Minimize your digital risk by detecting data loss, securing your online brand, and reducing your attack surface.
A powerful, easy-to-use search engine that combines structured technical data with content from the open, deep, and dark web.
Digital Risk Protection
Read our new practical guide to reducing digital risk.
New report recognizes Digital Shadows for strongest current offering, strategy, and market presence of 14 vendors profiled
Read Full Report
This week we move onto theme three of Cyber Security Month: recognize cyber scams. The important point here is that you do not have to be technical to recognize a cyber security scam. In this blog I’ll cover some simple security practices that will make you cyber savvy in no time.
Typo-squats and domain squats use variations or misspellings of a legitimate domain name to target potential victims. Once registered, these domains are used to achieve phishing attacks by sending emails and/or acting as the host location for fake sites.
However, don’t sweat. These attacks often can be easily identified. When looking at a domain name:
Figure 1: WHOIS information for a malicious domain retrieved using Shadow Search. This particular domain has previously been used to host the Trickbot banking trojan.
Though sub-domains (e.g. info.digitalshadows.com) are commonly used by legitimate organizations and are not bad in themselves, they can be used by scammers to distribute malicious file downloads or host phishing sites.
The guidelines listed above for identifying typo-squats all apply to spotting malicious sub-domains. In addition, alongside scrutinizing super long URLs from left to right to identify the main domain, you can also run it through a WHOIS database search. A WHOIS search will remove all the page extensions and “dot” drivel from a URL, revealing the (true) main domain name – tadaaa!
When running a WHOIS search, you may find that the site itself is registered to a legitimate organization even though the sub-domain appears suspect. This could be because attackers have hijacked a legitimate domain as the host site of a malicious sub-domain.
Scammers use phishing emails to steal sensitive user data. This may involve social engineering techniques to impersonate a real individual or organization and trick a user into giving confidential information away – such as through a crafted login page to collect passwords or a request to transfer sensitive documents. Alternatively, they may include direct blackmail threats and demand a ransom payment from a potential victim. Do not fear. Scammers who craft these emails are often lazy or make sloppy mistakes that are easy to spot.
Virus protection software and spam filters are good foundational measures for identifying and blocking phishing emails. But, when still in doubt, a useful way to determine whether you have received a phishing email is to pick the email apart with the following questions:
Mobile applications (“apps”) are becoming an increasingly common entry vector used by cybercriminals; this is mostly because apps provide a new attack surface that organizations sometimes struggle to have oversight across. Be wary of:
Although the tips listed above do not cover all the different cyber scams, they provide a pretty good foundation for detecting the most prevalent ones out there. And, as important as security best practices may be, gaining a basic understanding of your attack surface and what it is that attackers want, are equally crucial steps in the pre-emption and detection of cyber scams.
To stay up to date with the latest digital risk and threat intelligence news, subscribe to our threat intelligence emails here.