Today is April Fool’s Day, the first day of April. It is a day when traditionally pranks and jokes are played on people all the world over. Although the true origins of how the traditions for this day started are lost to time, it is known to go back several hundred years with evidence pranks were played as early as 1700. There are other signs that show pranks on this day even farther back to the time of the Holy Roman Emperor Constantine.
But April Fool’s Day is no longer just about (relatively, depending on which end you are on) fun pranks. In the modern age, cyber criminals also play “pranks” on unsuspecting users and organizations. Just as attackers have taken advantage of every holiday, pandemic, or political situation to capitalize on user naivety, fear, or love, they are certainly prepared to exploit April Fools. Back in 2009, the Conficker C computer worm was programmed to stay dormant until April 1.
As a minimum, expect to see a large increase in phishing emails trying to get you to click on links. Once a link is clicked, you will likely be taken to a fake site pretending to be legitimate (banking, shopping, healthcare especially COVID-19 related, etc.) that will try to trick you into entering personal information, passwords & credentials, credit card numbers, etc. A good rule of thumb for today, if you do not know or trust the sender, automatically delete the email.
But that will not be the only “pranks”. You need to be very aware of new ways cyber criminals will use attack. Here are a few newer attacks you should be looking for on April 1st.
“Deepfake” is the new phishing, with attackers going beyond phishing emails into text, calls, and video to accomplish their goal by creating very realistic but fake video & audio using artificial intelligence. Deepfakes have long targeted the government and political arena but are now going viral – reaching us all.
Calls, emails or texts about sudden and mysterious bills, payments, or delivery issues with online orders should give you pause. Scams have gone well beyond form emails, and attackers are hiring warehouses full of staff to answer phones and questions and take your financial information.
Just to show what a Deepfake looks like, this is the original Wonder Woman film trailer with Gal Gadot’s face replaced with that of Lynda Carter, the original television Wonder Woman from the 1970’s. It is scary how real this looks.
VoIP Phishing Hoax
Voice over Internet protocol attacks have allowed criminals to hide their location while reaching out to a wide and captive audience by phone or voicemail. Any “form-letter” type of phone call or voice message could be a potential attack. Check your online accounts before giving out any information over the phone – no matter how professional or official the message sounds.
We all know of spear phishing as a targeted phishing attack, sometimes utilizing AI technology or stolen credentials.
Notification of Unexpected Changes to Organization Computers and Applications
Ideally, no one will be making sweeping, company-wide changes on Aprils Fools’ Day, but if you do see any of these shenanigans going down, ignore them. Common sense should tell you that the finance department or your manager do not urgently need your log-in credentials or credit card number today or any other day.
Anyone falling victim to any of these attack types or countless others, has the potential to infect their entire business network if the proper protections aren’t taken. The US National Security Agency reports that 93% of all attacks could be stopped with basic cyber hygiene practices. So, what can you do to lessen the risk of you falling victim to any of these attacks on April 1st, and then the rest of the year?
Strong password management. The same passwords should never be used on different systems or user accounts. Passwords should be made complex enough to prevent brute force cracking by being long and using special characters. However, keeping up with constant password change requests and remembering different strings of letters, numerals and special characters is too much to ask for some people. Hackers know this and will exploit it. Having a secure password manager application can largely automate the process of creating and maintaining passwords across numerous systems and protect these passwords within an encrypted vault.
Use multi-factor authentication for your applications and accounts. There are many available token authentication applications available such as MS Authenticator or Google Authenticator that adds a strong layer of security to password management. Token authenticators generate unique one-time codes that are used as a second verification mechanism for your accounts in addition to passwords.
Zero Trust or minimize admin privileges wherever possible. For simplicity, organizations tend to give default privileges to admin accounts which can be a lot of access. Same with many user accounts. And privileges tend to suffer increase creep over time, so it’s important to review accounts and privileges regularly, especially after people have moved on to new positions or projects and admin access is no longer needed. Making sure to revoke unnecessary permissions will help limit potential attack surfaces.
Remove unauthorized applications. Create a whitelist of approved applications and prevent unauthorized applications from being installed. This is one of the best ways to prevent malicious files from running.
Separation of employees and guest Wi-Fi networks. Create a dedicated network for guests and make sure only approved devices and users can access your company’s internal network. Some organizations even create multiple internal networks to separate business functions such as keeping finance networks separate from manufacturing management networks.
Sangfor Technologies IR services (incident response services) provide this vital protection with the added convenience of tiered packages that work for every enterprise, vertical, size and budget.
Smaller enterprises can choose between the Essential or Standard IR Packages, which provide simple security incident assistance and reports or even further vulnerability assessment and remediation assistance before an attack occurs.
Sangfor’s Premium IR Package works well for larger businesses. Sangfor professionals will perform an assessment of your organizations network security and vulnerabilities, providing vulnerability assessment reports and firewall ruleset policy review reports yearly.
For more information on Sangfor IR Packages and how they can protect your organization from ever growing cyber threats, contact a local Sangfor representative today or visit our website at www.sangfor.com.
Sangfor Technologies is an APAC-based, global leading vendor of IT infrastructure solutions specializing in Network Security and Cloud Computing. Visit us at www.sangfor.com to learn more about Sangfor’s Security solutions, and let Sangfor make your IT simpler, more secure and valuable.