Consultant, Attack and Penetration
Shane Jones is a consultant on Optiv’s attack and penetration team. In this role, he specializes in undermining security implementations by showcasing impact and risk through effective advanced persistent threat modeling; specifically leveraging the disciplines of network attacks; web application attacks; reverse engineering and social engineering.
Criminals Often Prey on Victims… Know the Top 5 Things to Protect Yourself
Criminals oftentimes utilize current events (natural disasters, large data breaches, public massacres, terrorist attacks, etc.) to target not just the friends and families of the victims, but also the general population that may be familiar with the event. Referencing current happenings is a way to leverage sociological instincts and prey upon people's familiarity with a specific event. Optiv has compiled the following 'Top 5' list to demonstrate how you can protect yourself from these types of attacks.
- Always be weary of emails whether the sender is known or unknown to you. Senders can be organizations, governments or even people in your social circles, family, etc. In some situations, these senders could have been compromised by malicious actors who could use their email addresses as a way to successfully carry out attacks on communities. There are two criteria to look for to identify these types of malicious emails 1) you feel any sense of urgency or 2) the email you have received is uncharacteristic of the sender or the sender is simply unknown to you. In any case, if you are uncertain for any reason, you should contact the sender directly to verify the email was sent by them.
Don’t allow your email client to automatically load images. This is a great typical place to start. Over time, as you begin to trust regular senders of emails, you can slowly whitelist individuals, archived files and GIFs, to include any other files and their various extensions, as you see fit.
- Create a set of safe browsing habits that will prevent criminals from using your authenticated account sessions (personal bank account, Netflix account, Twitter account, Twitch.tv account, etc.) without your authorization or by forcing you to navigate to a server that has secretly asked your system to request a malicious file from it. Unsafe browsing habits can lead to various problematic issues such as you accidentally installing viruses and other malware, or them being installed for you by a malicious actor. Ultimately, your browser and your safe browsing habits are your biggest lines of defense between criminals using your data or systems against yourself or other targets.
Don’t click on links or allow your applications to automatically open a link if you accidentally click on it. This is a great place to start to prevent any accidental clicks. Always hover over a link for a few seconds to see the full URL and where it’s taking you. You certainly wouldn't go into a dark, strange room without attempting to check it out first. By just clicking links, you are ultimately walking straight into that dark, strange room.
Don't click on 'clickbait' advertisements, social media posts, etc. If you are unable to determine where a URL is directing you (TinyURLs, etc.), do not click on it. These services are risky at best, due to the obfuscation of any arbitrary URL and ultimately provide a cloak for hackers to abuse.
- Protect yourself by being informed. Ensure that you research the internet for said charity, GoFundMe recipient, etc. You can find great information on websites for Charity Navigator, Federal Trade Commission and gofundme. In addition to staying informed, when you wish to donate to any given charity, always go directly to that charity's homepage, verify it's the charity in question and then donate from their page, as opposed to using convenient links to donation pages. This goes for news sources as well; propaganda can lead to more effective social engineering attacks, which can lead to wider compromise.
- Practice proper security hygiene with your operating systems and the applications on them, including your antivirus, anti-malware subscriptions and programs. Earlier this year, How-To Geek published a great, non-technical piece on this topic. If you are noticing weird activity on any of your accounts, or hear of a breach/compromise related to an organization to which you have given your personally identifiable information (PII), immediately change your passwords for those services/accounts.
- Validate unknown callers. When you receive phone calls from unidentifiable numbers, let them leave voicemails. However, if you decide to pick up the phone, protect yourself by being overly cautious and validating with whom you are speaking. You should always have callers qualify themselves by having them give you their name, employee id and a reasonably sufficient reason for having called you in the first place. You could even have them email you from their known corporate email address so it corresponds with the time of their call. If the caller requests sensitive information, you should always hang up, go to the caller’s/organization’s website (if they have one) to obtain contact information, call the company yourself and inquire about the phone call you just received. A good rule of thumb is to trust, but always validate.
By following these five simple steps, you can protect yourself from becoming an easy target for criminals who look to prey on victims or those familiar with catastrophic current events. Familiarity with the odious manner in which criminals target their victims will help protect you, your loved ones, your company, and your information and devices.
Associate Consultant, Attack and Penetration
Aaron Martin is an associate consultant on Optiv’s attack and penetration team. He is an experienced information systems security practitioner who specializes in penetration testing, computer network exploitation and computer network defense.
Associate Consultant, Attack and Penetration
Micheal Small is an associate consultant on Optiv’s attack and penetration team. He specializes in offensive security tactics and network traffic analysis. Micheal is highly experienced in penetration testing, information systems security analysis and incident response.