Skip to main content

How does Cyber Criminals Spear Phish you?

How does Cyber Criminals Spear Phish you?

  1. Cyber Criminals will scan thru internet and target business that 
    • Multiple presence globally
    • Have overseas customers
    • Have overseas suppliers
    • Doing regular bank transfer payment
  2. From your website, study your nature of your business
  3. Thru social engineering, ask for the finance/accounts key person's email address 
  4. Thru social media like Facebook, LinkedIn, study how to target the key person. 
  5. From the domain information, the cyber criminal can know whether the user is a Google, Office 365 or Domain Registrar POP/IMAP Mail Hosting  
  6. Obtain the key person email password by directing you to go to the fake website to authenticate identity and password.
  7. After obtaining the mail login credentials, login to webmail and setup 3 forwarding email rules to monitor your activities silently (See Below)
    • Email that has certain keywords in the subject or body like "late payment", "wire transfer", "due payment" and so on (See Below)
      • to identify potential victim 
    • Email sending "TO" certain email address of the potential victim
      • to monitor, analyse and plan for the right time to strike
    • Email receiving "FROM" certain email address of the potential victim
      • to monitor, analyse and plan for the right time to strike
  8. Buy a suitable similiar domain name under a fake identity
  9. Send email phishing to the targeted email address (planning for the next victim)
  10. Send spear phishing (phase 1) to the targeted email address to remind on upcoming payment
  11. Send spear phishing (phase 2) to the targeted email address to follow up on upcoming payment
  12. Send spear phishing (phase 3) to the targeted email address requesting for a change in bank account and to make a bank transfer 
The best way to know whether you are a victim of spear phishing is to check your email rules.

For Office 365 users

  1. In a web browser, sign in to Outlook Web App using the URL provided by the person who manages email for your organization. Enter your user name and password, and then select Sign in.
  2. At the top of the page, select Settings > Options.
  3. In Options, select Organize email > Inbox rules.

For Google users

  1. Login to Gmail
  2. Near the top right, select the Gear Icon and click on "Settings"
  3. Select "Filters and Block addresses"
  4. Go thru the rules





Over the years, cyber criminals have learnt how to monetize their criminal activities. It is so amazingly well structured and highly automated as well.

Are You in High Risk Group?

  • Your domain is using .com or .net
    • .com.sg or .sg are safer as you will need a SingPass to register these domain
  • If your domain has these letters 
    • g → q
    • m → rn (r & n)
    • n → ri (r & i)
    • i → 1 (numeric 1)
    • w → vv (2 v)  
    • d → cl (c & numeric l)
  • Multiple presence globally
  • Have overseas customers
  • Have overseas suppliers
  • Doing regular bank transfer payment
  • Do not have Endpoint Security
  • Do not have secure VPN/2FA
  • Use android phones
  • Do not change password regularly
  • Access webmail on public and friends PC/Notebook
  • Your email might be compromised - You can check here https://haveibeenpwned.com/ 

Comments

Post a Comment

Popular posts from this blog

Mail Flow Topology

It is important to understand the entire mail flow from sender to receiver. It helps to understand the entire mechanics and workings of all the several components that exists in the mail flow topology. The understanding of this will help you to troubleshoot why some email cannot be send or why you cannot receive certain emails. A - User compose a  email using Mail Client. The email is sent from mail client to mail server via SMTP, MAPI or ActiveSync. The Mailbox maintain constant connectivity B - Mail Server check for outgoing mail security rules/policies C - If YES, then check for Internal Mailbox D - Deliver to Mailboxes E - If uncached or new MX Domain record, then query MX from DNS Server F - Sender Mail to Receiver Mail Server via SMTP (25, 2525) or SMTPS (465) or SMTP/TLS (587) G - Received Mail Server check SPF records H - Mail Server check for incoming mail security rules/policies I - Mail Server check for valid user mailbox J - Mail Server deliver to User mai...
Post a Comment
Read more

Nvidia GeForce RTX 2080 Ti

Nvidia GeForce RTX 2080 Ti RTX. IT’S ON. NVIDIA’s newest flagship graphics card is a revolution in gaming realism and performance. Its powerful NVIDIA Turing™ GPU architecture, breakthrough technologies, and 11 GB of next-gen, ultra-fast GDDR6 memory make it the world’s ultimate gaming GPU.  NVIDIA TURING GeForce RTX™ graphics cards are powered by the Turing GPU architecture and the all-new RTX platform. This gives you up to 6X the performance of previous-generation graphics cards and brings the power of real-time ray tracing and AI-powered DLSS 2.0 to games. UP TO 6X FASTER PERFORMANCE REAL-TIME RAY TRACING IN GAMES POWERFUL DLSS 2.0 AI-ENHANCED GRAPHICS REINVENTING DESIGN The factory overclocked GeForce RTX™ 2080 Ti Founders Edition graphics card features a next-gen 13-phase power supply for maximum overclocking and dual-axial 13-blade fans coupled with a new vapor chamber for ultra-cool and quiet performance. DLSS 2.0 MAX FPS. MAX QUALITY. POWERED BY AI NVIDIA DLSS 2.0 boosts fr...
Post a Comment
Read more

Why we need a Synology NAS

What is NAS NAS (Network Attached Storage) is an intelligent storage device connected to your home or office network. You can store all your family and colleagues’ files on the NAS, from important documents to precious photos, music and video collections. By using a web browser or mobile apps, you can access files and use various services provided by the NAS via the Internet. For Home Why Do You and Your Family Need One How many photos and videos do you take each day? Is your phone or laptop running out of space? Our constant challenge is that the number of our digital files keeps going up and they are scattered across different devices and services. To consolidate these files into one safe place, you need a secure and centralized storage solution. “Wait, don’t Google Drive and Dropbox already do that? Can’t USB drives solve all my storage problems?” The major drawbacks of storing files on the public cloud are letting someone else hold all your personal files and high monthly subscript...
Post a Comment
Read more