This is one of the easiest ways cyber criminals manage to gain access to your data and cause major damage.

All the patching, firewalls, antivirus and other various software become useless when your users fall victim to a social engineering attack. Here are two very real and dangerous examples from our J2 Cyber Security Centre’s findings:

1. Tax Invoice

The screenshot below shows an email that multiple clients were sent but because of the tools that we put in place; they were not delivered. The email urges you to open an attachment disguised as a Tax Invoice.
If you pay attention to the extension you would be able to tell that it is out of the ordinary, how would you pick this up? Because it is a .cab file and it should be a PDF or .zip file! If you open the attachment and the file you would unknowingly be installing malicious malware onto your computer, which in turn would infect the entire network.

Office 365 has a wide variety of built in security features, however, most businesses don’t utilise them correctly and therefore open themselves up to malicious attacks.

Two ways cybercriminals gain access to your Office 365 accounts is through brute force or your password which they acquire by performing social engineering tactics.

Another way they can gain access is through stolen devices. If you use Onedrive and your device is stolen, it can be used to access confidential company information if there are no security measures in place.

Employees can unknowingly be leaking information because the basic precautions are not in place and this leaves their machine and company data vulnerable.

Office has features that can assist in fending off these sorts of attacks and malicious activity but to ensure full email security, we still recommend that you include a solution like Mimecast to provide an enterprise grade layer of security on top of your Office 365 deployment and protect you from email-borne attacks.

Patch Management is an important layer in your cyber security program. Even though it is so important, it is often neglected or not done correctly. One small inconsistency can be your downfall.  

This could lead to unnecessary and easily avoidable problems. External attackers will exploit any vulnerabilities to gain a foothold in your environment and take control of the affected system, cause a crash, steal data or deploy malware.

New exploits are discovered daily and detailed findings are published in online databases, which is publicly accessible for both attackers and cyber security consultants.

The J2 Cyber Security Centre (J2CSC) team has detected multiple Crypto Miners across multiple platforms during the month of January.

A brief overview of a Crypto Miner

Many people sought after it in the “digital gold rush”. For that simple reason a new form a malware was born, the Crypto Miner, this simple program has one main purpose, to utilise the infected machine’s resources (such as the Graphic Processing Unit (Graphics Card) and Central Processing Unit (CPU)) to mine for crypto-currency. There are miners for multiple different crypto currencies including Bitcoin, Litecoin, Ethereum and a host of others.

Crypto currency is earned by verifying transactions by solving complex math problems. When this task is completed the transaction is made, Crypto is added to the blockchain and the miner is rewarded with a small piece. This is a very resource intensive process which means that the Crypto Miner virus will use a massive amount of the infected machines processing power, causing the machine to slow down and freeze up.

There are often many installed versions of the Crypto Miner found across