{"id":10265,"date":"2023-03-16T08:43:00","date_gmt":"2023-03-15T19:43:00","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=10265"},"modified":"2023-03-16T08:43:00","modified_gmt":"2023-03-15T19:43:00","slug":"cyber-attacks-on-emails-get-faster-and-faster","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=10265","title":{"rendered":"Cyber-attacks on emails get faster and faster"},"content":{"rendered":"

[et_pb_section fb_built=”1″ _builder_version=”4.17.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_row _builder_version=”4.17.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_column type=”4_4″ _builder_version=”4.17.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.17.4″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” theme_builder_area=”post_content” sticky_enabled=”0″ custom_margin=”||-19px|||”]<\/p>\n

A lot can happen between your morning coffee and your lunch.<\/h3>\n

That\u2019s all it takes to go from \u2018normal\u2019 to \u2018disaster\u2019 when the hackers strike.<\/h2>\n

Microsoft researchers recently worked backwards through a \u2018BEC\u2019 attack (business email compromise \u2013 IT people love to convert everything into three-letter acronyms).<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row column_structure=”3_5,2_5″ _builder_version=”4.17.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content” custom_padding=”16px|||||”][et_pb_column type=”3_5″ _builder_version=”4.17.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.17.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”]<\/p>\n

They found the hackers set up fake \u2018typo-squatting\u2019 email domains and had hijacked an email thread within a couple of hours.\u00a0 That\u2019s the time from when they started setting up until when they struck.<\/p>\n

The business would have had very little warning that they were under attack before the hackers were already harvesting confidential information.<\/strong><\/p>\n

The hacker\u2019s goal is to gain access to an email account, then pretend to be a senior executive, so they can trick your payables team to make a fraudulent payment to the hacker.<\/p>\n

They will use any means they can.\u00a0<\/h3>\n

Typo-squatting allows them to set up a fake email account with a minor misspelling so it looks legitimate.<\/p>\n

[\/et_pb_text][\/et_pb_column][et_pb_column type=”2_5″ _builder_version=”4.17.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_image src=”http:\/\/kinetics.co.nz\/wp-content\/uploads\/2023\/03\/EmailSpeed.jpg” title_text=”EmailSpeed” _builder_version=”4.17.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”4.17.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content” custom_padding=”11px|||||”][et_pb_column type=”4_4″ _builder_version=”4.17.4″ _module_preset=”default” global_colors_info=”{}” theme_builder_area=”post_content”][et_pb_text _builder_version=”4.17.4″ _module_preset=”default” hover_enabled=”0″ global_colors_info=”{}” theme_builder_area=”post_content” sticky_enabled=”0″]<\/p>\n

\n
\n
\n

Another trick is \u2018man-in-the-middle\u2019 in which they setup a fake login-screen and pass through the MFA details.\u00a0 We\u2019ve outlined sone of the ways that MFA can be overcome such as \u2018fatigue\u2019<\/a> or similar fake sites\u00a0<\/a> (but MFA still incredibly important).<\/p>\n

By impersonating a senior exec on an email address that looks legit, and getting involved in conversation, the perpetrator can uncover other names, learn about the organisation and even learn to mimic the language styles used.<\/p>\n

 <\/p>\n<\/div>\n<\/div>\n<\/div>\n

So, the news is that hackers can move faster than ever.<\/h3>\n

You might be headed into a meeting with everything being normal, only to find that while you were busy doing business, the hackers were setting up an attack on your business and using machine-learning AI tools to go faster and do more damage than you could imagine. \u00a0The evidence shows this isn\u2019t a theory, it\u2019s the reality.\u00a0<\/p>\n

It can happen at any time. The internet and the cloud means your systems and data are exposed around the clock<\/strong>.<\/p>\n

That\u2019s why we\u2019ve just completely reviewed and refreshed our KARE support service.<\/a> Our new plans are available now and we are no longer offering our older ones because, frankly, they don\u2019t offer the necessary protection for the cyber-threat landscape as we see it in 2023.<\/p>\n

In this case, our EDR and 365 monitoring along with MFA management are key to keeping you, and your colleagues safe,<\/p>\n

Refer: Microsoft: Business email compromise attacks can take just hours (bleepingcomputer.com)<\/a><\/p>\n

 <\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"

A lot can happen between your morning coffee and your lunch. That\u2019s all it takes to go from \u2018normal\u2019 to \u2018disaster\u2019 when the hackers strike. Microsoft researchers recently worked backwards through a \u2018BEC\u2019 attack (business email compromise \u2013 IT people love to convert everything into three-letter acronyms).They found the hackers set up fake \u2018typo-squatting\u2019 email […]<\/p>\n","protected":false},"author":5,"featured_media":10269,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4,5],"tags":[],"class_list":["post-10265","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-security"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/10265","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=10265"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/10265\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=10265"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=10265"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=10265"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}