Cyber Threat Report: Malicious Websites
In the last few weeks, we’ve seen a huge influx of malicious websites. One attack in particular made major headlines, ‘WastedLocker: Symantec Identifies Wave of Attacks Against U.S. Organizations’. Dozens of U.S. newspaper websites had been compromised by an injected malicious code. Thirty-one organizations, including eight Fortune 500 companies, were compromised when employees clicked on these infected news sites. The end goal of these attacks was to cripple the company’s IT infrastructure in order to demand a multimillion dollar ransom. Luckily, the breach was caught before the hackers had a chance to launch their attacks, saving these companies “millions in damages, downtime, and possible domino effect on supply chains.”
Don’t let this happen to you. Combat these attacks by practicing safe website browsing.
How to identify a malicious website:
- The website asks you to download software, save a file, or run a program.
- Visiting a website automatically launches a download window.
- The website asks you to download an invoice or receipt, such as a .pdf, .zip, .exe, or .rar file.
- The website may tell you that your computer already has malware and prompts you to download a repair tool.
- You have won a competition or free drawing. For example, “You are the 1,000th visitor today”. Beware of the word ‘free’.
- If the website does not have a trusted certificate or prompts that the site is unsecured, proceed with caution and make sure you are visiting the site you intended. Most browsers will have a broken lock or a red ‘Not Secure’ next to the site name if the certificate is bad or the site isn’t trusted.
- Be careful with typos or misspellings in the URL address. For example, you visit mns.com instead of msn.com.
- If you’re suspicious about a website, use the Google Transparency Report to see whether the website is currently dangerous to visit.
- Be careful clicking on links that redirects you to another place. For example, a pop-up that will show an interesting topic or click-bait.
In addition to keeping your eye out for the red flags listed above, the best way to protect yourself from malicious websites is to keep your computer’s software and operating system up to date. Often times, cyber criminals exploit known security problems in software. Software updates repair these security holes and vulnerabilities, fixes or removes bugs, and can even add new features and remove outdated ones. Also, software updates will make your system more stable and often boost your system’s program performance as well.
Remember, clicking on the wrong link could cost you – you could lose money, personal data, and even put your loved ones and company at risk.
If you have any questions regarding a malicious website or if you think you accidentally visited one, do not hesitate to reach out. You can give us a call at 706.426.6313 or send us an email at Info@AugustaITGuys.com.
4332 Wheeler Road #105, Augusta GA 30907