As the holidays were in full swing and we said goodbye to 2018, hackers were busy at work putting their latest and greatest threats into the wild.
These particular threats are not necessarily attributed to the holidays, it’s just when new of these new threats hit. The FBI has issued the following reminders, which are worth republishing here. If you make one New Years Resolution, be it to read and take action on these recommendations.
The FBI suggests precautionary measures to mitigate the threat, such as:
- Conduct end user education and training on the threat of phishing emails.
- Continue to educate employees on scrutinizing links contained in emails, and not opening attachments included in unsolicited emails.
- Consider adding an email banner alerting when an email comes from outside your organization, so that it is easily noticed.
- Implement application whitelisting to block execution of malware, or at least block execution of files from TEMP directories, from which most phishing malware attempts to execute.
- Recommend stripping .iqy binary attachments from inbound email at the gateway.
- Implement procedures to detect suspicious activity and process patterns, such as remote scripts, and block this behavior before it can download any payloads. For example, Excel attempting to launch the Command Prompt (cmd.exe) and PowerShell in an attempt to download something from the Internet.
- Utilize threat intelligence sharing to stay informed of advanced threats.
- Continuously monitor security industry reporting pertaining to third-party or free software used by your organization. This reporting can often identify when this software has been incorporated in a malicious scheme.