Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which we bring attention to the latest cyber-attacks, scams, frauds, and malware including Ransomware and DDoS, to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

How to recognise the latest WhatsApp spam messages

WhatsApp spam is becoming an issue. Here’s how to spot WhatsApp dangers and what you can do to stay safe and secure.

WhatsApp messages are easily forwarded by those who have WhatsApp accounts, whether that be boring memes or contact details. However, as with everything nice these days, people are starting to utilise the tool to target vulnerable individuals who may not be cyber aware. Whilst keen-eyed individuals will be aware of the fact that Whatsapp announces when a message has been forwarded, it is not always easy to spot. If you can see a message that has popped up and denoted that a message has been forwarded many times, then it is likely that this would be a SPAM message, or even worse, a potential scam.

Why are cyber criminals using WhatsApp to try and scam individuals?

Thanks to companies like Neuways offering managed phishing awareness and security training, individuals are becoming more aware of phishing and ransomware attacks via emails. They are less likely to click on links as they have been trained in the workplace to spot spam emails. However, WhatsApp allows anybody to send a message to a phone number that they have access to. A phone number is also a lot easier to guess than an email address, as they are all in the same format. A lot of businesses and individuals also use WhatsApp to communicate and provide numbers on their websites, meaning the senders of spam can scrape the web for contact details.

Cyber criminals are also able to hack other services and companies that have personal data and details, before sending you an unsolicited message. Whilst individuals are trained to monitor emails and always think twice before clicking on a link, a WhatsApp message could actually catch people off guard. An individual’s security senses are not as heightened, and as we have seen in the last week, WhatsApp spam is now one of the most common Cyber Threats.

How to spot this cyber threat from WhatsApp users

First things first, if you receive a message from a WhatsApp contact that you do not recognise, it is likely that it will be a scam. Unless they introduce themselves first, it is best to disregard the message. Even if they do introduce themselves, it is important that you still exercise caution in this regard.

In the same way that it is easy to spot a phishing attack in an email due to the language used, similar techniques can be used to fight the latest wave of cyber threats coming from WhatsApp. The conversation and message will generally not flow and it should be obvious to spot an AI generated message. In the same way you shouldn’t click on any links or provide personal details to official companies over the phone, you definitely shouldn’t over WhatsApp, especially from an unknown sender.

The most common WhatsApp cyber threat and how to spot it

As mentioned in one of our recent cyber threats, shopping vouchers are one of the most popular cyber threats. Amazon vouchers are particularly prominent, and due to most families communicating via WhatsApp, cyber criminals are now taking advantage by taking a friendly approach, pretending to be a family member. One of the most common WhatsApp scams that has popped up recently is people offering Amazon Vouchers if you complete a survey. Now these are notoriously easy to spot as the links never look legitimate, but cyber criminals look to lure you in under the pretence of giving you free money. If it seems too good to be true, it often is.

Why Businesses need to be aware of this cyber threat

However, it is just not a family friendly approach that is causing issues. Business details are now being scraped and bosses’ details are now being scraped. One such scam is that a cyber criminal will send a message to an individual via WhatsApp, claiming to be a person of authority and they will send a message to an employee. They will often talk about having a new business number and that because they have lost their other phone, they need the individual to do a certain job for them, like getting Amazon vouchers for the company. If a person of authority tells you to do something, you are likely to do it. You can usually spot it via the usual ways, such as spelling and other aspects, such as lack of profile picture and fragility of the story.

Phishing attacks are now appearing in a variety of ways, and individuals and employees need to be fully aware of what is happening with WhatsApp messages. If you feel like your company and employees may need extra security training, speak to our experts at Neuways and we will ensure you get the cyber security training that you need.

Source: https://bit.ly/3XWZPrW

Fraudsters are using Barbie, Oppenheimer to steal your hard-earned money and data

It is not often that we associate Barbie and cyber criminals, however cyber criminals are becoming increasingly imaginative, which is why our Neu Cyber Threats are so important. Individuals and businesses need to be aware when giving their details, as hackers are using these popular culture sites to steal personal and sensitive data.

IMDb noted that scammers are manipulating and deceiving unsuspecting users via Phishing scams which are preying on the excitement surrounding movie releases. This is all done with the sole intention of tricking individuals to hand over their hard earned money and capitalising on the fact that they are excited about popular culture. Not only is it money that the cyber criminals are after, but also sensitive data such as email addresses. It can impact businesses because employees who often use their work email address or personal address at work are likely to open themselves up to being the victims of scams.

Also, for any businesses looking to reward their employees with gifts and employee of the month prizes, individuals need to be aware of the latest phishing scam which has been utilised by cyber criminals to prey on emotion. Cyber criminals often target emotive individuals by using celebratory days, as Neuways covered in Neu Cyber Threats on Father’s Day.

How does this particular phishing attack work?

One of the fraudulent pages used by hackers and scammers related to Barbie entices users with special offers on Barbie dolls. The special offer coincides with the release of the movie, meaning people’s emotions are often high with giddiness and excitement. Once people go to purchase the doll, they are then redirected to a purchase form after deciding what to buy, which requires personal identification details such as name, address, phone number and banking information. This is where the cyber criminals will manipulate the buyer into entering their details, and whilst users think they are getting something in return, all they are actually doing is sending their money and personal information to fraudsters.

Spot scams and Phishing attacks with Neuways

To deal with the latest cyber threats highlighted by Neuways, our expert team offer Managed Security training, meaning we are always on hand to provide advice and update clients and employees on the latest procedures involved in stopping a cyber attack. If you’d like to learn more about spotting a scam and stopping your own employees getting caught up in a scam and potentially revealing certain sensitive data, then the Neuways team will be on hand to help.

Source: https://imdb.to/3NYE4Dl

SonicWall Warns Admins to Patch Critical Auth Bypass Bugs Immediately

SonicWall has issued a critical warning to its customers to immediately patch multiple vulnerabilities in its Global Management System (GMS) firewall management and Analytics network reporting engine software suites.

The company addressed 15 security flaws, including ones that could allow threat actors to bypass authentication and gain unauthorised access to vulnerable systems. The vulnerabilities can be remotely exploited by unauthenticated attackers, potentially resulting in exposure of sensitive information and manipulation of data within compromised applications.

Although there are no known public reports of active exploitation, SonicWall appliances have a history of being targeted in ransomware and cyber-espionage attacks. Admins are urged to upgrade to the patched versions to protect their systems from these risks.

Contact Neuways for IT Support

If you need any assistance with your IT support, then please contact Neuways and we will help you where we can. Just get in touch with our team today.

Source: https://bit.ly/3DiDhsa