Skip to main content

Tag: online security

Be wary of emails and messages from unknown senders!

On May 04, 2000, Windows computer users received an email with a malicious attachment. Then in just ten days, fifty million infections were reported. An estimated 10% of the internet-connected computers were infected by the ILOVEYOU virus. 

The infamous ILOVEYOU virus created a massive effect on internet-connected computers that costed more than $10 billion to removthe infection and to recover deleted files from backupsAs big as the economic impact, even the Pentagon, the CIA and the U.K. Parliament all closed down their email systems in response to this pandemic computer virus. 

The ILOVEYOU virus controlled the news headlines globally left and right. The spread of the computer virus quickly affected the victims because at that time no one knew about the threat in the first place.  

How ILOVEYOU became the first global computer virus pandemic 

The ILOVEYOU virus, known as the Love Bug at that time, is described as an infectious virus that was being spread differently. Just like all viruses, it requires a ‘host file’ that needs to be activated in order for the infection to take hold. Copies of that host then need to be activated for the computer to be ruled out as “infected”. Computer viruses are also known as worms. For while a worm is self-replicating – it can spread itself by scattering multiple copies of itself across a network without any activation or human intervention. 

When the infection started on May 04, 2000, it was also the same arrival of a spammed email message in the Philippines with the subject line of ILOVEYOU with an instruction to read the attached document from a supposedly love letter from the sender. Moreover, ILOVEYOU was one of the first major computer virus outbreaks and was one of the first to determine how spam can be a time-wasting annoyance. With just an executed Visual Basic script, the opening of that love letter attachment was not a document at all and used as a smart trick to hide the effect from the victim at that time. 

The Visual Basic script file extension of .vbs was hidden by default from Windows computers. A file called “LOVE-LETTER-FOR-YOU.txt.vbs” appeared to all its targets and tenacities to be a text document as the last file extension was not shown. By the act of opening the document, the execution of the script and the ILOVEYOU worm was set free on that computer and others it was connected to. The ILOVEYOU virus would also look under the user’s Microsoft Outlook Windows address book and send copies to all contacts. 

Historical warnings about global virus dangers were imposed way back 

According to Colin Childs, senior security architect at Octopi Managed Services, they have compiled a historical hacking archive aimed at the security researchers and members of the broader InfoSEC community. Childs was able to find a Community Emergency Response Team (CERT) advisory document dated as early as September 22, 1989 – eleven years before the spread of the ILOVEYOU virus! 

As viruses spread quickly and cause widespread damage, they created a bigger risk especially for personal computers which have fewer protection features and are often used by non-technical-oriented people. To date, this has changed the way we view the Internet and how we need to be wary when it comes to opening emails from unknown senders.  

ILOVEYOU virus in today’s pandemic situation that caused a fundamental shift in cyber-threat landscape 

The ILOVEYOU virus caused a big fundamental shift in the cyber-threat landscape for all the reasons known. It is an act of cyber-attack through emotions by tricking users into false sense of trust. The subject alone brought about curiosity from the user if it’s from someone he/she knew – and to make it worst, falling for the trick automatically affects the rest of your contact list without anyone’s knowledge at all.  

As for today’s pandemic situation, many businesses are shifting to the digital space in order to connect to their customers and continue their business operations. One such popular marketing tool companies use is email marketing, which, with one click of a button, allows mass sending of emails to a client database. But with the history of ILOVEYOU comes the downside of email marketing. Instead, others have resulted to email marketing as a means to spread misinformation or to steal personal information and contact details.  

Using a Secure Hosting Solution for your business website 

Apart from personal email threats, business website owners should also know how to protect their website from malicious viruses 

When it comes to your website security, we recommend integrating Sitelocka malware detection software that can give website owners a heads up whenever your website is experiencing any threats.  

Just as well, and as all websites are constantly at the risk of crashes and data loss, a backup service called CodeGuard, assures that your entire website will always have an updated backup on standby, ready to be recovered in case of any losses in data. 

For businesses looking for secure business email solutions and for teams who are looking to collaborate seamlessly across different platforms and programs on the Cloud, Google’s G Suite or Microsoft’s Office 365 might just be the solution for you. Not only can iManila help set up your business emails but we can also provide 24/7 support for any technical needs and concerns. 

And finally, for good measure, always make sure that your website is secure by integrating a Secure Socket Layer (SSL) certificate. Having a valid and integrated SSL on your website gives users the security they need when leaving their contact details on your website.  

Having been in the IT industry for more than 23 years, iManila can help you improve your website security and your business emails with a variety of solutions. Trust that with us, you can sleep soundly knowing that you have a partner to help you keep your website and emails secure. Know more about our Hosting solutions here: https://imanila.ph/hosting/. If you want to learn more, drop us an email at [email protected] 

Gmail Phishing Scam on the Rise!

 

For most of us, email is a way of life. From work to personal communications to smartphone applications downloads, our email is our virtual online address where most of important documents and updates are sent. That being said, email is an indispensable online asset. Modern life isn’t just the same without it. Unfortunately, it’s the one thing that most of us tend to neglect, especially when it comes to security.

In the past weeks, a phishing scam over Gmail has circulated and propagated in the World Wide Web, escaping the scrutiny of both experts and new users of this email platforms.

Wordfence  (security team behind WordPress) revealed how the phishing scam worked using its account to send unsolicited emails that contained that same malicious strings that pretended to be an authentic Gmail log-in page.

After the victim is fooled to logging in at the fake Gmail login page,  the attacker gains access to the victim’s account. This cycle continues as the attacker uses the compromised account to send malicious emails to other people in the email’s contact list.

That’s why this phishing method “gained popularity” among hackers in the past year: as it effectively tricked people into thinking that they’re opening content from a trusted contact. Furthermore, the hackers behind this method makes it much deceitful as they emulated the way the victim user sends his/her emails from the subject down to email body.

How to detect this?

The phishing technique is deceiving even experienced, technical users – the kind who are already aware of attacks designed to extract valuable information through online.

What makes this recent uncovered technique so much more dangerous is that the location bar shows the text string “accounts.google.com” – a legitimate Google page. However, in this phishing attack, there’s a text string (“data:text/html”) preceding “accounts.google.com.”

There’s also another large chunk of text appearing on the far side of the location bar, which is the file that ultimately sends one’s credentials to the attacker.

These hard-to-spot text strings differentiate the phishing log-in page from the legitimate sign-in page. Most will see “accounts.google.com”, believe it’s the real thing and continue with the log-in.

Prevention

Wordfence provided advice on how to avoid being victimized by this phishing attack:

“Make sure there is nothing before the hostname ‘accounts.google.com’ other than ‘https://’ and the lock symbol. You should also be keen about the of the green color and lock symbol that appears on the left. If you can’t verify the protocol and verify the host-name, stop and consider what you just clicked on to get to that sign-in page.”

The use of 2-step authentication is highly advised. This method uses a secondary verification mechanism for users, and to regularly change passwords.

Wordfence also received word from Google regarding the attack. The tech giant acknowledged it and said that they’re strengthening their defenses against it.

“We help protect users from phishing attacks in a variety of ways, including: machine learning based detection of phishing messages, Safe Browsing warnings that notify users of dangerous links in emails and browsers, preventing suspicious account sign-ins, and more,” said one of the Google representative.

Wordfence suggested that Google should incorporate a design that allows users to easily identify the malicious, hidden text strings seen in these attacks which is similar to the way that the Google Chrome browser labels insecure “https” pages in red and secure, trusted ones in green.

***

To know more about how to make your website secured and safe for your users, you can check iManila’s hosting page and check how our secured  hosting  packages and safety features such as the SSL certification can help you secure your business online.

 

Source: Wordfence.com

Rappler.com