Phishing Evolves: Best Practices to Avoid Being Phished

avoid_fishingby Michelle Couture

I received an email from Fidelity alerting me that my 401(k) account needed action.  It stated that I needed to activate my account within 2 weeks or I would lose matching for the year.  Being new to the company, I didn’t want to miss out on this opportunity.  I remember thinking that it seemed a little strange considering no other company had imposed such a rule, but I thought, “Hey, maybe this company does things differently.”  So I clicked and activated my account.

The next day I received an email from our security and privacy team telling me I had been phished.  I was shocked. Nothing seemed fake or out of place. What now?

Sadly, nothing about this story is unique.  Every day, people click on links and infect their devices and systems with malware.  If you have a “team” monitoring your account, as I did, the impact can be minimized.  But for a lot of people the consequences are disastrous.  Do you think you would know what to look for?

According to a recent Verizon report, over 20% of people will click on a phishing email.  The best way to avoid being phished is to always be on high alert.  When I think about my example, I knew something was weird, yet I talked myself out of it and clicked anyways.  It’s human nature to trust, and phishers capitalize on that.  This is exactly why it is so important to be aware of the scams. That way, if something feels “off,” you know what to do.

In my case there are a few rules I now keep handy:

  1. Be aware of email requests with high urgency that ask you to take quick action.  Phishers often prey on employee trust and will spoof executives to get you to comply with high urgency actions like wiring large amounts of money ASAP. Or in my case, losing my matching benefits if I didn’t immediately comply.  As a rule of thumb, if you are ever in doubt, double-check the request with the sender either by phone or by composing a new email—never reply to the email itself.
  2. Never give sensitive personal or financial information over email.  Trusted parties will never ask you for personal or financial information through email (e.g., social security numbers, account numbers, credit card numbers, passwords, etc.). Be cautious of emails that ask you to call a phone number to update your account information as well.
  3. If an offer seems too good to be true, it probably is.  Offers of big bonuses, large payments or gifts (e.g., win a free iPad) are ways attackers try to get inside your head. If the promise is “too good to be true,” do some research into the individual or company before taking action.
  4. Think about whether you initiated the action.  Phishers will try to spoof well-known companies to have you reset your password, update your account or track a shipment. Always be suspicious of unsolicited email, if you didn’t prompt a password reset — don’t click the link.
Continue Reading

Removing a rootkit virus

The removal process may not be straight forward, since there may be other malware involved. In some cases the only remedy is drastic – reformatting the disk and a complete reinstallation of all your programs. I hope that won’t be necessary.

First, let’s try the McAfee solution. RootkitRemover might fix it, so run that first.

Then run Stinger.

If that doesn’t work there are two other tools which should help…….

If the above doesn’t work, download and run RKill

 

RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections. When RKill runs it will kill malware processes and then import a Registry file that removes incorrect file associations and fixes policies that stop us from using certain tools. When finished it will display a log file that shows the processes that were terminated while the program was running …

Then download and tun TDSSKiller

 

5350-1-en.png

Continue Reading