securitycomplianceSecurityThreats

Click on Scam Email –> Destroy your Data

FireEye Blogpost last week about phishing emails using the iCEDID phishing infection has an interesting image explaining this concept:

This is a sophisticated phishing setup and thus it behooves us to review this carefully.

If you notice the initial phishing email when opened has several embedded items as well as a password structure so that an anti-virus and other defensive mechanisms may be bypassed.

The end result for the hacker is a backdoor access to the victim host. Then the hacker can use the system for a variety of goals.

These hackers can be selling the access to a ransomware operator which will then try to download ransomware software to your computer or device.  The  criminal hackers are becoming more sophisticated and are scoping out the environment before creating the ransom demands. the reason is they want to know how much money to extract. It is not enough to ask for $300 from a 1000 people or devices.

You have to develop a systematic method  to thwart these sophisticated actors.

 

You must a have a security policy to  systematically create a defensive environment and my book coming in a few weeks will get you on your way to this path.  https://oversitesentry.com/book-email-list/

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.