Beware, cybercriminals are upping their game

Once a cybercriminal identifies its next target, they then go about doing as much research about this person as they possibly can to personalise the attack. They will view the victim’s social media accounts, LinkedIn profile, and information made available via the entity’s website. Additionally, they will find out who the employees and business partners are that they are regularly in contact with to make the attack seem legitimate.

This information will then be used to create a highly customised email that appears to be from a legitimate source that contains a malicious attachment, or develop a website that looks legitimate to the victim. The cybercriminal’s main goal is to either directly get access to the sensitive information, or acquire the victim’s credentials so that they can access the entity’s systems and services.

These attacks have been successful, such as in the case of SnapChat and Seagate, where thousands of employees’ personal information was leaked.

Stop and think and before you act

Even though these attacks are well put together, those in senior positions can take some precautions to avoid being the next victim. In most cases, these types of emails always have a sense of urgency, which should raise a red flag. Should you receive this type of email, always check with the person who sent it, to ensure that it is a legitimate request. It may also be worthwhile checking the URL or email address that is used to ensure that it is correct. Cybercriminals will often change one or two letters of an email address or domain name to make it harder to spot a fake.

Remember, if you receive an email that seems even in the slightest bit suspicious, rather report it to the UCT CSIRT at csirt@uct.ac.za.