As threats like phishing and data breaches rise, organizations and individuals are seeking more robust ways to protect sensitive information.

Biometric authentication—using unique biological characteristics such as fingerprints, facial recognition, or voice patterns—has emerged as a leading solution. Here are five compelling reasons to use biometrics to secure your mobile devices:

1. Eliminates the Threat of Passwords

Passwords remain one of the weakest links in mobile security. Over 80% of company data breaches are attributed to weak or stolen passwords. Many users still rely on simple, easily guessed passwords or reuse the same password across multiple accounts, making it easier for hackers to gain unauthorized access. Biometrics remove this vulnerability by replacing passwords with something unique to each user, significantly reducing the risk of data breaches.

Read more: How many different passwords should you have?

2. More Convenient for Users

Remembering and resetting passwords can be frustrating and time-consuming. Biometric authentication streamlines the process—users can unlock their devices or access sensitive apps with a simple fingerprint scan or facial recognition. This not only saves time but also enhances the user experience, as you can’t forget your fingerprint or face.

3. Greater Accountability

Biometrics provide a clear audit trail of who accessed a device or network and when. Unlike passwords, which can be shared or stolen, biometric data is unique to each individual. This accountability is crucial for organizations that need to track access and investigate potential security incidents.

4. Widespread Adoption and Trust

Biometric technology is rapidly becoming the standard for mobile security. Over 60% of employers already use biometrics in the workplace, and nearly half use it specifically to secure mobile devices. As more consumers and businesses adopt this technology, its effectiveness and reliability continue to improve.

5. High Return on Investment (ROI)

Implementing biometric security can lead to significant cost savings. By reducing the risk of costly data breaches and minimizing the need for password resets and IT support, organizations can achieve a high ROI. For example, one bank reported a 191% ROI after adopting biometric authentication.

Therefore, we use biometrics in the dfndr security applock.

Ready to take your mobile security to the next level?

Discover how dfndr security can help protect your devices and data. 

Article originally published by: https://www.cshub.com/mobile/articles/5-reasons-to-use-biometrics-to-secure-mobile-devices

In this post, you will learn everything about vulnerabilities in cybersecurity. Including what the most common are, how you can close this unwanted open door without spending too much money, and more. 

Let’s get to it. 

What is a vulnerability in cybersecurity? 

A vulnerability in cybersecurity is like a weakness or a hole in a wall that protects your computer or online information. Cybercriminals can use these exploits to access personal information, steal sensitive company data, take control of a device, or launch massive attacks, such as ransomware. 

An example of a vulnerability is a misconfiguration on a system that someone with malicious intent can exploit for personal gain.

For example, imagine you have a lock on your front door to keep your house safe. But, if someone made a mistake installing the lock or the key is easy to copy, it becomes a vulnerability that a thief can exploit to break into your house. Now imagine you are not aware of these problems. That means that someone that knows can come and go into your home as they please, and you would never have a clue.

In the same way, if a website or software has a vulnerability, a hacker can use it to gain access to sensitive information or take control of the system. Likewise, you would have no clue what is happening, until it’s too late.

Almost all technology has some vulnerability, from smartphones your employees use, to the software that runs your network. Cybercriminals are always finding new vulnerabilities, so it is crucial to stay vigilant and act quickly to protect your information, staying one step ahead of hackers before they can break into your home.

Why are companies’ websites vulnerable? 

Company websites can be vulnerable to cyber attacks for a variety of reasons. Some examples are: 

1. Outdated software: Websites that are not regularly updated may be using outdated software that has known vulnerabilities that can be exploited by hackers.
2. Compromised passwords: Some websites may have weak or easily guessable passwords, making it easy for hackers to gain access. In other cases, the passwords are not stored correctly, being exposed by hackers to find them. And to top it off, data breaches might contain passwords that can still be used to log into a service. 
3. Lack of security measures: Some companies may not have adequate security measures in place to protect their websites from cyber attacks.
4. Third-party vulnerabilities: This is a big one, that even big companies are vulnerable to. Websites that use third-party plug-ins or other software may be vulnerable if those third-party providers have security vulnerabilities.

It all comes down to this: hackers are betting that most companies will not have the time, or the money, to keep up-to-date on their cybersecurity. After all, expert professionals can be quite expensive.

How do hackers exchange information about vulnerabilities?

To make matters worse, not only these vulnerabilities exist, but hackers exchange information about them and even sell this information to other hacker groups. This level of organization and information sharing is unprecedented, highlighting the danger even more. Here are a few methods that hackers use to share intel: 

1. Online forums: Hackers may use online forums and message boards to share information about vulnerabilities and exploit code.
2. Dark web and Deep web: Hackers may use the dark web and deep web to share information about vulnerabilities, exploit code, and other hacking tools.
3. Social media: Hackers may use social media platforms to share information about vulnerabilities and exploit code.
4. Private channels: Hackers may also use private channels, such as encrypted messaging apps, to share information about vulnerabilities with other hackers, making it almost impossible to track.
5. Vulnerability markets: Some hackers may sell information about vulnerabilities to other hackers or to organizations that will pay for the information.

That means that when one vulnerability is discovered, almost instantly, every hacker in the world can have access to that information, conducting attacks on their own. That makes it sound almost impossible to stay on top of these vulnerabilities, right? Not really. 

Fortunately, there are ways to fight them, with minimal effort, and without breaking the bank. 

Let’s get to them. 

What is the CVE? 

The Common Vulnerabilities and Exposures (CVE) is a system for identifying and cataloging known security vulnerabilities in software and other systems. The goal of the CVE is to provide a standard way to describe and identify these vulnerabilities so that they can be easily tracked and managed.

A CVE entry will typically include a description of the vulnerability, the affected software or system, and any known exploit code or attack methods. The entry may also include information on the impact of the vulnerability, such as the potential for data loss or unauthorized access, and the severity of the vulnerability, such as whether it can be used to take control of a system.

The CVE system is maintained by the MITRE Corporation, a non-profit organization, and is sponsored by the US government. The CVE is a widely used system and it is important for software vendors, security researchers, and other stakeholders to use the system to ensure that vulnerabilities are accurately and consistently identified.

When a software vendor or researcher identifies a new vulnerability, they will typically submit a request to MITRE to create a new CVE entry for that vulnerability. This allows other organizations to easily track and manage the vulnerability, and to take appropriate action to protect their systems and data.

To summarize, the CVE acts to counterbalance the hacker information trade machine. While they trade and gather information for attacks, the CVE (and other methods) provide information for defensive purposes. 

10 common vulnerabilities on websites

The CVE has cataloged over 200.000 known vulnerabilities. That is an astounding number, but with the help of an automated tool and a little prioritization, a company can manage without spening much and without a deticated team of cybersecurity experts. 

To get a little more practical, we have a few examples of common vulnerabilities, and what they mean: 

Injection attacks

Injection attacks occur when an attacker can insert malicious code into a web application, allowing them to access or modify sensitive data. This can include SQL injection, where an attacker inserts malicious SQL code into a web application, and command injection, where an attacker inserts malicious commands into a web application.

Cross-site scripting (XSS)

XSS attacks occur when an attacker can inject malicious code into a web page viewed by other users. This allows the attacker to steal user data, such as cookies and session tokens, and perform other malicious actions.

Broken authentication and session management

This occurs when an attacker can gain unauthorized access to a user’s account by exploiting weaknesses in the authentication and session management systems of a web application.

Insecure direct object references

This occurs when a web application references an internal object, such as a file or database record, using user-supplied input without proper validation. This can allow an attacker to access or modify sensitive data.

Vulnerabilities in security misconfiguration

This occurs when a web application or the underlying server is not configured securely, leaving it vulnerable to attack. This can include issues such as leaving default accounts and passwords in place, and not properly securing configuration files.

Vulnerabilities in Sensitive data exposure

This occurs when a web application does not properly protect sensitive data, such as credit card numbers and personal information. This can include issues such as storing data in plain text or using weak encryption.

Cross-site request forgery (CSRF)

This occurs when an attacker can trick a user into using a web application without their knowledge or consent. This can include actions such as changing a password or making a purchase.

Using components with known vulnerabilities

This occurs when a web application uses components, such as libraries and frameworks, that have known vulnerabilities. This can include issues such as using an outdated version of a library with known security issues.

Unvalidated inputs

This occurs when a web application does not properly validate user-supplied input, allowing an attacker to inject malicious code or perform other malicious actions.

Failure to restrict URL access

This occurs when a web application does not properly restrict access to sensitive URLs or pages, allowing an attacker to gain unauthorized access to sensitive data or perform other malicious actions.

How can a business find and manage vulnerabilities? 

Even with every tool at their disposal, businesses still have a hard time maintaining their online perimeter secure. That is perfectly understandable, considering how many digital tools a company uses, especially since each one of them might contain multiple exploits. The great news is that it’s possible to know all vulnerabilities without spending much and without a big dedicated cybersecurity team. 

For instance, a small business can find and manage vulnerabilities on its website by using a vulnerability scanner, which is a software tool that automatically checks for known vulnerabilities in web applications and their underlying systems. These scanners can check for a wide range of issues, including SQL injection, cross-site scripting, and insecure file permissions.

Once you have identified all vulnerabilities, the next step is to prioritize them based on their potential impact and ease of exploitation. The business can then develop and implement a plan to address the vulnerabilities, which may include patching or upgrading software, modifying configurations, or implementing additional security controls. 

Overall, regular monitoring and maintenance are key to managing vulnerabilities on a website.

Conclusion

In conclusion, identifying and managing vulnerabilities on a website is an essential part of maintaining the online security of your business. By using vulnerability scanners, prioritizing vulnerabilities based on potential impact, and implementing a plan to address them, you can help protect your website and your business from potential attacks, without spending too much money or overworking your IT team. You also don’t need a big team of cybersecurity experts to keep your company safe. 

It is also important to remember that website security is an ongoing process. Regular monitoring and maintenance are crucial to ensure the business has total visibility on any new vulnerability and that you have dealt with all previously known exploits. With the right tools and approach, you can help keep your website and business safe with less effort than you can imagine.

Want to know more?

Learn more about how leaks and data breaches can be harmful?
Check out this other post we commented on the subject:

Leaks and Breaches: The What, How… and Why You Must Protect Yourself!

According to our virus dictionary, a worm is one of the most common forms of malware. They exploit network flaws to spread larger threats and build on an operating system that spreads malicious code to other computers.

Worms can also damage connections, slowing down the internet and computer. Worse still, they can delete files from your hard drive and be difficult to defeat once they have penetrated your system (as they can usually get through most firewalls).

In this post, you will learn more about worms — and how to protect yourself from this threat.

What makes a worm?

A worm is a type of malware that, unlike common viruses , can self-replicate without the need to infect legitimate files, thus creating working copies of themselves. This capability enables worms to easily spread across computer networks and USB drives.

Some worms also spread through email messages, creating malicious attachments and sending them to the hacked account’s contact lists, often in the form of phishing.

How Worms Work

After spreading and gaining access to systems, some worms look for patches and security updates to close the holes they use. This prevents other malware from infecting the system using the same flaw – ensuring the worm’s exclusive control of its domain within the system.

These worms can also delete and modify files. Sometimes the point is just to make copies of itself over and over again – using up system resources (like hard drive space or bandwidth, hogging a shared network). In addition to wreaking havoc on a computer’s resources, worms can also steal data, install a backdoor, and allow a hacker to gain control over a computer and all of its system settings.

Worms are back to being used in SPAM

Popular around 2003 with the Bagle family, worms sent via SPAM to email accounts are once again being used by cybercriminals. The technique often uses zipped, password-protected files to distribute malware.

Because it is password protected, many antivirus programs are not able to scan files, and many security suites do not scan zip files, so they easily pass through the email security gateway.

A recent reappearance of this method for stealing data took place in Italy and was aimed at customers of Grupo Bancario Iccrea. The e-mail contained a password-protected HTML file, but with the access code included in the body of the e-mail.

When clicking, the user was invited to enter the code in the email to access the page. By informing the e-mail password, the user was directed to another page where he or she would enter credit card information, giving a false sense of security.

The reuse of this malware can represent a major threat world-wide, as more and more people have access to computers and are spending time in the virtual world, but are unaware of past threats and ways to protect themselves.

How to know if your computer has worms

If you suspect that your devices are infected with a worm, run a threat scan using your security solution immediately. Even if the verification is negative, follow the steps below.

1. Keep an eye on your hard drive space. Remember: when worms replicate themselves over and over again, they start taking up free space on your computer.

2. Monitor your machine’s speed and performance. Is your device slower lately? Are some of your programs crashing or not working like they used to? This could be a sign that a worm is consuming your processing power.

3. Be on the lookout for new or missing files. A common function of worms is to delete and replace files on a computer.

Main types of worms

The list below presents some of the most popular types of worms:

• Sobig: emerged in 2003 and was reactivated in 2013, Microsoft offered a reward to discover its creator.
• Conficker: It is most common on personal computers, blocking access to information security sites and spreading quickly over the network or USB devices. The pest is still active, but it can now be more easily removed by advanced security solutions.
• Mydoom: appeared in 2004 with rapid propagation and was generated by infected computers and through e-mail messages.
• Doomjuice: Uses a loophole created by Mydoom to infect computers.

How to protect yourself from worms

Worms are just one example of malicious software. To help protect your computer from them and other online threats, read and heed below!

• As software vulnerabilities are the main infection vectors, make sure your computer’s operating system and applications are updated to the latest versions. Install these updates as soon as they become available, as updates often include patches for security flaws.
• Phishing is another popular way for hackers to spread worms (and other malware). Always be extremely cautious when opening unsolicited emails, especially those from unknown senders that contain attachments or links. Don’t forget to activate your email service’s SPAM filters.
• Make sure you invest in a strong security solution that can help block these threats. A good product should have anti-phishing technology as well as include defenses against viruses, spyware , ransomware and other online threats. dfndr enterprise is an excellent choice for you or your company, as it uses advances in artificial intelligence to simulate and predict all types of attacks (including all the latest worms).

In practice, spoofing is used by hackers to achieve numerous goals, such as getting sensitive information from their targets, or gaining access to restricted digital environments from which they can launch additional attacks (such as ransomware) — and much more.

How does spoofing work?

It is possible to commit a wide variety of crimes by using information obtained through spoofing activities. Just imagine what a hacker or cybercriminal might do if they’re able to convincingly impersonate a company or another person.

A well-engineered spoof can take over the domain of an email or website to approach a possible victim, or gain access to internet protocols or IP addresses (which act as an identifier for computers connected to the network). Thus, it’s possible to have access to a person’s applications, get hold of their confidential data (whether personal or banking), and a spoofer can even send messages on their behalf.

This type of scam is not new, but its methods and purposes vary and increase every day.

What are the dangers of a spoofing attack?

With the possession of sensitive data, criminals can carry out a series of financial transactions using the spoofing victim’s name. Sometimes this transaction can be done with the leaked credit card details, and sometimes they can impersonate the victim in order to get credit, money from people they know, or make debts on their behalf.

A spoofer can also monitor your activities, gain access to messages sent from your device, and even sell the data they obtain to other companies.

What are the types of spoofing?

Now that you know what spoofing is, it is important to understand that this type of attack can take many forms, from the simple to the complex. Here are a few of the main forms spoofing can take:

email spoofing

Probably the most typical model occurs when an attacker uses an email to trick the recipient into thinking the message came from a trusted source. Typically, this is done in one of two ways: by removing the sender field (so that it is not possible to know who sent it), or by disguising known addresses from unknown senders.

For example, a lowercase “l” and an uppercase “I” are practically impossible to identify in a sender’s address. This type of message can also be sent via SMS (known as “smishing”), or through social media messages and other channels.

spoofing website

Website spoofing occurs when an attacker uses elements of a known page to create a similar or virtually identical copy, often displayed within a context that makes sense.

The idea is for the victim to put their information into the impostor website so that it is intercepted by the attacker.

IP Spoofing

IP spoofing is one of the more sophisticated attacks, looking to mimic a more technical point. It’s probably a type of attack that the user’s rarely even see, as the goal is to trick the system itself.

For example, a network can be configured to authenticate users according to their IP address. If the attacker manages to disguise the IP and trick you, their access is easily granted.

DNS Spoofing

The idea of ​​DNS spoofing is similar to the previous one. As you may well know, DNS (Domain Name Server) is a system that helps you translate website addresses into IPs. With DNS spoofing, attackers are able to trick the system and redirect traffic to an IP they control.

A simple metaphor can make this example clearer: just imagine that DNS are the signs on the streets, which indicate where a driver needs to go. With spoofing, a criminal “swaps” the street signs, with the aim of taking drivers wherever they want.

Facial Spoofing

This is a different strand of spoofing, with a similar principle. More and more, facial recognition models are becoming popular (to unlock smartphones, for example). For this approach, it’s common for hackers to use photos or videos of the person, with the aim of tricking the system and pretending that they are indeed there.

Good artificial intelligence may offer protection here, because it will be able to identify whether a person is trying to access that system or not.

Spoofing on social networks

Telegram, WhatsApp, Instagram and any other online service of the same category can also be used as a vehicle for spoofing.

In these cases, the victim has their account hacked, and cybercriminals use their profile or account to contact friends or family. Generally, these people simulate some emergency situation to ask for money, or they’ll announce products for sale (at extremely low prices) — but the products don’t even exist.

Telephone spoofing

Telephone spoofing calls can happen when someone impersonates a company or an institution over the phone. This usually happens through a service called Voice over Internet Protocol (VoIP), which is used to transmit online calls and spoof the number or name to be displayed on the caller ID.

So be suspicious when your cell phone shows a call with a certain name, but from some number or locale you don’t recognize

How can you detect spoofing?

Detecting spoofing yourself is possible, but as we’ve noted, it’s not necessarily easy. 

However, there are some signs that can help identify this type of attack.

Look for English and grammar errors in messages. These can be more serious grammatical errors, such as wrong words, or more subtle, such as certain inconsistencies or strange structures. 

Make it a habit to always check the links you are clicking or the email address of senders. Look for any unusual changes, however small. Look closely and compare the domain if you can. 

On smartphones, you can place your finger on links for a few seconds, so that a preview window of the content opens, as well as the link;

Note if your browser does not automatically fill in your information (if it usually does) Especially on a site you visit frequently, this may be an indication that you are on a spoof site instead.

Confidential information such as credit card numbers, passwords should only be shared on secure and encrypted sites using HTTPS at the beginning of the URL.

If an email looks sketchy, do a Google search for the content of the email itself. If it’s a known scam, it will likely turn up. 

Use the dfndr lab link checker. This is a free tool that tells you in a few seconds if a link is trustworthy or not.

How to protect yourself from spoofing?

Even if you follow all the tips above, protecting yourself can be hard to do. The big problem is that most folks won’t be able to closely observe all these details and stay aware on a daily basis.  And this is exactly what hackers count on.

Imagine someone who is going through an extremely busy day, doing a thousand things at once, who receives an email with these subtle changes. The chance of the person stopping to look and detect these errors is small. Hackers know that it is virtually impossible to be alert 100% of the time.

Of course, it’s best not to click on unfamiliar links or attachments coming from emails you’re not sure where they came from. However, as we mentioned throughout the post, the purpose of spoofing is precisely to disguise these attacks as something familiar and reliable.

Another big problem with modern companies is underestimating hackers. Attacks are no longer made by a single person wearing a hood, in a dark basement. There’s a lot of strategy and sometimes large organizations behind these hacks, resulting in attacks that are extremely sophisticated and very difficult to identify, as we have discussed in the examples above.

One option is to avoid clicking on direct links. For example, if you receive an email, an SMS (Short Message Service) or a call from your bank notifying you of a problem, avoid clicking on the link. Access the direct website or the app to confirm the information.

In cases involving social media intrusions or phone line cloning, it is important to be cautious when opting for two-step verification. Several applications already provide this option in their menu to enhance your security.

By creating extra phases for your login in communication apps, a spoofer will not have access to your message history (even if they have access to the confirmation code needed to login) and will certainly find it more difficult to hack your account.

Finally, it’s important to use some security solution (like dfndr enterprise) on your computer to make sure that the pages you access really are trustworthy. A software based on artificial intelligence will have more resources available to assess the security of your network, block potential threats, and protect your device before it becomes the target of an attack.

Did you learn something from this post? Now that you know what spoofing is and how to protect yourself from it, take the opportunity to subscribe to our newsletter. 

Then you’ll have access to more first-hand safety tips, right in your email!

Caution Flags 

The radical simplicity and irresistible pull of the Coinbase spot was the talk of the post-game ad reviews. But out of the din of this discussion came another message — this one from the Federal Bureau of Investigation (FBI). Inc Magazine’s Jason Aten pointed to a warning they had issued a month prior to the big game – the first lines lay out the situation quite clearly:

The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.

QR Codes Are Back, And Bigger Than Ever

Once again, it seems that bad actors have seized on a popular trend to help them do their dirty work. A simple technology dating back to the 90’s, QR Codes are on the rise lately – as they’ve become a very effective digital tool for marketers who want to quickly convert mobile phone readers into shoppers and buyers. The Wikipedia entry on QR codes gives you a quick grasp of just how powerful they can be when scanned on a mobile phone:

QR codes may be used to display text to the user, to open a webpage on the user’s device, to add a Card contact to the user’s device, to open a Uniform Resource Identifier (URI), to connect to a wireless network, or to compose an email or text message.

All you have to do is think about how hackers might use that kind of power, and you can quickly see that indiscriminate scanning of QR codes could lead you into some serious trouble. 

Two Primary Sources of QR Code Danger

The first danger with malicious QR codes is the fact that they can transport you seamlessly to a fake website. As with most hacks, the first layer of the transaction seems to be legitimate: the QR code works! The user arrives at a site that has the offer or information they were seeking. 

And this is when many users will let their guard down, and fail to notice telltale signs that the site isn’t legitimate. Super-sweetened offers can also play a role in softening up otherwise careful users. The bad website can be a collection point for private information and financial data, and the path to financial losses and ID Theft is paved.

The second danger is QR codes that include malware themselves. Once again, let’s turn to the FBI for — “just the facts”:

Malicious QR codes may also contain embedded malware, allowing a criminal to gain access to the victim’s mobile device and steal the victim’s location as well as personal and financial information. The cybercriminal can leverage the stolen financial information to withdraw funds from victim accounts.

That’s about as bad as it can get. So, short of forsaking the use of all QR codes — how do you defend yourself?

What Can You Do?

Here are the five steps you can take – we discuss each below in more detail:

1. Get informed about what QR codes are and what they can do.
2. Make sure your device has good security software.
3. Use that security software regularly!
4. Before scanning any QR code, scan “the situation.” 
5. Make sure you land where you expected to!

You’ll be glad to know that you’re well on your way to completing the first step. We hope this article has helped in this regard, and if you want to get even more up-to-date on potential threats to you and your mobile device, we highly recommend these two companion articles:

Six Ways That Cybercriminals Try To Take Over Your Device – QR codes are covered here along with several other traps, like WiFi Honeypots, Fake Apps, and even Subtitles in Streaming Apps. Do give it a careful read – lots to learn here.

Can a QR Code Be Used In A Phishing Attack? – If you’ve followed us so far, you know the answer to this question is YES! But hit the link to get more information on how QR codes can bait the hook for hackers’ big Phishing expeditions.

Security Help

If you’re using dfndr security, make sure you activate the anti-hacking feature to protect you from scams and malware. dfndr security PRO plan also has a dedicated Safe App function to help sniff out apps that contain malware, and also provides complete Identity Theft reports should you suspect trouble.

Eyes Up!

But your awareness is always going to be your first line of defense. Remember that QR codes primary benefit is to help you connect to a specific spot on the web without your having to type in a URL. The “fun” of seeing this work is no doubt a major part of the success of that Coinbase ad. 

If you decide you do want to scan a QR code – make sure you can verify it’s from a trusted source, and take a good close look at the surroundings: the copy and design, the context of use. Is the code stuck on a wall outside a club? Or did it come to you via a traceable source like a mass mailing? If you can verify that the code is from a trustworthy source – make sure the landing spot is what you expected it to be.  

Just remember what your friends in the FBI told you: a QR code isn’t a game to be taken lightly — or a Pokemon type game where you have to capture and collect. They serve a very specific function, and they’re more powerful than they look. Treat QR codes with the same caution you’d give to any unknown app or web address.

The ph prefix means that both are…well…phake.

But despite the cute names, the damage that can be wrought with either method is considerable. Identity Theft is the end game for many of these swindles, and as you may know, the long tail effects of ID theft can be personally devastating (and if you’ve never really experienced or read-about just how hard ID Theft can be for individuals, we highly recommend reading through that linked article. Not fun, but essential information).

While phishing attacks are made through phishy emails, pharming is the term applied when the hacker sets a trap in the form of a malevolent website: frequently, an impostor-site posing as a well-known and trusted company site. 

Pharming: Individual User Attacks

Phishing and pharming often go together – and the phishy email lures a single user to a malicious website, where the user enters their private information and the pharmer makes off with it, using it later to sow havoc by deploying it on the real site.  

Sometimes these sites are simply set up like traps on the web – you may have encountered one or more of these by simply misspelling the name of a popular site. The result may be a jarringly different site than what you expected. 

In truth these situations are relatively easy to avoid.  But sometimes the site you’re delivered to can be very close to what you expected, and that’s where real pharming trouble can begin.

Malware can drive pharming too – redirecting you to the substitute site without your awareness or permission. It’s important to remember that hackers are increasingly fond of using techniques of misdirection. You may inherit malware through a new app you download, but the consequences arrive later, when you first log on to your bank-site or try to pay your credit card bill, and the malware takes you to an impostor site to steal that information from you.

DNS Switching  

DNS switching takes the whole pharming idea to a more dangerous height. Whereas the malware or phishing-driven pharming operates at an individual user level, DNS Switching redirects all traffic to a given website to a pharmed-out impostor. 

The malware works within the DNS server and redirects requests to reach the authentic site to the pharming site. These more sophisticated attacks often involve more sophisticated fakery, and the pharming sites can be very convincing.

How To Protect Yourself, Down on The Pharm

As always, there are a few different layers of protection you can enlist to keep yourself from pharming — and the more of them you employ, the safer you’ll be:

Mindset: Your mindset as a user is one of the best defenses you have against hackers. Remember that hackers are fond of using social engineering – which some might refer to as “good old psychology” — to lure users into interactions with iffy emails, sketchy sites, and strange-people on well-known platforms. Keep your guard up, and if somebody, something, or some site asks you for information that your bank or health club or grocery-delivery (etc.) already should have, let that alarm bell go off loudly in your head. Then take three giant steps away from your keyboard. 

If your spider-sense has even an inkling that an email from a friend or a site isn’t the real deal: slow down and check it out. In general: try not to confer the trust you have in a person or company onto any representation made for them on the web. The web is…the web. And it should always be treated with caution.

Unprotected?: Public, unsecured wifi networks really are the devil’s playground.

The upshot is that public networks have chinks in their armour, and hackers use those chinks to “eavesdrop” on your conversations. Information they steal through this technical kind of listening can lead to direct attacks, or…down the road, a phishing or pharming attack tailored just for you. 

S matters: There’s a big difference between http:// and https:// — the difference is that “s,” which stands for secure. When you see the full https://, it means that information on both ends of the website transaction is encrypted and secure. When you don’t – that may not be the case. This is such a widely accepted standard now that the absence of that s should put you on high alert.  

Phishy?: If it looks or sounds phishy, it probably is. It might also be pharmy. Here’s an example of what we mean: in one of the biggest pharming attacks ever launched, a DNS Switching attack on more than 50 financial institutions, the affected users were presented with an error screen that asked them to switch off their anti-malware and any firewall protection they might be running. Many users simply complied, and provided access to the pharming malware to do the rest of the work. 

This obviously relates to our mindset discussion as well, but we wanted to emphasize that even very sophisticated pharming attacks will sometimes rely on users turning off systems of defense: whether it be their own mindset, or settings in place on their computer designed to protect them!

Speaking of Defense…  

Of course one of the essential bits of protective equipment is a good security software solution. dfndr Pro provides several excellent tools to help you protect not only your private information but your physical phone as well. Having that combination of protections is important. 

Pro also offers a Safe App function that enables you to screen any app you might want to try before downloading it, and that can be an excellent first line of protection from malware of all types – including those that are designed expressly to uh, ”take you down on the pharm.” 

With your mindset on high-alert, and your phone protected with a well-designed, and multi-layered security capability, you can move about confidently. Just be careful out there, and try not to get any mud on your shoes!

But the sense of ease and security we have when dealing with the teller at our local bank, or flying on our favorite airline, may not serve us well when we use an app provided by a company we know well “IRL” (in real life). 

“The widespread development of apps by businesses is not only good for marketing and sales,” remarks Emilio Simoni, Director of Research at PSafe’s dfndr lab, “but it also feeds a billion dollar business in re-use of your data.”

Data Means Dollars

Modern day operating systems for both iOs and Android provide some mechanisms for you to limit the way apps can track your behavior across the web, but these only offer limited protection. “The data you use in everyday interactions with these apps is of tremendous interest to hackers,” Simoni observes,  “and data breaches for some of the world’s biggest and most respected companies have become almost commonplace.” 

Leaked data is commonly resold or accessed on the dark web, and once procured, it can be used in a variety of ways. It’s fairly common for leaked data to be used to fuel scams that entice users to expose even more information, or, to provide direct access to financial levers.

“What users need,” Simoni explains, “is the means to see the whole picture for their apps and the data they use.  This is what we provide with dfndr security Pro: a Privacy Scan, which gives users the ability to see, in one place, a complete picture of how apps are using and sharing your data – whether voluntarily, or through leaks.”  

Here’s what that complete picture shows:

• The data and access permissions you have granted for each app
• Where each app sends the data it collects
• A data breach history for each app (more than one breach is not unusual).
• Apps you have installed that may be malicious or known to pose risks 

Obviously the first thing you can do with this information is to make judgments about which apps you want to keep – but it may also help guide you to further steps, like changing passwords, or changing settings on the app. It can also give you important information for staying aware of likely hacks or doing further research to determine precisely what sort of personal data may have been compromised.

“Getting this comprehensive picture is really the best way to see context and to stay alert and ahead of the game,” Simoni says.

Before You Load Apps

PSafe’s dfndr security Pro also includes a feature called Safe App, which enables you to evaluate apps before you load them on your phone. Safe App tells you if an app is known to be malicious, or if it has previously been breached. 

Try PSafe dfndr security for Free

The easiest way to see how both Safe App and Privacy Scans work is to try dfndr security for yourself. You can start with the Free Version of the app, which will help you manage your phone’s memory, storage, and battery power – and also give you some good basic security capabilities like a URL checker and an Antivirus App scan.

Add dfndr security Pro. and you’ll be able to do a quick Privacy Scan and see where you stand, and you can check any new apps you want to install with Safe App. You’ll also get Anti Theft functionality to locate your phone (and protect your data) if it’s stolen. 

Use this link to learn more and try out the free version of PSafe’s dfndr security.

Stay Alert

“The capabilities a good security app can provide offers essential protection,” Emilio Simoni emphasizes, “but staying alert ourselves is another key element of our overall defense.”

In addition to procuring and using a proven security solution like dfndr security Pro, Simoni suggests the following “data hygiene” habits for users:

Strong Passwords: Use a password manager and make sure you never use the same password for more than one account. 

Take Care With Social Media: Many social media accounts these days, asking questions and offering quizzes, are simply storing and selling clues to hackers. 

Beware of Phishing: Hackers are certainly not above using news about data leaks as an occasion for reaching out to defraud users. For any communications you receive about data, passwords, accounts, or any transactions you’ve made (or pines you haven’t!) — always double check the source.  

“With a good security app and the conscientious use of privacy ‘best practices,’ your use of apps can provide the convenience and ease you’ve come to expect from them,’ Simoni concludes. “We’ll continue to research viruses and hackers methods to make sure we’re doing our part to maintain our interesting-leading solutions.”

Data breaches — even among major platforms and providers — are becoming an almost daily occurrence. With so much of our life and business being carried out online, and the multitude of devices and platforms we use to work, shop, and play, the “attack surface” for hackers grows (much) larger every minute. Even the biggest and best-run companies and platforms have become favorite targets for hackers. So much so, that attacks on well-known companies and platforms have become almost commonplace. 

“There’s a double danger in data leaks becoming so common,” says Emilio Simonis, Research Director at PSafe’s dfndr lab. “First, of course, are the attacks themselves — but as they become more ubiquitous, many people start to take them for granted, and assume they pose only modest personal danger.” Significant lag time between the breach-event itself, and subsequent criminal action on the part of hackers, also contributes to the lack of decisive response. “Hackers are very patient — they know many victims won’t take immediate action to protect themselves,” Simoni remarks, “and they use that aspect of human nature to their advantage.”

Try dfndr security today, it will help you secure your phone and protect your data from hackers and malware of all kinds.

How do breaches happen?

Just as hackers use their knowledge of human nature to design their scams, they also rely on human error to create openings they need to get at private data. Poor passwords and weak credentialing processes are probably the most common source of breaches, and lost or stolen (and unprotected) laptops and drives also contribute. 

Phishing scams, enticing recipients to give up data voluntarily, have never flagged in popularity. Malware is also a common method, and is often combined with phishing techniques to get at personal and financial data stores. “Increasingly, these attacks are targeted at corporate assets, so employees must remain vigilant,” Simoni warns, “especially now, as so many people are using devices from their home to connect to work.” 

Malware and ransomware have become a more favored method as many users have become used to “shopping by downloading” — trying out free versions of new software solutions before deciding if they want to keep a new app or game. Malware often asks for extensive permissions, then quietly works behind the scenes with the permissions it has accrued, logging data and  building up significant data-leverage, before shipping that information payload off, or using it to launch further attacks on the user.

External, code-driven attacks are also growing more common than ever. Often called “brute force attacks,” these are now guided by increasingly sophisticated artificial intelligence, and very powerful computers, to crack weaker protections.

What information do they target?

Hackers have a wide-open market for the information they steal, and generally they’re after Personal Identification Information that most individuals and companies (and laws) seek to protect. Of course they also seek information like bank and credit card account information that gives them immediate financial leverage. The worst nightmare for individuals is when a hacker is able to transact business as their victim through identity theft. Identity theft can be very complicated to undo, and the process of undoing the damage wrought by an identity theft can be protracted and painful. “Hackers are keenly aware of the leverage that personal identifying information gives them,” Simoni cautions, “they know how to make the most of it, and rarely show any restraint once they have the upper hand.” 

What can you do?

Major breaches are on the rise and show no signs of tailing off. That’s the bad news.  “The good news,” Simoni observes, “is that protecting yourself is still something that you have a lot of control over individually.. It’s something you can do well with some simple habits and tools.“

“We recommend taking three fundamental precautions to all of our customers,” says Simoni. “Make sure you adopt best-practices for your passwords, use two-factor-authentication whenever you can, and use a solution like dfndr security Pro for immediate notice if your personal data has been accessed outside of your control. Our Pro solution also scans new apps to prevent malware attacks.”

“Your phone itself can also be a target,” Simoni advises, “which is why dfndr security Pro has the capability to shut your phone down for use, and show you its location, in case of theft. ”

Best practices for passwords include the following: 

• Never use the same password for more than one site. 
• Make sure that your passwords are kept up to date on every site, and change them immediately whenever you’ve been notified of a breach. 

The Big Benefits of Two-Factor Authentication 

Most financial and major social sites now offer two-factor authentication (usually with an option to send a code via-text to your phone).  Use these protocols whenever they’re available, as they greatly reduce the capability of hackers to break through.

Breaches are occurring with disturbing frequency, so the best way to stay ahead of the hackers is to have immediate notification of leaks with your personal data at any time. dfndr security Pro offers free unlimited ID theft checks, which can give you the flexibility and insight you need.

As noted, dfndr security Pro also has other important safety features, like a Safe App Scanner to protect you from malicious (data stealing) apps, and Anti-Theft features that help you locate and control your mobile device if it gets lost or stolen. 

With dfndr security installed on your phone, you will have more protection, so you can test it now if you like. Click here if you want dfndr security for free.

Phones are a prime target

“Hackers target smartphones because they are so rich with data,” advises Emilio Simoni, Research Director at the dfndr lab, “our lives are tied to our phones in so many ways: our work, our families, our buying habits, our financial tools, and of course we’re physically tied to them as well.” Simoni continues: “With accelerometer and GPS functions becoming standard “always on” functions, our phones literally follow our every move.”

What are the risks?

The variety of uses made of personal data are almost as numerous as the types of malicious apps generated. Many apps simply steal personal information and resell it to companies who are eager to gobble up masses of personal data. Browser histories, GPS information, accelerometer data, and network information can be gathered and exported without your permission when an app has been given (or taken) the right permissions. Of course, logins, personal security and financial information can also be more directly leveraged. Ransomware is another common technique, where an app locks up a phone and demands payment to release it back to the user. 

“We see increasingly sophisticated scams taking place,” Simoni warns, “where gathering data is simply the first step in the process. This information then used to leverage the subject or to perpetrate fraud or crimes involving phishing or identity theft.”

Simoni concludes: “The costs can be significant,” which is why you have to protect yourself — both with knowledge, and with a good software solution.”

How to identify malicious apps?

This is getting harder to do all the time, as hackers have become more sophisticated — which is why we suggest employing a software solution like dfndr security pro. (dfndr security, in premium version, features a SafeApp checking function designed expressly for this purpose). But your own wary eye can also provide a first-line of defense. 

Here are a few key guidelines:

• Get your apps from a reputable source. Google’s Play Store isn’t able to immediately catch every malicious app that comes down the pike: but they are on the lookout, and apps that are offered to you through alternative channels are much more likely to be malicious.
• Check permissions. If a simple app is asking for a lengthy list of permissions, you may be signing up for more than you bargained for.

• Find out who made the app. Check to see the developer’s name and click on the link to their page and all their other apps. Does everything look legitimate? Or are the apps sketchy and the presentation of their features incomplete?

• Google it. Find out what you can find out about the developer. You may find a conversation already underway that can save you a heap of trouble!

• Examine their language. Does the developer sound like they wrote their description while thinking about something else — like maybe the next malicious app they’re going to create? Not a good sign. In fact, a common sign that you’re dealing with malicious software.

Use a reputable security app, like dfndr security 

“We would recommend that everyone employ a good security app on their devices these days, especially their mobile phones,” Emilio Simoni urges, “the risks are just too numerous and the potential losses can be steep.” 

However, the good news is that a focused security capability can spot malicious apps with great accuracy and reliability. dfndr security Pro offers a Safe App feature, which checks-for, and warns you about malicious code, before you download any application. It also provides historical insight — warning you if the app has had its data breached and leaked to unauthorized users. “Our team is on the case around the clock, making sure our security solutions are the most complete on the market,” Simoni concludes: “it’s the kind of job you definitely want to entrust to experts!”

What to do if you have downloaded a mailicious app?

The free version of dfndr security offers a full antivirus capability that can remove viruses from your phone. This version also enables you to schedule an auto virus-scan to run periodically, which will search-for and identify any new digital threats.

Prevention is the best way to go, and that’s why we encourage you to get a good security solution for your devices as soon as possible.

More about dfndr security

dfndr security is a free app that can help you manage the storage, battery life, and wifi security of your digital device, while also offering protection via a url checker, and anti hacker and phishing protections. You can try dfndr security PRO for 3-days free, and upgrade if you like the protection it provides. dfndr security Pro offers:

Safe App installer — checks for malicious apps before you install them

Identity Theft Reports — So you know if your online credentials have leaked

App Privacy Protection — Offers notifications about issues with apps you’re using; app data breaches, permissions you’ve granted to various apps, and info about where your data may be used.

Anti-Theft Protection — Protects your phone from thieves with an alarm, remote lock-out, and a picture of the thief.

dfndr security Pro is a full suite of protection for users who recognize that they must take an active role in their own digital security.

You can download dfndr security Pro and start your free trial right away.

Source: Checkpoint Research

The figure above, from Checkpoint Research, shows a significant ramp-up (and spike) in Cyberattacks as pupils returned to remote classes, held via online meeting platforms and tools. Worth noting in this figure is the fact that this sector has always been more vulnerable to attack, but is even more so now.

“The urgency of the situation and the speed with which schools needed to make online learning avaccommodations is a kind of perfect storm for hackers and cyber criminals,” explains Emilio Simoni, director at the dfndr lab. “The numbers and the activity convincingly demonstrate that security can’t be taken for granted, or arranged last minute,” Simoni adds.

The range of methods used to attack educational institutions is similar to the kinds of attacks seen in the general population: phishing, ransomware, and malicious apps are all in play — along with the “Zoombombs” receiving more exposure and attention. 

If you haven’t heard: Zoombombs are unwanted take-overs of hosted meeting sessions by hackers. Note that the Zoom app is not especially vulnerable — but its widespread popularity as a meeting-host service has simply caused the name to be associated with the phenomenon. Distributed denial of service attacks (DDOS) are also common. These are purposeful efforts to overwhelm the capacity of a given connection or platform, and frequently they’re the “blunt weapon” of choice for ransom-motivated attacks.

“Of course institutions need to take steps to protect themselves with enterprise grade security solutions,” Simoni notes, “but teachers and student families have to be wary as well.”  Adds Simoni: “If you’re attending classes through a digital connection at home or on-the-go, you will want to have a personal solution you can rely on.”

For these purposes, dfndr security PRO offers a full suite of  capabilities, including:

Anti Hacking Protection: Anti-hacking protects users from malicious URLs and phishing sites. It also blocks scams directly on the SMS app, web browsers and messaging apps (WhatsApp and Facebook Messenger).

Safe App Installer: Lets you know if an app is safe — before you install it.

Wi Fi Theft Protection: Protect you WiFi connection and immediately be notified if anyone is trying to intrude upon or hijack you wifi connection.

App Privacy Scan: Know which installed apps on your device are malicious, or have already been victim of leaks. Also easily see the permissions granted for each app, and where they send data they collect from you.

You can use this link to learn more about dfndr security, and also consider upgrading to our PRO offering. You’ll be glad to know that Anti-Hacking comes with the free version of our solution.

With governmental funding for improved education-institutional security defenses still up in the air, the necessity for students and families to protect themselves is keener than ever.  

We’ll keep you posted on any specific / large-scale attacks, but for now, a good security solution should be considered a requirement for any online student family.

LEARN MORE BY TRYING OUT OUR APP: You’ll get Anti-Hacking protection and be able to see anyone who is priating your WiFi signal with our free dfndr security program. You can download it for free here, and try it out yourself!