Ransomware South Africa.

End Users, Informal and Small Business: Ransomware, Business Email Compromise BEC and Spoofing
If in doubt delete.

Ransomware South Africa.

End Users, Informal and Small Business: Ransomware, Business Email Compromise BEC and Spoofing

 

South Africa can no longer ignore it’s IT security vulnerabilities as a matter of National Interest.  

The South African news is once again filled with new Ransomware attacks, Business Email Compromise BEC and Spoofing Email hacks. South Africa’s Justice Department, Space Agency, Transnet, JBS S.A. and many other businesses are affected by the attacks conducted by CoomingProject and other threat actors.
Just like our recent #FreeZuma insurrection riots, strangely enough rooted in the same foreign states as the hackers, we can defend the mall by doing our bit in our digital community. Corporations or Big Business are not the only target as data shows End Users, Informal and Small Business are often the main target of Ransomware, Business Email Compromise BEC and Spoofing.

What can I do as the end user/consumer, Informal & Small Business?

Zero Trust Policy:
Treat all emails with suspicion, even emails that appear to be legitimate internal company or organisational communications, emails from suppliers; especially emails from senders and suppliers you don’t recognise.
Check the senders email address and name, make sure its coherent and not random text.
Check the @company url string making sure it’s not random text, misspelt or matches suppliers you have on file.
Do not open email attachments sent to undisclosed recipients or if the senders email matches the receivers (in this case it should be your email address).
Check for spelling and bad grammar.
If in doubt delete or drop into the junk mail.

 

South African Internet Service and Cell Phone Providers as well as device manufactures whose software and systems are often the carriers of the scripts, the pinging and hacks, to start taking a greater accountability for their customers/consumers security and safety. IT service and hardware providers need the same oversight as car manufacturers, as it’s the vulnerabilities in their products, software, services that are exploited.

 

Turn off all automatic downloads

Never give out your bank card details over the phone nor your 2FA code nor share your pin, OTP or password. 

 

Ransomware, Email Hacks.
What precautions to take as End Users, Informal and Small Businesses.

Zero Trust Policy.
Adopt a least privilege access policy.
Keep all software up to date and patched especially on your cell phone.
Secure your internet router by changing the default admin and your Wi-Fi.
Avoid public Wi-Fi and use a VPN.
Change all passwords often.

Email Client Privacy, script and Security changes.
Adopt a least privilege access policy.
Turn off all images and links in your email client’s security. This also stops Web Beacons.
Real all email as plan text.
Convert emails from html to plain text.
Turn off settings that allow downloading of external content or links.
Do not allow scripts in emails settings.
Turn off attachment preview. Only open attachments you are expecting and know the sender otherwise delete.
Disable all macros for example Word Doc. Malware.
Avoid opening or viewing your email in a browser.
Hover your mouse over url links before you click on them to check if the URL is legitimate.
Double check emails that contain threats to shut your account down for example the Microsoft Invoice Phish.

Remote working creates holes in the standard security setup one has in the work environment. Work place network Firewalls and antivirus is replaced by your home setup. Email clients that are browser based and not systems based are exploited.

Solution: Users to be trained in security best practices and simulations. Ransomware is a national security threat and must legislated as such. Hackers switched switches causing a nuclear meltdown, an electric grid in the US going offline and business and councils paying ransomware to restore IT Infrastructure.

Ransomware South Africa converting emails to plain text.

Below is the same email, the first one is html and the second email is as plain text. Converting from html to plain text and removing images, one can see the target URL link is not Absa Bank, the target url link does not match the business the claims to be from. Converting to plain text removes the html masking. Removing images and converting to plain text, removes web beacons that are used to track the end users interaction with the email and the url links. I recommend removing all images and viewing all email as plaint text. You can easily view the email in html if trusted.

Email as html mask the url

Html email which masks compromised URL links as text

Same email as plain text

Plain text email with Html and images turned off.

Business Email Compromise What to do:

If in doubt delete.

Users to be trained in security best practices and simulations like not to open attachments before verifying.
Ensure the domain visible in the received email is associated with the business it was emailed from.
Make sure the address to:field section in the email client email matches your email address.
Do not open if the senders and to:field emails are the same.
Do not open emails with attachments and invoices addressed to undisclosed recipients.
Do not follow drive links, like Google Drive or Dropbox links, to download invoices or other content from unrecognized, undisclosed recipients or non-first-tier friend contacts.
Be aware of colleagues or clients informing you of mysterious emails coming from your accounts.
Turn off links and images in the email client. If in doubt drop the email in the junk mail to check links.
Link hover, use the mouse and hover over the links in the email to check if they match the sender’s domain.
Latest patches and updates to all software. Most attacks are not detectable by anti-virus software at the home user level nor at the Corporate level.
Do not list the accounting or admin emails online. Use a generic info@ for websites and social media.
Question all marked as urgent payment emails and unplanned payment instructions as suspicious. Contact, preferably face to face, the co-worker or line manager that issued the directive. Social engineering exploits our compliance when issued with a directive from an authority figure. Any changes to Beneficiary Banking details must be verified if possible, using traditional methods or original contact details. If in doubt check with your line manager.

Great reading from The State of Email Security 2020
For security awareness training https://www.knowbe4.com/

 

Apple Maps Connect

Apple Maps Connect. Apple Maps Connect is a location based mapping system powering iOS.Apple Maps Connect. Apple Maps is Apple Inc. web mapping service, replacing Google Maps in 2012 as the default map system of iOS, iPadOS, macOS, and watchOS. After a lot of...

Covid-19: Below is My Normal Day

Covid-19 Below is My Normal Day. My Short Stories on Life. Creative Writing Examples of SEO Content Copy Writing. Amava Oluntu May 15, 2020Covid-19 Below is My Normal Day. My Short Stories on Life. Creative Writing Examples of SEO Content Copy Writing. Amava Oluntu...

COVID-19 Frontline

Burners on the COVID-19 Frontline: a report from Kgara_Kevin Rack. My Short Stories on Life. Creative Writing Examples of SEO Content Copy Writing. Afrikaburn 22nd April 2020Burners on the COVID-19 Frontline: a report from Kevin Rack. Afrikaburn 22nd April 2020  ...

What I Do

I specialise in Digital Footprints for new Startups and Identities struggling to be found in Search.

Google Maps Marketing Local SEO

Google Maps Marketing Local SEO

Google Maps Marketing Local SEO is the art of optimising your online presence and increasing foot traffic to your local based business.

SEO Digital Content Copywriting

SEO Digital Content Copywriting

SEO Digital Content Copywriting is the art of copywriting keyword/phrase content that is found in search results that converts.

Search Engine Marketing SEM

Search Engine Marketing SEM

Search Engine Marketing SEM is a paid advertising strategy, like pay-per-click (PPC) increasing website visibility to appear as search results in Search Engine Results Pages SERPs.

WordPress Websites

WordPress Websites

​WordPress is an open-source versatile content management system CMS for users to create easy functional beautiful looking websites that is found in search

WordPress Websites SEO

WordPress SEO

WordPress SEO is the art of of getting your WordPress Website Pages on #Page1 of Organic Search Results for your Keywords/Phrases/Products/Services to your (best converting) target audience.

WordPress Website Maintenance

WordPress Website Maintenance

WordPress Website Maintenance is the process of keeping your website functioning properly, fast, secure, backed-up, up-to-date and in line with best practices that supports your SEO strategy.

Photography for WordPress Websites SEO

Photography

Photography is the art of capturing an instant in time by recording the light you see and applying a filter of your innermost thoughts.

Samsung Gear 360° Virtual Reality Video

360° Virtual Reality Video

Let's Work Together!

Contact Us SEO Cape Town

5 Clarendon Court, Melrose Road, Muizenberg, Western Cape 7945, South Africa VFR9+XP Lakeside, Cape Town

(+27) 060 904 5988

Email Me