With the progression of security attacks so far in 2016, a lot of education is a must to general users of the internet so as to protect not only them but the companies they work for. One member of a 500 employee company is all it takes for unauthorized individuals to bring the company on it’s knees begging for their computers back – or access thereof, at least. Social media is one route successfully used to get trust and then execute an attack on victims online. We asked the most pressing questions to a security analyst and have this lot to expose to the public.
Huge companies, like Microsoft, have call centers to support their clients and give them maximum experience with their software. Because a call from them is respectable, hackers have been known to call unsuspecting computer users and socially engineer them into an attack scenario. Because it is relatively easy to get information from users through their various online profiles, a scam security call directed at a target can grant network access into servers and company databases. This is how such an attack could befall a victim;
- An attacker sets up websites and profiles to pose as legitimate.
- They can use LinkedIn groups to support clients while others watch.
- Then respond to a target’s plight as a genuine helper.
- Then flip the script.
Malwarebytes, a company leading the various research efforts into security matters ever since the threat of ransomware became active, reveals that remote access is their main objective. Some computer experts use remote login programs to resolve problems for their clients, this is the same portal that is being taken by attackers.
The security professionals at Malwarebytes have figured ways to sniff out illegitimate websites and profiles then shutting them down to protect other users of the internet, and it has been succeeding a lot lately. However, great concern lies in the fact that support for the bad side has always been working to keep the operational too. Each time one site gets sliced off, two grow to replace and worsen the problem.
The loophole presented to IT support companies lies in the difficulty in distinguishing them from the pretentious ones harming their clients. The greatest tool will be educating all clients and the world about the dangers of leaving information everywhere and responding to all calls, even those asking for credit card details.
Security is a big issue nowadays, more companies are being attacked ever since we started the year. More information is being acquired online as more people join social media accounts. If you read the news and security blogs, you know how hard IT support companies are trying to reverse the damage done by hackers daily. Sadly, their tactics are getting more complex at each recorded attack, and they are asking for more too. Perhaps the best line of defence will be on a more personal level than we are focusing on. Securing social media accounts is a good start.