Lawyers Getting Hacked:

Most Popular Cyberattacks on Law Firms

From the time of their first email to the last signed document, law firms are under constant surveillance from cyber criminals. From phishing scams to ransomware and malicious websites, hackers know exactly where to strike to cause the most chaos. Rather than a once-in-a-blue-moon event, lawyers getting hacked is a commonplace occurrence for many firms. It’s almost as if there’s some hidden, “Get Hacked” switch that nearly all law firms have within them.

If you’re reading this and thinking, “that won’t be me,” you’re wrong. It just hasn’t been you, yet.

We are excited to announce our e-book on Top Law Firm Hacks Throughout History, available to download for free. This e-book will cover some of the most popular law firm hacks throughout history including some you may not have heard of prior.  We will also be providing some advice for avoiding common law firm pitfalls.

Below is a short glimpse into topics you can expect from our e-book.

Why are Law Firms an Attractive Target?

Due to the nature of their industry, law firms are becoming a more attractive target. Law firms and in-house legal teams gather a ton of sensitive information, an example such as tax returns can arise during their corporate legal and M&A (mergers & acquisitions) work, litigation, and other legal services. Businesses may suffer reputational and financial damages if they were to ever suffer a breach, especially if their data is compromised. According to a recent analysis from the security company CrowdStrike, average ransomware payouts are above $1 million.

Unfortunately, legal companies are usually more vulnerable compared to other business types. In a report published in May 2020 by the security company BlueVoyant, it was discovered that all law companies were the prime target of focused threat activity, and 15% of a global sample that included thousands of law firms had networks that were already infiltrated.

According to research released in October by the American Bar Association, it was discovered that 36% of legal firms had previously experienced malware infections within their systems and that 29% of law firms had reported a security breach, with more than 1 in 5 admitting they weren’t sure if one had ever occurred.

Robust security measures not being used could be a part of the problem.

Only 43% of respondents utilize file encryption, less than 40% use email encryption, two-factor authentication, and intrusion prevention, and less than 30% use full disk encryption and intrusion detection, according to the 2020 ABA Legal Technology Survey Report.

Law Firms as Critical Infrastructure

According to BlueVoyant’s report, the legal sector needs to be included on the list of 16 critical infrastructure sectors maintained by the U.S. government since it relies on networks and data that, if compromised, would jeopardize economic security or public safety. An analysis of cyber threats and vulnerabilities and information sharing with the Department of Homeland Security and other agencies would benefit law firms that handle and store government secrets.

Legal IT services firms may hesitate to disclose information about cyber attacks due to concerns about losing control of sensitive data. Consequently, government agencies may start viewing law firms as potential targets for cyber attacks, necessitating enhanced protection measures.

Regarding ransomware attacks, several factors should be considered by firms. These include employee training in security practices, implementing cybersecurity measures like two-factor authentication and regular software updates, and maintaining backups. In the event of a ransomware attack, firms need a well-defined plan outlining response procedures, negotiation strategies, and decisions regarding ransom payment. It’s also advisable for firms to utilize managed IT services for secure data storage and conduct thorough assessments of service providers.

The Most Notable Law Firm Cyber Attacks

We’ve produced a list of the most significant cyber-attacks and cyber-threats targeting law firms to highlight the escalating danger and consequences.

• Mossack Fonsesca & The Panama Papers
• JP Morgan Chase
• Oleras Phishing Campaign Against Law Firms
• UPMC Patients
• Moses Afonso Ryan Ltd.

Download our free e-book to read in detail about the top cyber-attacks on law firms.

Conclusion

Cybercriminals want access to a company’s data and intellectual property. Many of the most severe attacks directly involve the theft of private information to assist insider trading schemes or to commit theft and extortion of client information from legal firms.

Law firms are tempting targets for hackers. More often than not, law firms don’t take the necessary precautions to protect their data making them an easy target for malicious attacks. Law firms must do everything they can to protect their data starting with reviewing and updating their cybersecurity strategy. This includes everything from the hardware to the software they use within their network. Once they’ve identified the areas that are in need of improvement, they can implement new cybersecurity solutions to keep their data secure.

Download our free e-book today and learn about the risks as well as the most notable hacks in history! This e-book was created by a dedicated team of security experts with extensive experience working within the legal sector to provide some insight and tips to keep your company safe from cyber criminals.

Don’t forget to keep in touch with our blogs for more information and tips on law firms and cybersecurity.

The Biggest Data Risks and Cybersecurity Trends for Law Firms

In the digital age, law firms are operating within a high-risk environment. The number of cyber-attacks continues to rise, as do the associated costs. Recent studies suggest that, on average, small and medium-sized businesses spend more than $200 million annually on cyber security breaches.

These statistics show just how important it is for companies of all sizes to take cybersecurity seriously as well as highlight the risks involved in working with sensitive data. After all, no company wants their clients’ personal information to fall into the wrong hands.

We are excited to launch our 2022 Law Firm Data Breach Trend Report white paper. This report will be a compilation of data analysis from hundreds of law firms across the globe, as well as interviews with more than 100 partners and senior-level executives from the largest law firms in the US. We have learned a lot from these conversations and are excited to share our findings with you.

Download the white paper for free today!

Protecting Client Data:

The Biggest Challenge for Law Firms

Protecting client data is a top concern for law firms of all sizes. While most firms are diligent in protecting sensitive data and complying with local, state, and federal regulations, some are not.

After being asked to identify their most significant challenges when it comes to safeguarding client data, 58% of law firms cited, “managing the sheer volume of data,” and, “ensuring data is secure,” as their primary concern. These findings make sense if we consider that, on average, law firms store more than 5,000 gigabytes of data. The large volumes of data makes it difficult for law firms to constantly comply with the most up-to-date security protocols.

Top Threats

Your client’s data is constantly in danger from simple breaches, such as those resulting from a stolen laptop to even more extensive hacking schemes.

Here are a few actions you’re probably doing now that can endanger your clients most sensitive information.

• 

  Skipping Assessments – To help prevent a data breach, an annual inventory should be taken to understand what devices and data you have, where they are located, and who has access to them. It’s also essential to conduct a security and risk assessment. How vulnerable is your information? What would the ramifications be if it was stolen?

• Understaffed and Underfunded IT Departments – A majority of IT departments are usually very understaffed and overburdened with day-to-day work. This leaves little time for them to improve their security infrastructure, as they always react rather than improve.
• Lack of Employee Security Training – Analysts claim that non-malicious attacks are the most common security breach that law organizations face. Unfortunately, many legal companies have failed to adequately train their employees on IT security basics.
• Cloud Migration & Apps – Your business needs to make sure it has a good strategy when it comes time to migrate, including fundamentals like access control and governance, API integrations, and continuous monitoring.

Recent Law Firm Breaches

New York City’s Law Department (July 2021)

Grubman Shire Meiselas & Sacks (May 2020)

Vierra Magen Marcus (May 2020)

Mossack Fonseca (April 2016)

Top Cybersecurity Trends for 2022

Use Password Authenticator – Password authentication is a method in which a user enters a unique ID and key compared to previously stored credentials. It is one of the quickest forms of security; you can set up your device to require some identification before letting someone access it. This can be done using a passcode, PIN, password, fingerprint, or a 2-factor authentication (2FA).

Use Effective EDR – Using effective EDR (Endpoint Detection and Response) tools can help you improve the security of your network by aggregating data on endpoints, including process execution, endpoint communication, and user logins.

Move to a Virtual Server – Moving to a virtual server is essential as it has many benefits that address the security concerns law firms face. These benefits include getting the ability to prioritize critical traffic and improving network agility while reducing the burden from the IT department.

Isolated Backups – A remote or isolated backup is stored separately from other backups and is inaccessible from the end-user layer. Creating a remote backup helps to reduce security breaches, especially ransomware attacks.

Know Your Network Map – Understanding the network map is critical to complying with data privacy regulations as it provides an overview of devices and data on your network. This overview is crucial in identifying and minimizing the attack surface of a system. It will also uncover devices that IT staff may not know are there—for instance, an old, decommissioned server.

Timely Software Updates – It sounds simple, but vulnerabilities caused by outdated software are a significant problem. Keeping all the software up to date is essential for better performance. It also helps discourage potential cybercriminals who like to take advantage of previously-found weaknesses in software.

Data Encryption – In 2022, law firms must use encryption methods for systems, data in the cloud, data at rest, and data in transit to protect their files. Hard drives, USB devices, and phones should also use encryption if they are holding sensitive data

To read the cybersecurity trends for 2022 in detail, download our free white paper today.

Conclusion

By 2023, 80% of law firms will have experienced a data breach, according to research from LexisNexis. Given the rising number of cyber-attacks law firms face, it is necessary to take cybersecurity seriously. Law firms can better protect their sensitive data against these cyber threats by investing in the latest security technologies.

Protecting sensitive client data is essential for all law firms.

Stay on top of the latest trends and best practices for data security by downloading our white paper today! We highlight what law firms should be doing to protect their data and prevent a breach from ever happening. Protected Harbor also has other resources to prevent a law firm data breach, which you can access free from our digital library.

Keep in touch for more tips on how to keep your company safe from cybercriminals.

These Cloud Vulnerabilities Will Cause Your Next Data Breach

Cyber security is a constant race between businesses and hackers in the digital world. Every new technology has potential risks that must be understood and addressed before implementation. New threats are emerging all the time and cloud computing is no different. Many types of cloud services are being used by businesses more than ever before.

In fact, according to Gartner, private cloud services will continue to grow faster than public cloud services in the next few years. However, some types of clouds are riskier than others regarding cyber security. Several vulnerabilities can expose your company’s data when using any cloud service or Software as a Service (SaaS) application.

This article lists common vulnerabilities you should know about before using any cloud-based system or software.

Understanding Cloud Vulnerabilities: Protecting Sensitive Customer Information

As businesses increasingly turn to the cloud for their computing needs, it’s important to consider the potential vulnerabilities of storing sensitive customer information in a shared infrastructure. Cyber attacks are a constant threat, and unauthorized access to personal data such as social security numbers, financial information, and other sensitive information can lead to identity theft and other serious consequences.

Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) are two popular cloud computing services businesses use to store and access their data. While the cloud offers many benefits, knowing the potential risks is important. Cloud providers are responsible for securing the underlying infrastructure and providing secure cloud access. Still, businesses are responsible for securing their own data and applications that run on top of the cloud infrastructure.

One way to protect sensitive customer information is by using a hybrid cloud model, which allows businesses to keep some of their data in a private data center while still taking advantage of cloud computing resources. This approach can provide additional security and control over customer data.

Another important consideration is the use of virtual machines in the cloud. Virtual machines can help isolate applications and data, limiting the impact of a potential cyber attack. It’s also important to implement access controls and encryption to prevent unauthorized access to sensitive information.

Public Exposure

The oldest blunder in the book is setting up a new cloud resource but leaving it entirely insecure and publicly visible. Your unprotected public assets will almost certainly be found because hackers today frequently use automated tools to scan target networks for any exposed assets.

By 2022, nearly 50% of businesses would unknowingly or accidentally have some IaaS storage devices, networks, apps, or APIs directly exposed to the public internet. This number is up from 25% in 2018.

Excessive Permissions

Fast company operations are one of the main advantages of switching to the cloud. However, access credentials are routinely distributed hurriedly and needlessly in the interest of expediency, resulting in many individuals having excessive permissions for which they have no business need for. If any of those credentials end up in the wrong hands, attackers would have unrestricted access to private information.

By 2023 (up from 50% in 2020) 25% of security breaches will be due to improper handling of login credentials, identities, and privileges, predicts Gartner.

Lack of Multi-factor Authentication for Privileged Users

One of the most typical cloud vulnerabilities is the absence of Multi-Factor Authentication (MFA) for users assigned to privileged administrative positions in control. Access for privileged users must be as secure and feasible in any cloud environment. A company may suffer severe repercussions if a fundamental security measure like MFA is not enabled.

It is straightforward for malicious actors to exploit privileged accounts without MFA being enabled. These accounts are vulnerable to brute force assaults due to lacking MFA. Hackers can use these accounts to entirely disrupt an organization’s operations and steal its data because they often have high administrator permissions.

Insecure APIs

APIs, or Application Programming Interfaces, are frequently used to simplify cloud computing. APIs make it very simple to share data between other apps, improving convenience and efficiency. However, if they are not secured, this can lead to multiple cloud vulnerabilities and become an easy entry point for malicious attackers.

Threat actors can launch DDoS assaults and obtain access to sensitive company data by taking advantage of unsecured APIs while remaining unnoticed. In fact, by 2022, API abuses are anticipated to overtake other attack methods as the most popular, according to Gartner data.

Final Thoughts

If companies using the cloud do not consider limiting the dangers that accompany it, they are taking a preventable yet significant risk. The IT processes teams use to develop and deploy applications in the cloud infrastructure must be well integrated into a company’s strict cloud security rules.

The use of cloud computing has changed how businesses and hackers operate. Both new opportunities and threats related to cloud security have been introduced. Enterprises must continuously address the dangers and difficulties associated with cloud security while implementing the appropriate security technologies to facilitate operational work.

It’s essential to understand the potential vulnerabilities so that you can mitigate them. Suppose you have any concerns about your current cloud environment. In that case, you can consult with a cloud consulting company like Protected Harbor to help you assess the risks and implement practices to avoid data breaches.

Protected Harbor‘s cloud security solution integrates the latest security technologies with your cloud infrastructure. Businesses can take advantage of cloud computing’s capabilities with the right technology and the help of cloud security specialists.

We have researched and created an e-book for companies looking to migrate to the cloud. This e-book helps them to understand better the benefits as well as the risks that come with cloud migration so that they can plan. Get your free copy of the e-book today!

Malware Hits Millions of Android Users:

The Top 5 Apps You Need to Uninstall Right Now

There’s nothing scarier than malware. When it comes to Android apps, users always have to look for possible threats. However, things are not as simple as they may seem. Researchers at Check Point discovered a new strain of malware called a, “false positive,” that targets users through Google Play by uploading malicious apps under user-friendly names.

This is how it works:

The malware tricks you into installing a seemingly harmless app onto your phone. But once you install it, the app will download other malicious apps and start reading your sensitive data without your permission or knowledge. You might be wondering about which apps are putting you at risk, but don’t worry, we have you covered.

Here’s a brief list of the top 5 offenders, which you need to uninstall immediately if you haven’t done so yet.

So, What Happened?

Another group of seemingly innocent Android apps that are meant to spread malware to endpoints and charge unsuspecting users for services has been discovered by researchers.

The Dr. Web antivirus team found the most recent batch, including wallpaper programs, keyboards, picture editors, video editors, and an occasional cache cleaner or system maintenance app. They have altogether received more than 10 million downloads overall.

After escaping Google’s stringent security measures, twenty-eight apps in total were discovered in the Google Play Store. You can see the complete list of infected android apps here.

Android Apps Hacked

Regarding the damages, the method is mainly unchanged.

Once the malware or “app,” is downloaded, most applications will try to hide, appearing as regular system apps in the app drawer. They do this with the hope that people won’t uninstall them. Then, to generate more revenue, the applications constantly push advertisements and try to sign the victim up for various premium services.

If users hadn’t granted the necessary permissions to the apps, none of this would have been possible. Even though the apps have a straightforward design and do what they claim to, they frequently request advanced permissions from users, such as the right to be exempt from battery-saving features, to run in the background even after the user closes the app, which is a big warning sign in and of itself.

Three of the apps are still available on the Play Store, though most have already been removed. Even if all of the apps were removed, they have still been downloaded millions of times. Thus, they will continue to pose a threat until they are completely deleted from the smartphones of all victims.

Below is a short list of the 5 malicious apps researchers have found that you should remove immediately:

FastCleaner: Cache Cleaner

Before Google discovered the true intentions of the app, Fast Cleaner had amassed over 50,000 installs. Using a time-tested technique, a brand-new banking trojan was introduced into the Android handsets of unsuspecting users across the country designed to steal login information as well as to intercept text messages and notifications without anybody noticing anything strange.

ES File Explorer

The most well-known file explorer app was probably ES File Explorer. That’s because five years ago, it was actually a really good app.

So, why is bad?  Bloatware and adware were prevalent within the free edition, and users were constantly nagged to download more apps via pop-up notifications that you couldn’t turn off. However, things worsened when the once-popular app was removed from the Play Store for engaging in click fraud through its advertisements.

For those unaware, click fraud is the practice of secretly clicking background advertisements on consumers’ devices.

You can still download dozens more imitators from the Play Store in addition to the ES File Explorer APK nowadays. However, the program should not be used in any of its iterations.

Virus Cleaner

Virus Cleaner – Antivirus Free and Phone Cleaner by Super Cleaner Studio, an app with over 14 million downloads, illustrates everything wrong with the Android ecosystem. It includes many advertisements, many of which are for products and services with a dubious reputation. Additionally, it “claims” to be an efficient security master, phone trash cleaner, WIFI security, super speed booster, battery saver, CPU cooler, and notification cleaner. None of which can at all be accomplished to any real degree by any software install.

Really, you should be ignoring any application that claims to be a “CPU cooler.”

SuperVPN Free

SuperVPN is one of the most popular VPN apps for Android, with over 100 million downloads. But earlier this year, cybersecurity experts alleged that the app has some serious flaws that might let hackers launch Man-in-the-Middle (MitM) attacks and steal user data like credit card numbers, photographs, and private chats.

According to reports, hackers can also take advantage of the flaws to redirect a user’s connection to harmful websites, thus jeopardizing the security and privacy of the user.

Notes – Reminders & Lists

It is recommended not to download this app from its official website as there are concerns regarding its security and safety. It was detected by many anti-virus software systems as malicious. This app may be a scam as it doesn’t seem to work properly and asks for inappropriate permissions. So far, Notes – Reminders & Lists are not available in Google’s Play Store. It can only be downloaded from its official website. Either way, we recommend you staying far away from this app, as it might be a scam and may have malware hidden inside.

Conclusion

It can be challenging to differentiate between trustworthy and malicious apps. The number of pointless permissions an app requests is the one clear sign that should always cause alarm. Does a flashlight app really need access to your location? Does a cleaning app really need access to the camera or microphone?

Richard Luna, CEO of Protected Harbor, stated: “This attack is not a surprise; it should be expected.  As more work is performed on mobile devices, those devices, like desktops, will be the main point of attack.  Application development platforms must be better hardened to defend against this malware.

What can an end user do? Enable security and Two-Factor Authentication on as many platforms and applications as available on any platform.  If you are concerned, use a desktop over a mobile device, desktops have been dealing with this type of attack for decades.”

Nick Solimando, Director of Technology at Protected Harbor, has 3 tips for businesses that operate through a lot of mobile apps:

1. Only install mobile apps from providers you trust. Since harmful programs are getting better at hiding in plain sight, downloading from reputable sites is no longer the only recommendation.
2. Always check the app store ratings and reviews before downloading. Users should check the reviews because they offer a reliable indication of the apps’ reliability. Additionally, be sure to verify, as threat actors have been known to spoof some of them. It’s better to avoid an app if there are few reviews for it.
3. Periodically go through your mobile device and uninstall extra apps you no longer use. This will not only make you safe, but you’ll also ease memory space.

Despite Google’s constant efforts, thousands of risky apps, including malware, adware, spyware, and bloatware, may be found on the Play Store. The ones above have made it onto our list since they are some of the most frequently utilized risky Android apps.

These apps are very common and can be found on every device. However, they have been infected by malware, so they will likely try and more than likely, successfully steal your data. It’s best to uninstall them and proceed with extreme caution if you can. Always keep your device as well as apps up-to-date and avoid using third-party app stores. Android users can stay safe from potential threats by installing and keeping the latest version of their mobile operating system and using security software for mobile devices.

Protected Harbor uses the latest threat detection and prevention technology to keep your network safe and secure. Our devices are also updated regularly, keeping them secure and up to date with the latest security patches. Our software is installed in your systems to monitor suspicious activity – it can be installed on desktops, laptops, or in the cloud.

We secure your endpoints so that you can be assured your network is protected from malware and cyber threats. We protect your network by monitoring critical network assets, preventing unauthorized access to sensitive information, blacklisting malicious software, and providing real-time threat detection and response.

We are giving a free IT Audit and penetration testing for a limited time, contact us today and get one.

A Quick Guide to Proactive Cybersecurity Measures: How to Keep Yourself Safe From Hackers

Cybersecurity has become an important topic in today’s society. In the digital age, cybersecurity is critical to protecting data and intellectual property from unauthorized access, modification, disclosure, or destruction. However, cyber threats continue to grow in number and sophistication. A recent study by Intel Security found that 66% of businesses experienced at least one cyberattack during the year 2021. Cybersecurity for small businesses is important because they are often easy targets for cybercriminals who seek to steal sensitive data or disrupt operations, leading to significant financial losses and reputational damage. As more organizations are confronted with this reality, many have also begun to realize their current security measures aren’t enough.

In this blog post, we will unpack some proactive cybersecurity measures you can take to protect your organization’s data and reduce your risk of being a victim of cybercrime.

What is Proactive Cybersecurity?

Proactive cybersecurity is an organization’s effort to protect its data and software systems from threats before they happen. A proactive approach to cybersecurity can help organizations to stay ahead of emerging threats by using data-driven insights, continuous monitoring, and risk assessments. There are many ways to implement proactive cybersecurity measures.

Focusing on cybersecurity policies and procedures is a great place to start. You can also consider implementing tools that automate security tasks, such as Endpoint Detection and Response (EDR).

Cyber-Threat Analysis

When adopting proactive cybersecurity measures, there are various risks your company can face. To determine your top cybersecurity risks and vulnerabilities, you must do a thorough threat analysis. You’ll want to know how many cyber attacks happen daily based on your sector, geography, and relevant exposure. You must be aware of your defenses’ weak and strong points. Additionally, you must have a specific cybersecurity attack and defensive strategy.

Cybersecurity threats can come from various sources, including human error, natural disasters, hardware failures, malicious software, unsecured networks, and more. Before implementing proactive cybersecurity measures, you should analyze your organization’s cyber threats. You can use cyber threat modeling to identify the most significant risks to your organization. This process maps the threats to your organization and involves breaking down the organization’s infrastructure into components and mapping the threats against them.

What You Can Learn from Cyber Threat Analysis Are:

Assets: System administrators and cybersecurity experts should identify and safeguard the most critical assets in your organization. This includes sensitive data, intellectual property, and critical systems.

Attack vectors: Attacks can come from a variety of sources. The most common attack vectors include infected websites, malicious code, unsecured networks, and social engineering tactics.

Controls: You can use threat modeling to identify the controls and protect your assets. This will help you determine where additional controls might be needed.

Educate Your Team

One important proactive cybersecurity measure is to ensure that your team understands the potential threats facing your organization and how they can reduce their risk of being attacked. This can be done through regular cybersecurity training that educates employees on best practices and how they can contribute to better cybersecurity. It can also help them learn how to protect themselves and their colleagues.

Threat Hunting

Cyber threat hunting continuously monitors networks and systems to identify malicious activity and threats in real-time. During threat hunting, you should also look for information that could be useful in tracking down and identifying potential attackers. This will allow you to respond to threats and attacks quickly. It could be an Advanced Persistent Threat (APT), a sophisticated cyber-attack, or even an insider threat. Regardless of the potential attack, the threat-hunting process can help you identify the nature of the threat and take the appropriate action to mitigate it before any real impacts on your business.

Penetration Testing

Penetration testing is testing your cybersecurity measures by breaking into your own systems. You can also refer to this as ethical hacking or red teaming. Once you have identified a potential threat, you can use penetration testing to simulate the attack and determine the outcome of this threat. This will help you understand the threat’s risk and choose the best way to respond to it. A vulnerability assessment is also an essential tool to use during a penetration test. It will help you to identify areas of your network where you are at risk of being attacked. It is important to remember that penetration testing is only a simulation and will help your business down the road.

Get Help

The cyber threats facing organizations today are constantly growing. Proactive cybersecurity measures must be implemented to protect your organization’s data and intellectual property. This includes cyber threat analysis, educating your team, threat hunting, and penetration testing.

Now, one final proactive cybersecurity measure we recommend is to get help. Even well-resourced organizations often struggle to fully protect themselves from cyber threats. Therefore, engaging with cybersecurity experts who can help your organization improve its cybersecurity posture is important. Working with our team at Protected Harbor is also essential as it provides an unbiased third-party perspective that can help you to identify vulnerabilities you may be unaware of.

Calling in the experts is the most straightforward preventative cybersecurity strategy for if this all sounds a bit overwhelming. You and your IT team may feel less pressure if you enlist a group of professionals to assist at each stage, and your organization may be better protected.

Let our staff of cybersecurity professionals start taking preventative steps to secure your company. Get in touch with Protected Harbor today to learn more about our Threat Monitoring, Detection, & Response services.

Top 5 Email Scams You Need to Look Out for This Month

Companies, especially in today’s modern world where hackers and scammers are on the rise, have been making increased efforts to train their employees in recognizing scams the moment they hit their inboxes. However, people still continue to fall for them.

The effects of data breaches are becoming more severe than ever. More than 15 million phishing emails were sent in 2021, and fixing them would have cost a business an average of $1.85 million.

So, why are people continuing to fall for these scams? Often for the same reasons they always have, such as carelessness, gullibility, curiosity, courtesy, and apathy.

Email is one of the most common ways for scammers to reach their potential victims and they are targeting all businesses, regardless of size. Hackers are becoming more sophisticated, making it increasingly difficult for companies to spot a scam before it’s too late. The best way to protect your company from scammers is by arming yourself with not only security but more importantly, knowledge.

Below we will discuss the top 5 scams you need to look out for this month.

1. The PayPal Invoice Scam

Traditionally, scammers will send an email asking you to transfer money to a third party. However, these scammers are now impersonating PayPal and asking you to send money to them. Scammers create an online PayPal account in the name of well-known companies, such as Risenest Technology, Target, or GoDaddy, to name a few. They next send a customized invoice via PayPal using that account. At that instance, PayPal alerts you that an invoice has been received.

The fact that the invoice notification is REAL makes it challenging. You may view and pay the scammers’ invoices on your PayPal app. The con artists want more, not just money. They can alter the invoice’s message to fraudulently indicate that you will be charged a subscription fee for their “service.” Then they tell you that you should phone a certain number if you have any questions.

The person who answers the phone if you call them will ask you to download “remote control” software to your phone. Avoid doing this! Scammers will access your device and take additional stored credentials along with your PayPal log-in information. With these, scammers can carry out other crimes like identity theft.

If you ever receive this email, call PayPal immediately to confirm whether the email in question is legitimate. Remember that an invoice’s source may be shady even if the email appears genuine. If they did NOT send this email, report it to the company as a scam so others can be warned. Check if a web address is safe, and never respond to any invoices or requests for money that you do not recognize.

2. The Official Looking Email Scam

An email that appears to be from a government official, bank, or other company you may do business with is one of the most common email schemes. The scammers will try to make the email appear legitimate by using a similar email address to the one used by the actual organization. They may also use official-looking letterhead, logos, and other branding details to make the email seem real. If you get an official-looking email, inspect the email address carefully against any other email communications you’ve had previously with that company. If something seems a little off, do NOT open the email—scammers often use malicious links or attachments to steal your sensitive information.

If you are ever in doubt, call the company’s customer service department immediately to confirm the email’s legitimacy.

3. The Aging Accounts Scam

A company’s financial department uses aging reports, also known as accounts receivable schedules, to track clients who haven’t yet made payments on items or services they purchased on credit.

It was discovered during some recent engagements that BEC fraudsters were attempting to obtain a copy of an aging report by using the identity of the criminals’ preferred persona: the company CEO. These scammers sent a straightforward request for the document using free and temporary email addresses and display name deception.

Unlike previous BEC scams, this one did not demand that the victim transfer money to a vendor bank account or buy gift cards for performing staff. Instead, they requested that the target provide them a copy of the accounts receivable (or “A/R”) department’s aging report.

The scammers’ next targets would be the clients of our fictitious organization once they had this information—customer names, outstanding amounts, and contact details. They can use this information to make an email account alias that appears legitimate, pose as a member of our finance team, and ask them to pay the unpaid debt listed on the aging report.

The scammers will probably provide incentives to pay off their “debts” more quickly, such as lowering their total debt if they immediately pay off their unpaid balance. The only thing left for the actor to do at that point is to inform the payee that the banking information has recently changed and to provide them with the most recent account information for a bank account that the hackers control.

We advise using a multilayered strategy to prevent your employees, companies, and clients from falling prey to this attack. Strong email protections against advanced email attacks are a crucial foundation layer to neutralize the threat because, logically, none of this can happen if the original CEO identity deception misses the mailbox of the intended target.

4. The “Problem with Your Delivery” Scam

These scams can be spread in various ways; some demand delivery payment, while others ask for your email address to track a parcel. The hackers frequently utilize fictitious tracking numbers, delivery dates, and times.

You will often receive these emails from companies like UPS, FedEx, or the U.S. Postal Service, but they actually aren’t from these companies at all.

Sometimes, if you were to send a package, these scammers may even claim that there was a problem with your delivery and that the recipient could not be reached. They will then ask you to resend the package using a prepaid label they provide.

The way this works is quite ingenious. They expect for you to fall for their scam and send the package back out using their label as instructed. After a few days, you will receive the package you sent out with their label—and the scammer will have your money.

To avoid this scam, don’t fall for the pressure to act quickly. Instead, contact the real company to confirm whether there was a problem with your delivery.

5. The DocuSign Scam

Attackers are sending phishing links and documents through the electronic agreement management company Attackers are sending phishing links and documents through the electronic agreement management company DocuSign.

A hostile actor first creates a free DocuSign account or compromises another user’s account. Afterward, they add a file to the account. The attacker then mails their target a DocuSign envelope. DocuSign then sends the recipient an email invitation. It asks customers to click on a hyperlinked “View Document” button to review and sign an electronic document.

Since the email is technically sound, it avoids detection. The phishing link is hosted on DocuSign’s servers, making it possible to reach a recipient’s inbox.

The signature procedure is the same as it would be for a genuine file. The receiver is redirected after clicking the link, which is the only difference. They arrive at a phishing website meant to steal their Microsoft, Dropbox, and other account information.

This method works because DocuSign files, including PDFs, Word documents, and other file kinds, continue to be clickable up to the final page. (To prevent attacks, DocuSign turns other uploaded document file formats into static PDFs.) When offered the option to download the file, a signer can access the link and embedded files, even if those resources are dangerous.

Users can defend themselves from phishing scams that pose as DocuSign by refraining from opening suspicious email attachments. Additionally, consider hovering over embedded links to see where those URLs lead. Use the DocuSign website to access documents directly. These factors can be incorporated into an organization’s security awareness training programs.

Conclusion

Scams are becoming more sophisticated and difficult to spot, especially in the ever-changing world of technology. If something seems suspicious, don’t react impulsively. If you receive an email that seems off, do not click on any links or open any attachments.

Instead, report it to your IT department to investigate further and then delete the email.

Protected Harbor email security solution can protect users against malicious emails, zero-day attacks, and phishing scams. The best part about this email security solution is that it comes with a spam filter that has the ability to block more than 99.9% of spam emails. Thanks to its AI-based phishing keyword detection, it can identify phishing emails and block them before they reach the user.

Contact us today and get complete protection against email threats with zero trust security, MFA, and end-to-end email encryption.

Keep your email and company data safe from hackers.