SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Thwart phishers and their bait through a total security approach
Tue, 13th Feb 2018
FYI, this story is more than a year old

How many phishing emails landed in your inbox today? How many were caught by your filters? How many people clicked on the links and entered their details into dodgy websites? Maybe your CEO was a specific target.

These types of scams are becoming all too common, with many governments and watchdogs doing their best to cut through the noise and educate everyone about the dangers of phishing. Unfortunately, organisations such as Xero and its customers are being dragged through the mud as greedy cyber attackers create emails and websites that look scarily like the real thing.

Here's an example. The week of September 28 2017 was a bumper week for phishing emails as criminals masqueraded as both Telstra and the Commonwealth Bank of Australia.

To the untrained eye, both the emails and websites looked almost identical to the genuine sites.

New Zealand is not immune. CERT NZ found that out of a total 390 incidents reported to the watchdogs between April and September last year, 153 were incidents classed as phishing and credential harvesting.

So if emails and websites look genuine, how can you discern the real from the fake?

You should check every email and every link for spelling mistakes and maybe even double check with the genuine organisation about something you're not sure about.  Security technologies are also more advanced than ever before and they are able to filter out the phony websites.

Before we get to that though, let's talk about malware.

The CERT NZ report also found that 28 reported incidents were related to malware. Bitdefender recently spotted a custom malware called Operation PZCHAO that was targeting various regions of Asia.

The Ursnif banking Trojan has also been targeting Australia and New Zealand with a disproportionate prevalence. It has been masquerading as genuine brands like Xero and Tax Store Australia.

How can we fight back against malware and phishing attacks? In addition to possessing a healthy dose of cyber hygiene such as not clicking on suspicious documents, cyber protection is more advanced than ever before as it evolves to fight back against cyber threats.

Bitdefender Total Security 2018 is a four-in-one product available for your Windows, Mac, iOS and Android devices. It combines protection, performance and privacy in one product that covers all your security needs.

Bitdefender Total Security 2018 also offers anti-phishing and anti-malware technologies that can secure your organisation, your family - and your CEO.

How does its phishing prevention work? It fights back against phishing by sniffing and blocking websites that masquerade as trustworthy in order to steal financial data such as passwords or credit card numbers. It warns you every time you come across fraudulent attempts.

It also defends against all threats including malware, zero-day exploits, rootkits and spyware.

What else is included? Webcam protection, multi-layer ransomware protection, a password manager, file shredder and social network protection just to name a few.