CyberheistNews Vol 14 #03 Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out For



Cyberheist News

CyberheistNews Vol 14 #03  |   January 16th, 2024

Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out ForStu Sjouwerman SACP

Verizon has published an article outlining various forms of social engineering attacks, including SMS/text messaging phishing (smishing), voice phishing (vishing), and spear phishing (targeted attacks, often via email).

Verizon warns users to be on the lookout for the following red flags:

  • "Scare tactics and urgent messages or subject lines. The 'URGENT: Payment overdue' subject line mentioned earlier is an example—bad actors want you to think that there's some kind of problem with your account that needs immediate attention. Vishing attacks might say that they've identified fraud on your credit card or that you're in trouble with the IRS."
  • "Unprompted calls from 'customer service.' Beware of unsolicited calls from 'customer care agents,' or from a 'billing' or 'fraud' department, that ask you for help to access your account or to provide them with sensitive account information. If you're at all suspicious, hang up and then call the publicly listed customer care number of the company in question (not the number given by the caller) to report the incident. Note: Verizon will never proactively contact a customer asking for sensitive information such as a password or account PIN to perform authentication."
  • "Lookalike or misspelled web or email addresses. A lookalike URL in a link or a misspelled email address is a sure sign of trouble. Remember, you can hover your cursor over a link without clicking to see the actual URL in the link. One example given by Phishing.org: a misspelled link using 'bankofarnerica[.]com' that could look correct at a quick glance; clicking such a link could take you to a malicious site."
  • "Suspicious attachments. Any unsolicited email attachment should be viewed as a warning sign. If the email is from an unknown sender, you didn't ask for the attachment or the attachment doesn't make sense in the context of the message, don't open the file."

Verizon concludes, "Remember, phishing is common and perpetrators are hoping to catch you with your guard down. But most companies will never proactively reach out to you. And Verizon will never proactively contact a customer asking for sensitive information such as a password, account PIN or to perform authentication.

So keep it simple: Trust your gut. When in doubt, hang up, delete the message, and contact the respective company directly."

Blog post with links:
https://blog.knowbe4.com/verizon-outlines-latest-scams

[NEW WEBINAR] Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them

Navigating the cloud security landscape is no walk in the park. It requires IT professionals like you to not only tackle traditional security threats, such as managing data access and mitigating vendor risks, but also confront virtualization risks and tackle issues unique to the cloud.

With more and more programs and information relying on the cloud, maintaining robust security can feel like an uphill battle. Unsure where to start? We've got you covered!

Join us for this webinar where Roger A. Grimes, Data-Driven Security Evangelist at KnowBe4, will walk you through the ins and outs of cloud security. He'll share:

  • Top threats named by the Cloud Security Alliance to watch out for
  • How to approach your organization's cloud security and threat landscape
  • Real-world examples of cloud security breaches and their ripple effects
  • The risks of vendor-stored user data and strategies to prepare your organization for such threats
  • How to best protect yourself against today's top hacks and vulnerabilities both on and off the cloud

Learn about the most popular and successful threats against cloud environments and what you can do to best protect yourself against them. Plus earn CPE for attending!

Date/Time: TOMORROW, Wednesday, January 17, @ 2:00 PM (ET)

Can't attend live? No worries — register now and you will receive a link to view the presentation on-demand afterward.

Save My Spot!
https://info.knowbe4.com/guarding-the-cloud?partnerref=CHN2

Beware of 'Get to Know Me' Surveys

Trained security awareness professionals are aware that whatever someone says about themselves and personal experiences can be used against them in a social engineering scam. It is always good to share that message, at least once a year with co-workers, family members and friends.

I was reminded of this latest news story discussing a recent Instagram and TikTok trend. Basically, users are sent (or send) a "survey" that asks the receiver to describe themselves. I think we have all seen similar "fun" surveys that ask us things like our birth dates, favorite colors, high school, birthplace, and so on.

Facebook surveys have long been a social engineering scammer's favorite tool. In fact, if you do an Internet search on the terms "Facebook surveys," you will see hundreds of articles, including from the FCC and Better Business Bureau warning you not to take them. This is especially true if the "survey" tries to install a new app or asks for new permissions.

Word to the wise. Do not take and post surveys on social media. It is just too dangerous. CONTINUED on the blog, with examples of the following:

  • Work Surveys
  • Lurking in Hobby Forums
  • Investment Consulting Opportunity
  • News Stories
  • Public Documents
  • Public Facebook Support Sites

[CONTINUED]:
https://blog.knowbe4.com/beware-of-get-to-know-me-surveys

[NEW FEATURE] PhishER Plus and CrowdStrike Falcon Sandbox Integration

KnowBe4's PhishER Plus provides an easy way to protect your users against malicious emails! PhishER Plus includes the following capabilities that can save you and your team precious time managing malicious emails.

With PhishER Plus you can:

  • Use crowdsourced intelligence from more than 10 million users to block known threats before you're even aware of them
  • Automatically isolate and "rip" malicious emails from your users' inboxes that have bypassed mail filters
  • Simplify your workflow by analyzing links and attachments from a single console with the CrowdStrike Falcon Sandbox integration
  • Leverage the expertise of the KnowBe4 Threat Research Lab to analyze tens of thousands of malicious emails reported by users around the globe per day
  • Automate message prioritization by rules you set and cut through your Incident Response inbox noise to respond to the most dangerous threats quickly

Join us for a live 30-minute demo of PhishER Plus, the #1 Leader in the G2 Grid Report for SOAR Software, to see it in action.

Date/Time: Wednesday, January 24, @ 2:00 PM (ET)

Save My Spot:
https://info.knowbe4.com/phisher-demo-1?partnerref=CHN

[New Phishing Template] Formula 1 Exclusive: Gene Haas on Guenther Steiner's Departure

In a surprising turn of events for Formula 1 enthusiasts, the Haas F1 Team is grappling with the departure of its widely-respected Team Principal, Guenther Steiner. Let's dive into the implications of Guenther Steiner's departure and more information on a new template that our KnowBe4 customers can access in the ModStore now!

Guenther Steiner, who is known for his candid and dynamic leadership style, has been a fixture in the Formula 1 world as the Team Principal of the Haas F1 Team. However, recent announcements have confirmed that Steiner will be parting ways with Haas, leaving fans and the racing community in a state of surprise and speculation.

Amidst the news of Guenther Steiner's departure, our team created a template you can use to test your users on possible scams targeting Formula 1's news coverage. KnowBe4 customers can find the news template by searching, "Formula 1 Exclusive: Gene Haas on Guenther Steiner's departure (Link)".

The blog shows what the template looks like:
https://blog.knowbe4.com/new-phishing-template-formula-1-guenther-steiners-departure

[Free Resource Kit] Ransomware Awareness Resources

We created this free resource kit to help your organization and your users defend against ransomware. Request your kit now to learn how ransomware has evolved, what new attack vectors you need to be prepared for, and get advice from our experts on how to prevent an attack against your network.

Here is what you'll get:

  • Access to our on-demand Ransomware Master Class webinar featuring Roger Grimes, KnowBe4's Data-Driven Defense Evangelist
  • Our most popular whitepaper: Ransomware Hostage Rescue Manual and supplemental Attack Response and Prevention Checklists
  • A 7-minute video that explains The Evolution and Future of Ransomware
  • A new infographic on The Global Cost of Ransomware
  • Posters and digital signage to remind users about what to watch out for

Get Your Kit Now:
https://www.knowbe4.com/ransomware-resource-kit-chn

Why Do LLM's Hallucinate?

Every now and then, large language models (LLM) will still hallucinate or rather, provide inaccurate statements presented as facts. Here are a couple of common reasons for these hallucinations: (nope, they are not trying to fool you on purpose)

  • Data Overgeneralization: LLMs are trained on extensive datasets from diverse sources. When these models encounter specific queries, they might overgeneralize based on the most commonly available information in the training data. This can lead to inaccuracies, especially when dealing with less common or localized topics.
  • Contextual Misinterpretation: These models sometimes misinterpret the context of a query. They might default to more widely recognized or globally prevalent information if they lack precise, localized knowledge. This is particularly noticeable in instances where specific, local information is essential.
  • Pattern Recognition Over Specificity: LLMs often draw connections based on patterns observed in the training data. If certain topics are frequently discussed together, the model might assume a correlation, even in cases where it's not applicable.

An example of this is where you prompt an LLM to tell you more about your town, and it does so, even stating that it is home to a famous shoe factory, but then it gets the name of the shoe factory wrong. (Based on a true story.)


Let's stay safe out there.

Warm Regards,

Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.

PS: KnowBe4's Chief Evangelist and Security Officer Perry Carpenter's New SC Post! "AI: The new puppet master behind cyberattacks":
https://www.scmagazine.com/perspective/ai-the-new-puppetmaster-behind-cyberattacks?

PPS: And yours truly in INC Mag: The Security Culture Maturity Model for Cyber-resilience:
https://www.inc.com/inc-masters/the-security-culture-maturity-model-for-cyber-resilience.html

Quotes of the Week  
"To bring anything into your life, imagine that it's already there."
- Richard Bach - Writer (Born 1936)

"The only limit to our realization of tomorrow will be our doubts of today."
- Franklin D. Roosevelt (1882–1945)

Thanks for reading CyberheistNews

You can read CyberheistNews online at our Blog
https://blog.knowbe4.com/cyberheistnews-vol-14-03-red-flags-for-phishing-verizon-outlines-latest-scams-to-watch-out-for

Security News

Microsoft Was the Most Impersonated Brand Last Quarter

Microsoft was the most impersonated brand last quarter, accounting for a third (33%) of all brand phishing attempts in October, November and December 2023, according to Check Point's Brand Phishing Report for Q4 2023.

Check Point notes, "The technology sector stood out as the most targeted industry overall, with Amazon securing second place with 9% and Google in third on 8%. Social networks and banking represented the other two most targeted industries."

The researchers describe a recent phishing attack that attempted to trick users into clicking on a malicious link, supposedly to verify their account.

"This deceptive email, posing as the Microsoft account team, claimed to require email address verification and urged recipients to click a verification link," the researchers write. "It featured a subject line 'Microsoft: Verify your email address' aiming to create a sense of urgency.

The phishing link included in the email was not associated with Microsoft. The email requested recipients to verify their email address and may potentially lead to fraudulent activities."

Check Point predicts an increase in the use of AI to improve phishing attacks in 2024. "While we have said goodbye to 2023, one thing has followed us into the new year and that is the threat of phishing," the researchers write.

"Even cybercriminals with limited IT expertise can accurately mimic legitimate brands to deceive unsuspecting customers and carry out social engineering attacks. Following the widespread use of AI, we can expect to see a higher volume of phishing campaigns this year that are even more indistinguishable from genuine company communications.

"As the biggest names in technology, social networking, and banking continue to be imitated, end users need to be extra vigilant when engaging with emails claiming to be from a reputable brand."

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Check Point has the story:
https://blog.checkpoint.com/research/microsoft-returns-to-the-top-spot-as-the-most-imitated-brand-in-phishing-attacks-for-q4-2023/

First Time Ever: FBI Releases Blackcat Ransomware Decryption Tool to Victims

For the first time ever, the U.S. Justice Department announced the existence of an FBI-developed decryption tool that has been used to save hundreds of victim organizations attacked by one of the most prolific ransomware variants in the world.

In an announcement made last month, the Justice Department made the world aware of the existence of a decryption tool to be used by those organizations hit by Blackcat — also known as ALPHV or Noberus.

Blackcat is noted by the Department of Justice as the "second most prolific ransomware-as-a-service variant in the world based on the hundreds of millions of dollars in ransoms paid by victims around the world."

They have been involved in attacks on critical U.S. infrastructure "including government facilities, emergency services, defense industrial base companies, critical manufacturing, and healthcare and public health facilities — as well as other corporations, government entities, and schools," according to the announcement.

The decryption tool has been provided to over 500 victim organizations to assist in decrypting files encrypted by Blackcat. If your organization has been a victim of Blackcat, you are encouraged to reach out to your local FBI office.

Blog post with links:
https://blog.knowbe4.com/blackcat-ransomware-decryption-tool-disrupting-attacks

What KnowBe4 Customers Say

"I just want to reach out to talk about a great experience I had with one of your regional account managers, James D. Him and I had been discussing around the holidays as we were looking for some comprehensive SAT training, which ultimately our company has gone with KnowBe4 to do so.

James has been a valuable asset in this process and I genuinely cannot say enough good things about him. He is very knowledgeable not just about KnowBe4 but the field overall, and very easily shows his expertise. Every step of the way my concerns were addressed, and he was very easily able to pivot to different needs as they came up.

He did a great job marketing his product and he very clearly knows what he is talking about. I completely understand why KnowBe4 is such an industry leader if all of the staff have the same aptitude and drive for their product! It has been a genuine pleasure to work with him and the whole process felt less like a sales pitch and almost more like a consultant letting us know what we needed and why it was so important.

Clearly I was sold on the platform! I have done quite a bit of demos, and I would like to think I am pretty critical; but I have to say KnowBe4 really just has it all, and James did a wonderful job of showcasing all that the software had to offer.

I think it is pretty telling when I go to a competitor and ask "what makes you different from KnowBe4", and they don't have an answer! I almost wish our sales reps were like him since he genuinely did such a fantastic job. I will maintain contact with him, but please extend my sincerest thanks to James for all his great work. Thanks!"

- T.M., IT Systems Administrator

The 10 Interesting News Items This Week
  1. Google Writes 'Robot Constitution' For Its New AI Droids:
    https://greekreporter.com/2024/01/07/google-robot-constitution-new-ai-droids/

  2. McAfee Project Mockingbird defends users against AI-generated scams and disinformation:
    https://www.helpnetsecurity.com/2024/01/08/mcafee-project-mockingbird/

  3. [FAIL] U.S. Securities and Exchange Commission's (SEC's) X account compromised due to lack of multifactor authentication:
    https://www.cnbc.com/2024/01/10/secs-compromised-account-was-not-due-to-breach-of-xs-systems-company-says.html

  4. iPhone survives 16,000-foot fall after door plug blows off Alaska Air flight 1282:
    https://arstechnica.com/gadgets/2024/01/iphone-survives-16000-foot-fall-after-door-plug-blows-off-alaska-air-flight-1282/

  5. FBI Director: More countries interested in 2024 election interference:
    https://therecord.media/2024-elections-foreign-interferance-fbi-christopher-wray

  6. Here's Some Bitcoin: Oh, and You've Been Served!:
    https://krebsonsecurity.com/2024/01/heres-some-bitcoin-oh-and-youve-been-served/

  7. New AI tools spawn fears of greater 2024 election threats, survey finds:
    https://www.nextgov.com/artificial-intelligence/2024/01/new-ai-tools-spawn-fears-greater-2024-election-threats-survey-finds/393202

  8. OpenAI's New GPT Store May Carry Data Security Risks:
    https://www.darkreading.com/cyber-risk/openai-new-gpt-store-data-security-risks

  9. Asia Pacific Should Brace For Increased Phishing, Scams And Data Breaches In 2024:
    https://news.abplive.com/technology/apac-should-brace-for-increased-phishing-scams-and-data-breaches-in-2024-kasperksy-1655944

  10. Cybersecurity Incidents Consistently Increase in UAE:
    https://www.darkreading.com/cyberattacks-data-breaches/cybersecurity-incidents-consistently-increase-in-uae

Cyberheist 'Fave' Links
This Week's Links We Like, Tips, Hints and Fun Stuff

Topics: Cybercrime, KnowBe4



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews