Home Network Security, Thursday Threats

Phishing scheme targets verified Twitter users; Vulnerability leaves millions of routers & IoT devices at risk

Thursday Threats 5/5

Cybercriminals have developed different avenues for trying to access personal information. You will often hear that they have breached servers to steal information, perhaps through technical means such as exploiting a security vulnerability.

But one of the most common methods cybercriminals deploy to gather personal data is through phishing attacks. Cybercriminals will deploy many different types of malicious email techniques  to coerce potential victims into handing over anything from account credentials and payments, to actual data points, such as dates of birth and address.

These messages can come via email, text or even a phone call, and typically try to engage their targets with an emotional plea. The message may say your account is in jeopardy, or that you’ve won a prize.

In this week’s BlackCloak Thursday Threat Update, we review a phishing attack targeting Twitter users, and a security vulnerability impacting millions of routers and internet-of-things devices.

Phishing scheme seeks out Verified Twitter users

What we know: Unknown threat actors have begun posing as Twitter Verified, the platform the social media company uses to determine whether an account meets the threshold for a blue check mark. Verified Twitter users have reported receiving phishing emails asking them to click on a link to address issues with their accounts, or else they will be suspended from the platform. 

Once clicking on the “Check notifications” button in the email, users are then asked to enter their credentials twice. After entering the credentials, a phishing kit will reset the user’s password, after which a page will prompt the victim to enter a login verification code, which the hacker will use to complete the process and lock the victim out of their account. From there, cybercriminals may spread scams and malware to other Twitter users under their name.

Recommendations: First, it’s important to note that Twitter, nor any other organization for that matter, will ever send you a message asking for your credentials. If you receive any message of that nature, it’s best to delete it immediately. Also, be on the lookout for other hallmarks of a phishing scheme, including messages that contain a call to action with a sense of urgency, misspellings or are from senders that you do not recognize.

Router and IoT vulnerability leaves millions of devices at risk

What we know: A recently discovered vulnerability leaves millions of internet-of-things devices and routers at risk. Researchers at Nozomi Networks said the flaw leaves the devices open to DNS poisoning attacks, which gives cybercriminals the ability to redirect victims to malicious websites or servers they control, rather than their intended location. The vulnerability may be present in devices manufactured by popular router vendors, including Netgear, Axis and Linksys.

Recommendations: Currently, there is no patch in circulation to address this vulnerability, but the stakeholders involved are working to develop one as quickly as possible. If you have a device from one of the vendors listed, or are concerned you may have a vulnerable device, keep your eyes open for the patch once it’s released. While you can attempt to update the device yourself, it’s highly recommended that you allow an IT professional to perform the task to ensure that you are protected.

Ensure your home network is protected from cyber threats

Cybercriminals will always be looking for ways to access your networks, and you don’t want to give them any opportunity to sneak their way in, especially in the comfort of your own home. To rescue risk, you’ll want to make sure your residential devices have the same level of protection as those at the office.

For more information, learn how you can protect your home networks beyond putting up a firewall, and why the home is the new battleground for corporate cybersecurity