Post-Acute Care News

Get News via Email

Peter Teichert

Find me on:

Recent Posts

Security Spotlight: Messaging Attacks (Smishing)

By Peter Teichert on Tue, Dec 31, 2019 @ 04:37 PM

Introduction

One of the most common ways cyber attackers attempt to trick or fool people is by scamming you in email attacks (often called phishing) or try to trick you with phone calls. However, as technology continues to advance, bad guys are always trying new methods, to include tricking you with messaging technologies such as text messaging, iMessage, FaceTime, WhatsApp, Slack or Skype. Here are some simple steps to protect yourself so you can spot and stop these common attacks.

What are Messaging Attacks?

Messaging attacks (sometimes called smishing, a play on the word phishing) are when cyber attackers use SMS, texting or messaging technologies to reach out to you and try to trick you into taking an action you should not take. Perhaps they want to fool you into clicking on a malicious link or get you to call a phone number so they can get your banking information. Just like in traditional phishing email attacks, bad guys often play on your emotions to act. However, what makes messaging attacks so dangerous is that they often feel far more informal or personal than email, making it more likely you may fall victim. In addition, with messaging attacks there is less information and fewer clues for you to pick up on that something is wrong or suspicious. When you receive a message that seems odd or suspicious, start by asking yourself does this message make sense; why am I receiving it?

Common Signs of an Attack

  • A tremendous sense of urgency, when someone is attempting to rush you into taking an action.
  • Is this message asking for personal information, passwords or other sensitive information they should not have access to?
  • Does the message sound too good to be true? (No you did not win the lottery, especially one you never entered.)
  • A message that appears to come from a co-worker or friend’s account or phone number, but the wording does not sound like them. (Their account may have been compromised and taken over by an attacker, or the attacker is attempting to pretend to be them, tricking you into taking an action.)

If you get a message that makes you have a strong reaction, wait a moment and give yourself a chance to calm yourself and think it through before you respond.

Combining E-Mail and Smishing Attacks

Sometimes bad guys will even combine email and messaging attacks. For example, gift card scams can work this way. A cyber attacker will send you an urgent email pretending to be a friend or co-worker, then ask for your cell phone number. Then they can send repeated text messages, pressuring you to purchase gift cards. Once purchased, the attackers have you scratch off the code on the back of the cards and message a picture of the codes back to them. Another common attack urges you to “check out” a video or picture (“you won’t believe this!”). It appeals to your sense of curiosity. If the message looks like it is from someone you know, perhaps call the person on the phone to verify before you act.

Follow Up to Confirm

If you get a message from an official organization that alarms you, check with them directly. For example, if you get a text message from your bank saying there is a problem with your bank account or credit card, contact your bank or credit card company directly by visiting their website or calling them directly using the phone number from the back of your bank card or credit card. Bear in mind that most government agencies, such as tax or law enforcement agencies, won’t contact you via text message.

Conclusion

When it comes to messaging attacks, you are your own best defense. Always stay vigilant, exercise skepticism, and practice secure behavior as a human firewall.

 

We’d like to thank this month’s guest contributor from the SANS Security Awareness team, Jen Fox. 

 

Security Spotlight: Password Spraying

By Peter Teichert on Thu, Sep 12, 2019 @ 04:06 PM

In the past year, a type of attack known as Password Spraying has been getting a lot of attention. Let's consider what this type of attack involves, why it is so dangerous, and what individuals can do in their role as Human Firewalls to prevent and detect these types of attacks.

What is Password Spraying?

  • Password Spraying is basically automated password guessing
  • Also known as the “low-and-slow” method since it typically involves an attacker trying a single password from a list of highly common passwords against a large number accounts before moving on to attempt a second password 
  • Although not a sophisticated attack, it has proven highly effective as it stays below the detection radar by avoiding frequent account lockouts against a single high-privilege account  

Why is Password Spraying so dangerous?

  • More and more business applications (think Office 365) and services are in the cloud and people re-using passwords is extremely common so, once the bad guys have your credentials for one platform, they often have access to other cloud services as well
  • Companies often invest in security solutions such as Firewalls, Antivirus, Intrusion Prevention/Intrusion Detection (“IPS/IDS”), and Encryption, but this type of attack bypasses all of them
  • It allows attackers to compromise accounts while masking themselves from detection by blending in with “normal” activity
    • Once attackers gain access to the system, they employ a technique known as Lateral Movement to move further across the network as they search for the key data and assets that are ultimately the target of their attacks

What can you do to prevent and detect Password Spraying?

  • Use uncommon and hard-to-guess passwords
    • Complex passwords including:
      • Uppercase and Lowercase characters (A – Z, a-z)
      • Digits (0-9)
      • Non-alphanumeric special characters (e.g.,!, #, $)
    • Use passphrases (sentences as a password)
  • Use a different password for each separate account, service, or site 

Detection of a Password Spraying attack often requires the use of analytic tools, but other observations include:

  • High volume of account lockouts
  • Spike in attempted/failed logins
  • Login attempts from inconsistent IP addresses

Conclusion:

Attackers will take the cheapest and shortest path to the objective, and Password Spraying fits that description since there are also a lot of open source tools readily available. Now that you know the essentials of Password Spraying, you can make it part of your efforts as a Human Firewall.

 

U.S. Health and Human Services Cites 5 Most Relevant Cyber Threats

By Peter Teichert on Fri, Feb 15, 2019 @ 02:47 PM

Our recent webinar, A 3-Prong Preparation Strategy for HIPAA Audits, touched upon cybersecurity. As a follow-up, we have prepared the below infographic, summarizing related information from the U.S. Department of Health and Human Services. 

If we can be of help to you in protecting yourself against these threats or preparing for HIPAA audits, get in touchTo learn more about our expertise, visit our primeCLOUD page.

Top 5 Cyber Threats

Topics: cybersecurity, HIPAA compliance, HIPAA One Risk Assessment, HIPAA enforcement, cyber threats

Recent Posts

Screen_Shot_2016-07-26_at_3.06.07_PM.png

Gain visibility and control over claims operations

See how Prime Care can move the needle across your enterprise

PLAY DEMO