Hover Hover Hover

By Art Gross, President and CEO, HIPAA Secure Now!
Twitter: @HIPAASecureNow
Read other articles by this author

At times, it feels as if we could start every week with this sentence:
“There’s a new tactic being used by cybercriminals to trick unsuspecting victims.”

And the sophistication level of the new tactics is off the charts. So, what are we dealing with as of late? Well, where should we start…

Hidden text is now becoming more commonplace as a tactic to bypass email security platforms. If you haven’t heard of this, here is a quick explanation:

Hidden Text: Also known as zero font, allows a malicious email to bypass email security platforms by using invisible characters in between the letters of an email; they are often used to establish legitimacy.

The hacker now has established your trust with this seemingly legitimate email address, because you don’t see the hidden text, and you believe the sender is who they seem to be. In a recent attack that was uncovered by Cofense, messages are being sent that appear to be from your company’s technical support team and ultimately their email service. An explanation follows about messages being unprocessed and in need of review. To put a sense of urgency on reviewing them, there is a time limit established. “They appear to be legitimate but will be deleted if not reviewed within three days” – or some version of that.

As an employee, who may even be working remotely, you know the importance of doing your job well despite the circumstances, so you aren’t going to jeopardize anything by being careless. If you get a link from what appears to be an individual or department within your company, you click so you can get your job done. And you don’t stop there. You continue to click and enter your credentials on what appears to be your company page. But it isn’t. It is a page that has been created to replicate your company’s page nearly identically. And even has a fake login page that will continue to allow you to log in and navigate throughout the site which STILL contains additional false fronts.

How can you beat this system? Training. Ongoing training is the top way to keep your team educated on how to know safe cyber practices. In this case, hovering over the links of the email address might not have worked – BUT, hovering over the link that was there to ‘verify the messages’ would have indicated a false page. Imagine walking into a hotel room. You flip on every single switch to see what it does, what it turns on. You can think of email links in the same way. Hover over every single one to ensure it is legitimate and where it is coming from.

We can’t emphasize it enough. Training, training, training. Hover, hover, hover. There are many ways that you can protect your business from cybercrime, but this is a good place to start.

This article was originally published on HIPAA Secure Now! and is republished here with permission. HIPAA Secure Now offers annual online subscriptions to help covered entities and business associates keep up with compliance. Learn more here.

HIPAA Secure Now! now offers PHIshMD training for CEs and BAs to help protect your organization from security threats.

Technology safeguards put a virtual wall around your network, but what happens when the bad actors climb over that wall? It’s up to your employees. Over 90% of breaches get caused by human error according to Kaspersky Lab, and if you’re not educating users HOW to protect your organization in this ever-changing threat landscape, your organization could be next. LEARN MORE