doors that hackers can use to infiltrate your network.

The best way to address these vulnerabilities is to keep them from becoming major problems in the first place. By this, we mean regularly patching your software and applying updates as they come out. This will close these open doors and enable you to protect your assets.

NuTech Services can help your business prioritize security. To get started, we recommend contacting one of our IT experts who can discuss with you all of the cybersecurity solutions we offer. Don’t wait any longer—give us a call at 810.230.9455!

Jul, 2021

How a Mismanaged Cloud Can Undermine Your Security

There is no denying that the cloud has become one of the most popular options for a business to obtain the tools required for their operations. Despite this, it is equally important to acknowledge that there are many ways that the cloud could facilitate security threats if not managed properly. Let’s go over some of the issues that must be addressed if a business is going to successfully leverage cloud technology to its advantage.

Misconfigured Cloud Settings

While cloud tools and solutions have the potential to be highly effective, they need to be set up properly before they can meet this potential with any hope of remaining secure. As the cloud is supposed to be an accessible tool to help facilitate productive collaboration, any accidents or errors could create challenges that would work against that goal. One common outcome of these challenges: security shortcomings and vulnerabilities.

To this end, it becomes especially crucial to your business’ security (and by extension, its success) that all settings in your cloud are reviewed, checked, and otherwise confirmed to be correct on a fairly regular basis.

Ineffective Access Controls

One of a cloud solution’s greatest business advantages is the fact that access to the resources it holds isn’t tied to one location, greatly simplifying processes like remote work by enabling your team to utilize these resources whenever they need them wherever they are working. Having said this, it can become a challenge to simultaneously restrict data to only those who have the proper authorization to do so without properly implemented controls in place

In addition to this, you should also bear in mind how much a cybercriminal will tend to lean on the human element of a business as an exploitable weakness. To combat this, it is important that your team members are instructed on how to create secure passwords.

Targeted Attacks

Back in the day, businesses had a relatively short list of threats to deal with, effectively boiling down to theft and vandalism. Now, however, the nature of our connected workspaces means that a far greater variety of threats could potentially harm a business. Cyberattacks are numerous, profitable for the cybercriminal, repeatable, and vastly varied in how they are shaped.

While modern organizations have the same concerns about theft and vandalism, they now need to worry about many different resources being stolen. Sure, they could have finances taken away, but they could also lose their customers’ payment information or protected data. This could result in fines, lost confidence from their market, legal action, and might even necessitate costly compensatory damages to be paid to those affected. Other threats don’t focus on a business’ finances, but on their productivity or even reputation. Denial-of-service attacks and ransomware get much of their leverage by preventing the targeted business from operating effectively. Plus, how motivated would you be to continue supporting a business that allowed your data to be exfiltrated, opening you up to identify theft?

With so many businesses moving to the cloud without properly paying attention to the security standards we reviewed above, cybercriminals now also see it as an opportunity for their purposes. Diligence and preparedness are both critical to preventing their success.

Employee Behaviors

Finally, one of your greatest assets could very well be one of your greatest challenges when it comes to securely utilizing cloud resources: the team members you’ve brought on to keep your business running. Without the proper instruction, your team may not adjust to the cloud as smoothly as one would hope, potentially creating vulnerabilities that a cybercriminal could take advantage of.

Alternatively, there is always the chance that your team has someone less-than-trustworthy amongst its ranks, and this individual could potentially use their access to abuse the data your company relies on. The cloud’s accessible nature does make it more challenging—but not impossible—to detect such activities.

Turn to us for help with dealing with these cloud security challenges.

Our team of professionals has the experience and insight necessary to effectively spot cyberthreats that could negatively impact your business’ use of the cloud, and are ready to help you mitigate these efforts. To find out more about what we can do for your business and its security, reach out to us at 810.230.9455.

Jul, 2021

What We Can Learn from the Ireland Health Service Ransomware Attack

In May of 2021, Ireland’s Health Service Executive, which handles healthcare and social services to the Emerald Isle’s nearly five million residents, was the target of a massive ransomware attack. Even as businesses and municipalities from all over the globe have been dealing with this plight, we mention this because of the aftereffects of this situation. Today, we take a look at the situation and what can be learned from it.

The Irish HSE Ransomware Attack

On May 14, 2021, the HSE was targeted by a hacking collective known as the Conti Ransomware Gang. The health service then received the instructions that the perpetrators would immediately release the patients’ data to the public unless they paid the ransom of $20 million in bitcoin. After a few days of deliberation, the government agency agreed to pay the sum (a practice that those of us at NuTech Services do not recommend). In turn, they got the decryption key.

Sad to say, this is not where this situation ended.

Data Restoration is Problematic

With the working decryption key in hand, and a nation of people that depend on their service, the HSE went ahead and started the restoration process. Turns out, it is difficult. HSE is still having problems restoring data systems to their previous state and it has led to bottlenecks inside the nation’s healthcare system.

The reason is that restoring data, especially on a scale such as this one, is an arduous task, and with new protocols and protections being implemented by HSE administrators to help avoid this type of problem in the future, it is taking much longer than expected. This means costs rise and people don’t get the care they need. As of this writing, it remains a real problem for the people of Ireland.

What Your Business Can Take Away From the HSE Ransomware

No matter what your business is, getting hit with ransomware is a pretty scary situation. One thing that every company or organization can take away from this situation is the need for comprehensive training for phishing and other scams to minimize the chances of getting ransomware through typical means. You also should be monitoring your network to ensure that if something were to make it past your defenses that more can be done to thwart a major catastrophe like ransomware. You should also have a comprehensive backup in place to help protect the continuity of your business.

At NuTech Services, we can help you identify your organization’s cybersecurity weaknesses and help you put in policies and technology that will help you keep ransomware off your network and be ready for any type of problem should it arise. Reach out to us at 810.230.9455 today to talk to one of our skilled consultants.

Jul, 2021

Obvious Signs You are the Target of a Hacking Attack

If a hacker were to find themselves on your network or within one of your accounts, would you be able to detect them and eliminate them? Today we want to share some of our best strategies for how you can identify the warning signs of a hacking attack, as well as how you should respond. This is particularly important for a workforce that is working remotely, so we hope you take these tips to heart.

Monitor Failed Password Attempts

Passwords are a terribly important part of keeping your information secure. Not only do they prevent unauthorized access to accounts and important data, they also inform you of when someone is actively targeting you. This helps to protect your data, especially when you have remote employees accessing your network.

The problem here is that devices with remote desktop protocols enabled on them, like the ones your remote users are likely utilizing, are quite easy for hackers to find and target if they aren’t configured properly. These devices are often targeted by brute force attacks. In these cases, a hacker will bombard a password requirement with every possible option until they discover the correct password.

When remote protocols are properly configured, too many failed password login attempts will lock down the device and send you a notification to inform you of the failed attempts. When this happens, you reach out to the user and confirm that they were simply having problems with their password. If the failed attempts were not from the employee, then you know that the credentials were stolen.

This level of oversight allows you to prevent brute force attacks from becoming an issue, as locked password attempts keep these brute force attacks from being successful.

Keep an Eye on Your Traffic

Experienced hackers can hide their location to keep themselves from being discovered, but many often do not have the ability to do so. Maybe they lack the technical skill or the attack is too broadly distributed for them to cover their tracks. Either way, you can discover if you are the target of an attack by keeping a lookout on where your network traffic is coming from. If anything looks suspicious, then it’s time to investigate.

For example, if your technology infrastructure has never interacted with a server from any given country, but now regularly contacts a domain in that location, then you know that something fishy is going on.

Actively Make Things More Challenging for Cybercriminals

When you make it more difficult for hackers to gain access to your network, they will be less likely to persist and do so. You can make it extraordinarily difficult for hackers to access your network through a variety of methods. For remote desktop protocols, you can customize the configuration rather than using the default settings. Password timeouts and two-factor authentication are also important for network security, as are access controls on your internal resources. All of these tools combine to create a difficult time for your attackers and, thus, a more secure network.

If you would like assistance with your business’ network security, don’t wait any longer. Give us a call! We’ll work with you to ensure that your network is protected against today’s security threats. Learn more by contacting us at 810.230.9455.

Jun, 2021

Agent Tesla Is Out to Steal Your Credentials (and Your Cryptocurrency)

Network security isn’t just for large, high-profile enterprises; even small businesses need to take it seriously. All businesses have something of value to hackers, and if you don’t believe this is the case for your organization, think again. All data is valuable to hackers, and you need to do everything in your power to protect it—especially against threats like Agent Tesla, the latest version of phishing malware designed to steal your data.

Before we dive into what makes Agent Tesla so concerning, let’s discuss phishing on a more broad scale. What is it, and why is it important that you know what it is?

Explaining Phishing Attacks

Not all hackers take a direct approach to infiltrating your systems. Brute force can only get them so far, so they have to resort to sneaky tactics like phishing. A phishing attack aims to convince users to grant a hacker access to a network of their own free will, usually through downloading an infected file, clicking on a suspicious link in an email, or handing over credentials to someone claiming to be tech support or someone of authority within the organization.

Why You Should Care

The scary part of phishing attacks is that you can do everything right in terms of network security and still fall short of protecting your organization. Phishing attacks, when executed properly, have the potential to make it past even the best security solutions. They rely on the human aspect of your organization—your employees—to infiltrate and cause problems for your business. In a sense, your company’s security measures are only as effective as your employees’ knowledge of network security.

Agent Tesla

Agent Tesla as a threat has been around since 2014. The malware uses a keylogger to steal information from infected devices, which it transmits to the hacker behind the attack periodically throughout the day. This gives the hacker access to information like passwords, usernames, and other data that is typed into the system. This new variant of Agent Tesla is notable because it also seeks to steal cryptocurrencies from the user.

Agent Tesla spreads through the use of phishing emails with infected Excel documents attached. One such attack, as evidenced by a report from Fortinet, shows an email with an Excel file sporting the title of “Order Requirements and Specs” attached to it. To the untrained eye, it might appear to be legitimate. If the user downloads the file and opens it, the file runs a macro that downloads Agent Tesla to the device. The specific process, as outlined by Fortinet, involves installing PowerShell files for Agent Tesla, adding several items to the Auto-Run group in the system registry through the use of VBScript code, and finally creating a scheduled task that executes at a designated interval.

Agent Tesla itself is surprisingly accessible, given that it can be purchased on the cheap and the developers offer support to those who do purchase it. This sets the bar pretty low for hackers who want to get started in this deplorable line of work.

What You Can Do

You don’t want to find yourself in a reactive position with your network security. Instead, you should be proactive about it. Your network security against phishing attacks (and all threats in general) should take a two-pronged approach:

Implement quality network security solutions to catch the majority of threats before they reach your network.
Train your employees to identify threats so that the ones that do get through your defenses do not cause more trouble than they need to.

NuTech Services can help your business do both of the above, implementing powerful enterprise-level security solutions that can keep your company safe and training your employees to keep it that way. To learn more, reach out to us at 810.230.9455.