Posts

When and How to Report a Cyber Attack Attempt

Should you report a cyber attack attempt? Even a small, seemingly insignificant one? The answer is almost always yes.

There are two reasons to report a cyber attack. The first is to show cyber criminals that you take security seriously. The second is to gain safety in numbers. The more people who are aware of current attacks and techniques, the harder it is for criminals to operate. Remember that hackers and fraudsters depend on their victims knowing little no nothing about their scams. Spread the word, and you help others defend themselves. When enough people fight back or ignore scam and hacking attempts, criminals move on to easier targets.

When Should I Report a Cyber Attack Attempt?

You should immediately report any cyber attack that occurs at the workplace, targeting your office phone, personal phone, email, text messages or web browsers. You should consider reporting attacks that target your personal email or phone as well, if you believe the attacker obtained information about you online. Senior executives and those who have access to financial or information-management systems should report every attack on any business or personal device.

What looks like a common malware email, such as “Your package could not be delivered,” or “Your account has been suspended,” takes on an added significance if you are a high-value target. Low-level employees may not need to report mass-email phishing and malware attacks, but should report any attack using a business or personal phone number, particularly if the attacker claims to be a co-worker.

Where Should I Report an Attempted Cyber Attack?

The size of your business will determine how you should report the attack.

For mid-size and large companies: You likely have an internal or external specialist who handles your cyber security. Report all attacks to this individual, no matter how small or obvious they may seem. Do not worry about being a nuisance. It is the cyber specialist’s job to determine how significant or widespread an attack may be, and they can only do their job if they have a complete picture of the threats a business faces. Provide as much detail as possible, including screenshots of emails and text messages, if any.

If someone calls or texts you claiming to be a coworker, report this activity immediately. Targeted pretexting attacks are on the rise, with some criminals using sophisticated software to impersonate the voices of business leaders and public figures. These attacks are resource-intensive and require planning. which makes it more likely that a criminal will target multiple individuals within an organization.

For small businesses: If you work in a small business without an in-house cyber security or IT specialist, you have two options:

  1. If you have an external IT specialist, report the attack to them and ask them to monitor your systems for any signs of unusual behavior.
  2. If you do not have an external IT specialist, send an email to all coworkers advising them of the attack. Send a screenshot of the text, email or website and ask if anyone else has received similar messages. If multiple people in a small business report the same attack, it may be a sign that you have been targeted. Strongly consider professional IT support to identify any possible system breaches or data loss if this occurs.

Reporting Attempted Attacks to Law Enforcement

Every successful cyber attack should be reported to local police. Your cyber insurance policy likely requires this. If customer data are stolen, you must report the attack to police and check reporting requirements under the FTC Safeguards Rule, if you qualify as a Financial Institution, and the SEC Disclosure Rule, if you work for or partner with a publicly traded company. Any significant data breach should be reported immediately to your state Attorney General’s office. In the case of a significant data breach or an attack that compromises critical public systems, you should contact the local Federal Bureau of Investigation field office and your state Attorney General, who will provide support and additional guidance on disclosure. Note that in some cases, cyber attacks and data breaches should not be disclosed to the public without first contacting Federal or state officials.

Whether you should report an attempted cyber attack is murkier and depends on the nature of the attack. If you have publicly traded companies among your clients, or clients covered by the FTC Safeguards Rule, you should report targeted pretexting attacks to their IT or cyber security specialists. Criminals may be attempting to harm your partners by attacking their vendors, clients or associates. Law enforcement agencies generally will not handle this reporting for you. You must do it yourself, and you should do it as quickly as possible, as you may have some obligations to report under the Safeguards Rule or SEC Disclosure Rule. When in doubt, reach out.

Where Else Should Attempted Cyber Attacks Be Reported?

If you work for a franchise business, report any cyber attack attempt to your franchisor’s head office immediately. This is especially critical if the attacker attempts to impersonate a senior employer of the business. Criminals may be launching simultaneous attacks against franchisees. Your quick response could prevent significant damage to the business and your fellow franchisees.

If you are part of a trade association, such as a Bar Association or the National Association of REALTORS®, for example, or if you are a member of a state association or Chamber of Commerce, report any cyber attack that targets your business or employees to the senior officials in your area, and to your local and national headquarters. In recent years, there have been surges of criminal cyber activity targeting specific sectors, such as health care or public schools, or specific regions, such as the recent spate of Vacant Land Scam attempts in the Southwest United States. There is no way to know if an attack on your business is isolated or part of a bigger trend. Spreading the word to professional associates may give them the opportunity to stop similar criminal attacks.

 

Would you know what to do during a cyber attack? Download our free Cyber Crime Response Kit, which includes detailed, step-by-step instructions that will help you prevent an attack from spreading, quarantine infected devices and rebuild systems safely. For more detailed guidance on preventing and responding to cyber attacks, please contact us online or call us at 1-800-659-8311.

‘Tis the Season to Be Mindful

Don’t Wind Up on a Cyber Criminal’s Nice List

Amid the December maelstrom of planning, parties, shopping and activities lie more opportunities for cyber criminals than any other time of the year. The Grinches running scams like the holidays a lot because they know you have an above-average number of emails and online purchases flying around, because your schedule is packed and because there’s a greater level of personal activity around your workplace and your home. These are ripe conditions for your vigilance to slip, giving cyber criminals the opportunity they need to steal your money, your identity or business data.

Celebrate and savor the season, but keep these tips for cyber security in mind while you do.

Thwarting Cyber Criminals at Home

  • Never Click on Email Links.  Bogus links in spoofed emails are a favorite tactic for cyber criminals at the holidays. Chances are you are ordering more things online. You may be expecting statements or shipping details. You get an email in the evening, claiming to be from Amazon or UPS, and click on the link without thinking. At best, you get scammed for a few hundred dollars. At worst, you compromise your identity or allow a cyber criminal to install malware on your device. Always go to a website via a browser, not an email link, to verify order and shipping details. If you get a tracking number via email, copy it, go to the shipper’s website, and paste it into their package tracker. That will identify any attempts to trick you with phony shipping. You should also read up on a new scam targeting Pay Later users.
  • Leave your devices home for the holidays. If you plan to travel, or your holiday involves overnights at a hotel, a motel or a friend or family member’s home, leave every device with sensitive information at your home. You should never connect your devices to a public network at a hotel or someone else’s home. You have no way of knowing who else is connected, or if the connection is encrypted and secured
  • Don’t let guests connect to your home network. This one is tough if you have friends or relatives staying with you, but you simply cannot allow guests in your home to access your Wi-Fi or wired home network. Familiar fraud is one consequence of too much generosity with your home password. You also run the risk of malware from a guest’s device infecting your network, either when they first log in or while they surf the web. If your guests must have access to email or the daily crossword, provide a device for them in a busy part of your home. Make sure that device has a password-protected login, and be sure to turn it off at night and when a majority of people are out.
  • Scan those tech gifts before you connect them. New phones, laptops, tablets and all USB devices should get an offline antivirus scan before they go online with your network. Be very wary of any USB memory stick or card given as a gift or brought by a well-meaning friend or relative, as malware infections on these devices are increasingly common.
  • Turn off Bluetooth and Wi-Fi discovery on your phone. Big holiday crowds at malls, airports and transit hubs attract cyber criminals, who blend quietly into the crowd looking for data to steal. Open Bluetooth connections and devices seeking Wi-Fi can wind up connecting to criminals with significant consequences. Bluetooth should always be off unless you have a specific need for it. Wi-Fi should be off in general unless you are on a trusted network at home or a secured connection at work.

Protect Against Cyber Criminals at Work

  • Never bring devices to the holiday party. Hats and coats aren’t the only things that disappear when the staff gathers to toast the year. Laptops loaded with customer data have disappeared from cabs and cloakrooms, leading to potential data breaches, expensive customer notification and monitoring campaigns and cyber security headaches.
  • Log off devices ahead of office parties. It can be tempting to hop up and run to say hello to a visiting co-worker or client, or to work right up to the start of a conference-room celebration, but that open device is an invitation to criminal activity. Always log out of devices before leaving your work area and power them off if you can. Threats to data and passwords can come from criminals who sneak into buildings, from visiting clients or from fellow employees.
  • Don’t hold the door for strangers. “Tailgating” is a tactic used by criminals to gain entrance to a secure area. These thieves will ask someone to hold the door, or try to slip in behind an employee before a door closes. During the holidays, tailgaters may pose as delivery people to access secure areas. Whenever you encounter someone you do not know at a door, bring them to the reception area.
  • Give your work devices a holiday break. Avoid traveling with work devices. If you must, leave them turned off and packed in a carry-on bag, never with luggage that will be checked. The best practice is to keep work devices at work during a vacation. The chances of device theft, information theft or malware attacks rise when you are away from the secure environment of your office.
  • Avoid shopping on work devices. It can be convenient to shop from and ship to the office, particularly if you’re trying to keep a gift a surprise or if your neighborhood is prone to porch piracy. Remember that cyber criminals use fake invoices, fake shipping notices and fake order updates, along with the usual assortment of fake gift card offers, to try and steal your personal information and login credentials. It can be challenging enough to spot the scams in your personal email account without adding that burden to your work emails. If your company allows it, shipping to your office is a good holiday option, but always order using your personal email.

Wherever the holidays find you, remember that cyber criminals are also hoping to find you. Trust your instincts. If something seems off to you, like a long-lost “friend” who starts sending holiday greetings via social media, or an email stating you missed a package delivery, find ways to verify without directly interacting with those emails, private messages or texts.

Personal security and device security are critical components of cyber security. Protect Now helps businesses and organizations manage cyber threats by making security personal to every individual. Contact us online to learn more about our services, including Virtual CISO, Dark Web Monitoring and cyber awareness training, or call us at 1-800-658-8311.