Since March 2017, Informant Networks has been noticing a combination of a cyber and physical social engineering attack at 3 different companies in the Udyambag Industrial Area in Belgaum. The modus operandi of the criminal group is to hijack email conversations between two businesses and intervene at the point at which financial transactions are supposed to take place.
The attack starts by compromising the email account of one of the two business entities that are normally known to do business, the attacker at this stage just observes the email exchanges between the representatives of the two companies being attacked, once the conversation has come to a finish or when matters of payments are being discussed, the attacker starts impersonating the receving party in the financial transaction and provides a new account number for the funds to be transferred.
The attackers here take advantage of previously established trust between the two companies and requests for payments to be done to a new account and not to the previous account which would be the account of the legitimate business.
Once the funds are transferred to the attackers account. the money is withdrawn almost immediately and all trails are cold. This combination of a cyber and physical attack is lethal since it takes advantage of a previously established trust.
In these situations it is advisable to reach out to a previously known contact over a previously used phone number and cross check for the correspondence by a new individual claiming to be from the same company.
This word brings excitement to some and worry to some. When people ask me what i think. I tend to have mixed responses. Although i like the idea of blockchain and the guarantees it provides. There is a lot of discussions around ethical use of bitcoin and where trust lies in the system.
We believe in everyone having a safe environment to browse the internet and be protected against all malicious activity on the internet. In this journey, we constantly struggle in providing the best knowledge and education about the internet and its dark side to everyone associated with us. There are certain guidelines that we encourage people to follow. These guidelines are the culmination of personal experiences and general practices that the security community suggests to everyone out there. This is going to be a long article. but it’s necessary Continue reading →
Up until year 2000, Industries were not so much prone to cyber-attacks. With rapid increase in digitisation, Cyber-attacks in industries become increasingly more and more daunting. To understand the devastating effects of a cyber-attack, below are world’s top brutal cyber security attacks on Industries. This is a definite wake up call for all kind of industries to build digital wall which can safeguard their digital property. Continue reading →
Each day that passes by, more and more business value and personal information (worldwide) are rapidly migrating into digital space on open and globally interconnected technology platforms. As it happens, cyber-attacks and breach in data security don’t look like they’re going to slow down.
Today, computer viruses and other malicious software are no longer written by hobbyist hackers – to seek fame and glory among peers. Most of them are written by professional criminals who are making millions with their attacks. ebay – the ecommerce and world biggest auction site famously fell prey to hackers in year 2014. Continue reading →