{"id":2126,"date":"2017-06-01T17:10:54","date_gmt":"2017-06-01T05:10:54","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=2126"},"modified":"2017-06-01T17:10:54","modified_gmt":"2017-06-01T05:10:54","slug":"simple-effective-hack-back","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=2126","title":{"rendered":"A simple but effective hack is back"},"content":{"rendered":"

[header2 text=”We’ve seen this several times in the last few weeks” align=”left” color=”#336A40″ margintop=””]<\/p>\n

A classic phishing technique has been updated and is reaping rewards for hackers.<\/p>\n

Delivery is\u00a0by email or web popup.\u00a0 You are asked to take a survey (often for the chance to win something) or invited to sign in to download a file.\u00a0\u00a0 Next you are prompted to enter a login or password to prove your identity.\u00a0 They ask you to enter your Facebook, Dropbox or Office 365 login details.<\/p>\n

The hack is successful because\u00a0a number of legitimate sites link to your Facebook account. \u00a0But it is not common practice for sites to link to your Office 365 account.\u00a0 As people often use the same login and password on multiple sites, once they have your Facebook login they will immediately try access other sites like online retailers etc.<\/p>\n

If you use your Office 365 login, they access your email and use that to spread ransomware to your contacts.\u00a0\u00a0 Typically they will email everyone in your contacts<\/strong>. \u00a0They then cover their tracks by deleting the emails from your sent items and set up a rule to delete any new incoming emails.\u00a0 We have seen this\u00a0happen a couple of times in recent weeks.\u00a0<\/strong> The most recent example was though a link inside a PDF, that took the user to a web site which asked for his Office 365 credentials.<\/p>\n

This screen shot shows a survey prompt targeting a NZ ISP.\u00a0 After clicking ‘Accept’ you are taken to\u00a0the login prompt.<\/p>\n

\"\"<\/p>\n","protected":false},"excerpt":{"rendered":"

[header2 text=”We’ve seen this several times in the last few weeks” align=”left” color=”#336A40″ margintop=””] A classic phishing technique has been updated and is reaping rewards for hackers. Delivery is\u00a0by email or web popup.\u00a0 You are asked to take a survey (often for the chance to win something) or invited to sign in to download a […]<\/p>\n","protected":false},"author":5,"featured_media":2129,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4],"tags":[],"class_list":["post-2126","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/2126","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2126"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/2126\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2126"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2126"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2126"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}