Deprecated: Function create_function() is deprecated in /home/hidefide/public_html/blog/wp-content/plugins/wr-pagebuilder/core/core.php on line 127
{"id":547,"date":"2018-04-07T16:04:30","date_gmt":"2018-04-07T16:04:30","guid":{"rendered":"https:\/\/icaruspressblog.wordpress.com\/?p=547"},"modified":"2019-04-17T11:31:57","modified_gmt":"2019-04-17T11:31:57","slug":"now-its-personal-devious-new-spam-and-getting-your-house-in-order","status":"publish","type":"post","link":"https:\/\/hidefideas.com\/blog\/2018\/04\/07\/now-its-personal-devious-new-spam-and-getting-your-house-in-order\/","title":{"rendered":"Now It’s Personal: Devious New Spam and Getting Your House in Order"},"content":{"rendered":"

$\"personal\"$ Hate spam all you like. Despise spammers even more, but you have to admit that they\u2019re resilient and darn it all, they\u2019re downright wily. You\u2019ve probably seen it all in the bowels of your server rooms, spam filters full of some of the worst stuff these jerks can throw at you. Most days, you probably feel like you need a shower every time you review it. You\u2019ve committed to memory every stunt, every devious little attempt to circumvent, every clickable bomb, as a what not to do manual for the righteous. You\u2019ve seen it all and you know it all. But do your staff?<\/p>\n

It\u2019s a safe bet that most of us are so busy dealing with the day to day mundaneness of life in the modern Orc forges known as IT departments, that we don\u2019t really stop to consider just how well-armed our front lines are. Remember, one errant clicker may open up your network like a broadsword cutting down a soldier and opening the line for the enemy to enter.<\/p>\n

So how many of you actually have a spam tactics manual?<\/strong> Hopefully, you\u2019ve all answered in the affirmative, but of all the information that new employees receive on their orientation day, it\u2019s a safe bet that they are sadly lacking in some fundamental training that could mitigate serious threats to the organization.<\/p>\n

In fact, as we speak, new spam attacks are rampant, and they\u2019ve become even more devious than ever. They\u2019re so good, in fact, that it\u2019s a cinch they\u2019ll make it through the best spam filters. And to the untrained eye, they could be the click-candy that spells out devastation for you and your organization. And, if what we hear is true, things are getting much worse<\/a>. These are serious enough threats that it merits a general staff sitdown, if you haven\u2019t had one recently. There are new threats occurring every day, so hopefully this article will be a primer that you can use to implement your organization\u2019s spam tactics manual.<\/p>\n

Here are a few going around that have raised an eyebrow or two over here:<\/p>\n

LinkedIn spam exploit<\/strong><\/h2>\n
Comment<\/strong>: it\u2019s shockingly simple in implementation and extremely difficult to block<\/p>\n
Subject:<\/strong> \u201cJoin my network on LinkedIn\u201d<\/p>\n
Why it\u2019s dangerous:<\/strong> The message looks good enough to pass the first blush, and the randomized naming of senders makes it difficult to flag with any consistency. Clicking any of the fake links in this message take you on a malicious magical mystery tour<\/strong><\/a><\/p>\n
Facebook photo scam<\/strong><\/h2>\n
Comment: Preys on people\u2019s vanity<\/strong><\/p>\n
Subject: <\/strong>\u201c[Name] added your photo.\u201d<\/p>\n
Why it\u2019s dangerous: <\/strong>Randomizes sender names. A quick scan of the message doesn\u2019t raise any flags. Clicking the fake links will<\/p>\n
How can you and your end users fight this stuff? Easy. Get them together and educate them. Show them how clicking can be a very, very bad thing, and what to look for. Develop a spam tactics manual and give someone in your IT department ownership over keeping it current.<\/p>\n
Here\u2019s what we know so far<\/strong><\/h2>\n\n
We\u2019ve known for some time that most spammers have left the rancid fields of scattershot spam<\/a> \u2013 where you open fire with mass mailing attempts, in effect playing the numbers game and assuming that, the more spam that gets sent, the better the odds that it will reach someone dim-witted enough to click<\/li>\n
We also know that their attacks have become more focused<\/a>, often identifying specific targets and learning personal information about them before striking<\/li>\n
We know that their attacks are multi-tiered, opting for the addition of social media and SMS smartphones to spread the evil<\/li>\n
For some time, we\u2019ve known that there\u2019s a purpose behind the dumbness<\/a> found in many of the modern spam messages<\/li>\n
We know that they take advantage of key milestones<\/a>, like holidays and other events that provide a distraction to users that makes them even more vulnerable<\/li>\n
We know they\u2019re getting smarter<\/a>, or at least their tactics are<\/a><\/li>\n
And we know that what\u2019s around the corner is nasty, the kind of nasty you can\u2019t wash away with a thousand showers, and perhaps the worst thing we\u2019ve ever seen<\/a><\/li>\n
We also know the unfortunate role that marketers play in the spam war<\/a>, like a million troops rushing the battlefield in the belief that they can help their allies; but, not quite certain which one is the enemy, they start killing everything in their path<\/li>\n
Finally, we know that more and more spam campaigns are targeting Android<\/a> and iOS<\/a> Why is this bad? Simple: more and more companies are implementing BYOD<\/a> policies, which makes personal smartphones a perfect attack vector for hackers who want to get inside corporate networks<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"
Hate spam all you like. Despise spammers even more, but you have to admit that they\u2019re resilient and darn it all, they\u2019re downright wily. You\u2019ve… <\/p>\n","protected":false},"author":3,"featured_media":398,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,14],"tags":[11,9,10,8,7],"class_list":["post-547","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-spam","tag-allspammedup","tag-bot","tag-botnet","tag-malware","tag-spam","jsn-master"],"_links":{"self":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/547","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/comments?post=547"}],"version-history":[{"count":2,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/547\/revisions"}],"predecessor-version":[{"id":1758,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/547\/revisions\/1758"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media\/398"}],"wp:attachment":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media?parent=547"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/categories?post=547"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/tags?post=547"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}