These Link Checking Tools Might Save Your Bacon
We often talk about scams and cyberthreats, and lately our advice for dealing with a potential phishing threat is to simply avoid it altogether.
That is, when you get any kind of email or text message with a link you weren’t expecting, whether it’s from someone you know or from your bank, just don’t click it. Instead, log into the account in question the way you normally would, and verify the information there, or confirm with the sender through some other means to make sure what they are sending is valid. While this is still a good practice, sometimes you need to click on a link. Here are a few tools you can use to check if a link is safe, before you click.
Why Would a Link Be Dangerous?
First of all, why wouldn’t you want to trust a link that someone you trust sends you?
There are a lot of reasons. Even if it looks like a video message from your dear sweet Nana, or a virtual Christmas card from your youngest niece, there is a chance that the sender has been compromised and is trying to spoof their contacts.
You want to know when it’s probably not a scam or a threat? When your dear sweet Nana or your niece calls you up on the phone and asks you to look at it.
That simple two-step confirmation makes all the difference in the world. Otherwise, you should consider the risks that maybe, just maybe, the sender was compromised and that the link you are being sent is malicious.
The same goes for the business end of things.
Your coworker, business partner, vendor, or client might have no reason to do anything malevolent to you. If they fall for a trick themselves, though, a part of that trick might include spreading to all of their contacts.
A malicious link could contain malware that infects your computer, tries to steal your data or access your online accounts, and also spreads itself as quickly as possible to anyone in your contacts list. Not only will you be the victim, but your friends, family, and colleagues will be YOUR victim, and so-forth.
How to Safely Identify and Copy a Link
Before we get into the tools, let’s quickly run through what we mean by a link.
Basically, any text or graphic that is clickable and takes you to another page in your browser is a link. Sometimes, that link will be written out, with the https:// and the full URL.
For example, if it is a link to PayPal, it might look something like this: https://www.paypal.com/us/smarthelp/PAYPAL_HELP_GUIDE/getting-started-with-paypal-icf29
Links could also just be text that is clickable. So instead of writing out the URL, the link might be something like this: Get Started with PayPal
Now here’s the thing. If you’ve been paying attention, we’ve already proven to you just how easy it is to trick a user into thinking they are going to one website, and taking them somewhere totally different. Both of the links above don’t actually go to PayPal. We assure you that they are safe, but they are taking you to goofy fake mustache glasses on Amazon.
Sometimes, links are graphics, like buttons, icons, pictures, or virtually anything else. If you can click or tap it and have it take you somewhere, it’s a link, and any links can be spoofed very easily.
If you want to tell where a link is going to take you, you need to copy the actual link:
On a Desktop or Laptop:
-Hover the mouse over the link.
-Right-click on the link.
-Select “Copy Link” or “Copy Link Address” or “Copy Hyperlink”
Now you have the link copied, and you can paste it into one of the following tools with CTRL+V (or right-click and select Paste)
On a Tablet or Smartphone:
-Be careful not to accidentally just tap the link to open it!
-Hold your finger over the link for a few seconds to pop up the context menu.
-Select “Copy Link” or “Copy link address” or “Copy Hyperlink”
Now that you have the link copied, you can paste it into one of the following tools by holding your finger down over the URL field within the tool and selecting Paste.
Safely Check a Link Before You Click it with These Tools
You can use the following tools to check the safety and legitimacy of a link. Keep in mind, this won’t protect you from one hundred percent of all scams, as these tools can only check for known threats. It’s also a good idea to use multiple tools to cross reference, in case some of the tools just haven’t been made aware of the link you received.
Use Norton Safe Web to Check a Link
Norton Safe Web is a free online tool that lets you paste a link to check to see if it’s safe.
It will give you a quick rating on the link. If the link is untested in Norton, it’s a good idea to try a few of the other tools. If Norton states the link is dangerous, it’s a pretty safe bet you should avoid it.
Check the Link With PhishTank
The cleverly named PhishTank site will tell you if a link you received has been reported as a phishing scam. Phishing links tend to look pretty similar to legitimate web pages. For instance, a phishing link for PayPal might look almost exactly like the regular login page for PayPal. The problem is that it won’t log you into PayPal, but it will send your PayPal credentials to someone else.
Google’s Transparency Report Might Tell You If a Link is Unsafe
Google’s search engine works by crawling the Internet and indexing everything it finds. Sometimes, it might run across dangerous content such as malware or phishing risks. Google’s Transparency Report tool will tell you if a link you’ve been sent is found in their massive database of unsafe content.
https://transparencyreport.google.com/safe-browsing/search
Scan the Link with VirusTotal
Finally, there’s VirusTotal. This tool takes a little longer to give you an answer, but it can be a little more thorough than the others. This is a good last-ditch effort if you aren’t happy with the results from the other tools.
https://www.virustotal.com/gui/home/url
It’s important to keep in mind that a phishing scam or malware attack could still sneak through these tools, especially if the URL was just generated and you are among the first people to get it. These tools are designed to spot known phishing attacks and malware that has already been reported. With that in mind, it’s still a good idea to err on the side of caution.
If you feel like you’ve received a suspicious email, text message, or other correspondence, and you would like us to take a look for you, don’t hesitate to reach out to us at 541-234-0895.
Careful! There’s an Infected Version of WhatsApp Out There
WhatsApp is one of the world’s most popular messaging applications. With over 2 billion users, WhatsApp is known for its relative security, as it is one of the few messaging applications that offers end-to-end encryption. A modified version of WhatsApp, called YoWhatsApp, has been reportedly deploying malware.
What is YoWhatsApp?
YoWhatsApp is an unofficial version of WhatsApp that users can download and install on their smartphones. The developers claim it offers the ability for users to lock chats, send messages to unsaved numbers, and customize the look and feel of the application with various theme options. There are other unofficial WhatsApp versions out there with similar enhancements.
This sort of thing isn’t new. Ever since the early days of instant messaging software, developers have been building “enhanced” versions of popular messaging applications. Back in the early 2000s when AOL Instant Messenger was popular, there were several unofficial versions that offered additional features that removed ads, allowed more anonymity, and offered more features than the source material. However, using these third-party versions often came with some risk—sometimes they contained malware or made your account less secure.
This definitely appears to be the case with YoWhatsApp.
What Are the Risks of Using an Unofficial Version of WhatsApp?
According to a recent Kaspersky Report, YoWhatsApp distributes Android malware known as the Triada Trojan. The same was discovered last year with FMWhatsApp, another modified unofficial version of the application.
Triada gains control over your SMS messages, and can enroll its victims in paid subscriptions without their knowledge and impersonate them, sending spam and malicious content to others from their phone number.
This, in turn, can then affect users who actually use the official versions of WhatsApp.
While, as far as we know, WhatsApp is generally a safe application to use, the various third-party versions are not.
Understand What You Install
The concept of third-party developers creating unofficial “enhanced” versions of popular software isn’t anything new. It isn’t always a risk either, but you need to consider that unofficial versions aren’t usually as supported or secure as the official ones. If someone made a variation of Microsoft Outlook that offered some new features that the original didn’t have, and then Microsoft found and patched some vulnerabilities in their original version of Microsoft Outlook, it would be up to the third-party developer to also patch and update their version. You can’t really rely on that. You also need to consider that cybercriminals will go to great lengths to extort money from a wide set of users, and that includes building a “better” version of a popular app and paying to run ads to get users to download it and install their ransomware.
Whenever you install anything on your PC or smartphone, be sure to check to see if you are getting it from the official developer. If you aren’t sure, take some time to do a Google search, or reach out to Point North Networks to have us help you. It’s better to be safe than sorry.
“No More Ransom” is Leading the Fight Against Ransomware Abroad
Ransomware is one of the more dangerous threats out there today, and since it is so prominent and dangerous, it is a popular choice amongst hackers. To combat this threat, a community has formed around the cause, encouraging users to not pay the ransom by providing free malware removal tools for the most popular ransomware threats.
Europol, a European Union law enforcement agency, is in charge of this initiative, called No More Ransom. The agency has helped over 1.5 million victims of ransomware overcome the attack and recover their files without paying the ransom. These victims have saved an estimated $1.5 billion dollars, which is a considerable amount of money to keep out of hackers’ coffers.
No More Ransom began in 2016 in collaboration with the Dutch National Police and other cybersecurity and IT companies. It began with only four ransomware decryption tools, but now, they provide 136 free decryption tools to take on 165 different ransomware variants.
Still, ransomware is a problem, and the fact that it requires this kind of special attention means that you need to take it seriously.
Why You Should Never Pay the Ransom
Hackers use ransomware because it makes people pay up simply because it’s the easiest way to solve the problem. Unfortunately, it is rarely that simple, and even those who do pay the ransom suffer from unforeseen consequences.
Further complicating this decision is the fact that those who pay the ransom are effectively funding further attacks and reinforcing the fact that ransomware works. Simply put, hackers will be more likely to attack with ransomware if they know people are scared enough to pay up, and with more resources at their disposal, they can expand their reach and infect even more victims.
This is why we advocate for not paying the ransom. In the heat of the moment, it’s not always so clear, but we urge anyone infected by ransomware, businesses included, to slow down and consider the repercussions of their actions. There are situations where you might feel like you have no choice but to pay, particularly in double-extortion situations where the threat of online leaks of your data is imminent, but we assure you that you always have a choice in the matter.
Instead, You Should Call Us!
If you become the target of ransomware, we suggest you call Point North Networks at 651-234-0895. We can walk you through the appropriate next steps to address ransomware on your network.
Granted, it’s easier to prevent ransomware in the first place than to deal with an active threat, so we also recommend that you outfit your network with top-notch security solutions. Compound these with proper employee and end-user training to minimize the possibility of ransomware striking your company. While there is never a guarantee, the odds of it crippling your business will be significantly less with these steps in mind.
Get started today by calling us at 651-234-0895.
Keep Your Eyes Peeled for These Potential Security Threats
We don’t like it any more than you do, but if we have learned anything at all over the past several years, it’s that security absolutely needs to be a priority for all small businesses.
In the face of high-profile ransomware attacks that can snuff companies out of existence, what are you doing to keep your own business secure?
To put things in perspective, we’ve put together a list of some of the more common threats that all companies should be able to address.
Common Security Threats for Businesses
The following list of threats should give you an idea for how to start securing your business. You can never prepare too much for a potential security breach, so take the time now to get ready for what will inevitably come down the line.
Viruses
Some viruses are little more than an irritation, whereas others are incredibly disruptive to operations. They are basically bits of code that can harm your computer or data. Viruses are known for being able to spread from system to system to corrupt data, destroy files, and other harmful behavior. You can get viruses through downloading files, installing free software or applications, clicking on infected advertisements, clicking on the wrong links, or opening email attachments. Fortunately, modern antivirus software has gotten really good at protecting computers, provided that your software is up-to-date. For businesses, it’s best to have a centralized antivirus on your network that controls and manages all of the antivirus clients on your workstations.
Malware
Malware is malicious software that performs a specific task. A virus can also be considered a type of malware, albeit more simplistic in nature. Malware comes in various forms according to its purpose, such as spyware for spying on infected machines and adware for displaying ads in extremely intrusive or inconvenient ways. The major takeaway here is that you don’t want to deal with malware in any capacity. It’s often installed on devices under the radar, and unless you are actively looking for it, it’s entirely possible that it can run in the background and cause all kinds of trouble without being detected. You can get malware through the same processes as viruses, and the same antivirus solutions can help you to resolve malware as well.
Phishing Attacks
Phishing attacks are mediums to spread other types of threats rather than actually being threats in and of themselves. Hackers might try to send out spam messages with links or infected attachments aiming to get the user to download them or click on them. When they do, the device is infected. Some phishing attacks are so inconspicuous that they can be hard to identify.
There are other types of phishing attacks as well, some of which try to get the user to share sensitive information or send money to the cybercriminal. Cybercriminals can spoof legitimate-sounding email addresses and use psychological hacks to convince the user to act in a certain way. It’s the most common way that hackers see results, so you should be aware of it.
Ransomware
Ransomware is so dangerous and high-profile that it is deserving of its own section. Ransomware locks down files using encryption and forces the user to pay a ransom in order to unlock them, usually in the form of cryptocurrency. Recent ransomware attacks are also threatening to release encrypted data on the Internet if the ransom is not paid, something which basically forces the user to pay up and gets around the possibility of restoring a backup.
Denial of Service (DDoS)
Denial of Service and Distributed Denial of Service attacks occur when a botnet, or a network of infected computers, repeatedly launches traffic at a server or infrastructure to the point where it just cannot handle the load, effectively disrupting operations and forcing it to shut down. Sometimes this happens with websites or services, so it’s no surprise that businesses can suffer from them, as well.
Trojans
Trojans (also called backdoors) install themselves on devices and work in the background to open up more opportunities for hackers later on. These can be used to steal data, infiltrate networks, or install other threats. Basically, if a hacker installs a backdoor on your network, they can access it whenever they want to; you are essentially at their mercy.
Zero-Day Vulnerabilities
Zero-day vulnerabilities are those that were previously unknown to developers but are currently in use by cybercriminals. These zero-day vulnerabilities are problems because when the developer discovers them and issues a patch, cybercriminals can identify the vulnerability based on the patch, and then exploit users who haven’t installed the patch yet. There is not much to be done besides keeping your software up-to-date, monitoring your networks for issues, and trusting the developers to issue patches as they discover security problems.
User Error
User error is a critical issue for many businesses. Your business is made up of people who perform tasks and work toward objectives. If one of these employees makes a mistake, it could leave your business exposed to threats. Thankfully, a combination of best practices and security solutions should be enough to minimize user error, and with some security training under their belt, your employees should have a good idea of how to handle it.
Get Started with Security Solutions
Point North Networks, Inc., can equip your business with the tools you need to be successful when protecting your organization. To learn more, reach out to us at 651-234-0895.
Phishing Training is a Critical Component of Any Security Strategy
Phishing attacks are some of the most common threats out there. Hackers will craft messages or web pages designed to harvest information from your employees, be it through suspicious requests for credentials via email or through false websites that look so much like the real thing that it’s no wonder they were tricked. How can you make sure that your employees don’t fall for these dirty tricks? It all starts with comprehensive phishing training.
So, what goes into a successful phishing training program? Let’s take a look.
Phishing training involves exposing your team to simulated real-world scenarios in which they might encounter a phishing scam. It’s worth mentioning here that phishing can potentially involve much more than just a simple email containing requests for sensitive information or forms on websites asking for credentials. Phishing can come in the form of phone calls, text messages, and other communication mediums. Therefore, it becomes of critical importance that your staff have the skills needed to identify these phishing scams in whichever form they take.
As for what this phishing training might look like, it depends on the context. Training might take a more passive approach with videos, but it also takes on more active approaches with interactive workshops and hands-on training exercises.
One of the best ways to get a feel for how well your employees understand phishing attacks is to test them without them knowing it using these simulated attacks to see who takes the bait and who doesn’t. In this way, you can get a sense for how they would react under normal everyday circumstances. This type of threat awareness is important to gauge where your employees are in regards to cybersecurity, and it can give you an idea of which employees need further training.
We want to emphasize that phishing training is not about calling employees out on reckless behavior; rather, it’s about corrective practices that can help your business stay as secure as possible long-term. It is better to find out which of your employees struggle with identifying phishing attacks in simulated situations than when the real deal strikes, after all.
Look, we all want to trust our employees to do the right thing and know better than to click on suspicious links in emails, but at the end of the day, wanting something and actually getting it are two entirely different things. We need to accept reality and admit that hackers can and will succeed in their phishing attempts if we don’t do anything to prevent them. The best way to keep phishing attacks from becoming a nightmare scenario for your business is to implement comprehensive training practices and consistently reinforce them with your staff.
Point North Networks, Inc., can give your employees the training they need to keep from falling victim to phishing attacks. After working with our trusted IT professionals, your employees will know how to identify phishing attacks and how to appropriately respond to them without risking your organization’s security. To learn more about our phishing training and other security services, reach out to us at 651-234-0895.
Your Guide to the Modern Varieties of Cybercriminal
There is an entire litany of stereotypes that are commonly linked to the term “hacker”… too many for us to dig into here, especially since they do little but form a caricature of just one form that today’s cybercriminal can take. Let’s go into the different varieties that are covered nowadays under the blanket term of “hacker,” and the threat that each pose to businesses today.
To give this list some semblance of sensible order, let’s go from the small fish up to the large players, ascending the ladder in terms of threats.
The Ethical Hacker
First and foremost, not all hackers are bad. Certified Ethical Hackers are high-profile cybersecurity experts that are designed to think like a cybercriminal. They can be employed to determine how secure your organization is.
The Unintentional Hacker
We all make mistakes, and we can all get a little bit curious every now and then. Therefore, it stands to reason that this curiosity could get people into trouble if they were to find something—some mistake in its code or security—on a website. This is by no means uncommon, and the question of whether this kind of hacking should be prosecuted if the perpetrator reports their findings to the company has been raised by many security professionals.
Regardless, if someone can hack into a website without realizing what they are doing, what does that say about the security that is supposed to be protecting the website… or, by extension, a business’ network? Whether or not you take legal action, such events should never be glossed over and instead be addressed as growth opportunities for improving your security.
The Thrill Seeker
Each of the hackers we’ll cover here has their own motivation for hacking into a network. In this case, that motivation ties directly back to bragging rights (even if the hacker only ever brags about it to themselves). While these hackers were once far more common, the heightened accountability and legal consequences that such behaviors now bring have largely quashed the interest in such hacking. Many of those that would have once been interested in this kind of hacking are now focused on modifying hardware over software, turning to interest-based kits like the Raspberry Pi and others to scratch their “hacking” itch.
The Spammer
Adware—or a piece of software that hijacks your browser to redirect you to a website hoping to sell you something—is a real annoyance, as it wastes the user’s valuable time and energy. It also isn’t unheard of for otherwise well-known and legitimate companies to use it in their own marketing, despite the risk they run of having to pay regulatory fines due to these behaviors.
While the real damage that adware spamming can do may seem minimal, it is also important to put the nature of these efforts into perspective. An adware spammer will use the same tactics that other serious threats—things like ransomware and the like—are often spread through. If you’re finding your workstations suddenly inundated with adware, you are likely vulnerable to a much wider variety of threats than you might first assume.
The Botnet Recruiter
Some threats to your network aren’t even technically directed toward your business itself. Let me ask you this: would you see it as a threat to have your computing resources taken over and co-opted for another purpose? After all, the result is effectively the same as many more directly malicious attacks—greatly diminished productivity and efficiency.
This approach is quite literally how a botnet operates. Using specialized malware, huge numbers of otherwise unassociated machines can be taken under control and have their available resources directed toward some other means. A particularly famous example of a botnet’s power came just a few years ago, when a botnet was utilized to disrupt the services of Dyn, a DNS provider. This took popular websites like Twitter and Facebook down for several hours.
Missing or neglected patches are one of the simplest ways for a botnet to claim your resources as its own—particularly when login credentials haven’t been changed.
Hacktivists
While political activism can be a noble cause, the hacktivist goes about supporting their cause in a distinctly ignoble way. Operating in sabotage, blackmail, and otherwise underhanded tactics, a hacktivist that targets your company could do some serious damage—despite the good that most of these groups are truly attempting to do.
Of course, the law also doesn’t differentiate between different cybercrimes based on motive, making this form of protest particularly risk-laden for all involved.
The Miners
The recent cryptocurrency boom has seen a precipitous uprising in attacks that try to capitalize on the opportunity, using tactics that we have seen used for good and bad for many years now. Above, we discussed the concept of a botnet—where your computing resources were stolen to accomplish someone else’s goal. However, the practice of utilizing borrowed network resources is nothing new. The NASA-affiliated SETI (Search for Extraterrestrial Intelligence) Institute once distributed a screen saver that borrowed from the CPU of the computers it was installed on to help with their calculations.
Nowadays, cybercriminals will do a similar thing, for the express purpose of exploiting the systems they infect to assist them in hashing more cryptocurrency for themselves. The intensive hardware and utility costs associated with mining cryptocurrency often prohibit people from undertaking it on their own—so enterprising hackers will use their malware to find an alternative means of generating ill-gotten funds.
The Gamers
Despite the dismissive view that many have towards video games and their legitimacy, it is important to remember that the industry is worth billions (yes, with a “B”) of dollars, massive investments into hardware and hours poured into playing these games. With stakes that high, it is little wonder that there are some hackers that specifically target this industry. These hackers will steal in-game currency from their fellow players or launch their own distributed denial of service attacks to stifle the competition.
The Pros-for-Hire
The online gig economy has become well-established in recent years—where a quick online search can get you a professional to help you take care of your needs, whether that be for childcare or for car repairs or any other letter of the alphabet. Similar services exist for directed cybercrime efforts as well.
Using a combination of home-developed malware as well as examples that they’ve bought or stolen themselves, these professionals will license out their services for a fee. Whether it’s a governmental body seeking sensitive intel or a business seeking to undermine a competitor, these mercenaries can pose a significant threat against anyone who lands in their crosshairs.
The Thief
On a related note, a lot of modern cybercrime is simply a digitized version of crimes we have seen in years past. Without another stagecoach to hold up, highway robbery has simply been shifted to the information superhighway, the stick-‘em-up translated to ransomware, dating scams, or denial-of-service attacks. The overarching motivation behind most of these efforts is simple: illegitimate fiscal gain.
The Corporate Crook
Corporate spying is a decidedly more direct version of the pro-for-hire trend that we discussed above, where a hacker will target a business’ documents and resources to help their competition in any way they can. While there may not be honor among thieves, there can be amongst the businesses that these thieves will try to sell stolen data to, as some companies have reported the theft after being approached.
The Nation State
Finally, we come to perhaps the biggest threat out there to many: massive teams of professional, government-employed hackers working to undermine the operations and machinations of other nations—both in their governments and their industries. This is generally intended to put the other nation in a diminished position should hostilities ever erupt.
If you remember the 2014 satirical movie The Interview—and more pertinently, the hack that Sony Pictures suffered in retaliation for the film—you’re aware of a very recognizable example of this kind of threat actor.
Clearly, the idea of a hacker that so many have is far too minimalistic to be relied upon anymore… especially if you’re staking your company’s cybersecurity preparedness on it. That’s why Point North Networks, Inc., is here to help. Our professionals are well-versed enough in best practices to help prepare you to deal with a much more realistic cyberattack. You just have to reach out to us at 651-234-0895 to get started.
