Smishing

Phishing is one of the biggest threats that every internet user faces. 

It is a form of attack where the attacker tries to lure user´s data by using a fraudulent e-mail message or a page that resembles a familiar website or e-mail address. When the attack is successfully carried out, login data or even access data to bank accounts is stolen. The best targeted group is the elderly, who do not have sufficient knowledge in Internet security and are easily lured by fraudulent e-mails.

Most often, phishing attacks can be associated with topics such as:

• fake sweepstakes;
• the current epidemiological situation (for example, there are many attacks related to COVID-19);
• requests to update personal data;
• and more. 

However, there are ways to effectively defend against phishing attacks. In addition to properly set mail hygiene in the company (allowed and forbidden mail servers, spam filters, content filters, etc.), it is very important to ensure that employees are regularly trained in cybersecurity, thus ensuring their vigilance.
 

OUR APPROACH AND SOLUTIONS 

Social engineering is usually the first step to infiltrating a company. At BDO, we implement smishing and phishing campaigns, the aim of which is to verify how many of target users fall victim to social engineering.

Campaign steps:

• In the first step, it is important to introduce our specialist to the company, to agree on the scope and target groups.
• The next step is to create fraudulent pages that are a faithful copy of the original ones. Differences and substitutions are usually purposefully very small, for the reason that the copy is not easily recognizable at first glance.
• This is followed by the creation of email templates to be used in various smishing and phishing campaigns.
• The output is a report that informs how many people did not detect the scam, from which devices and with what frequency they accessed the fake site, etc...
• (If interested) The training that follows the campaigns (and is highly recommended). Target users are introduced to the techniques that have been used and warnings on how to defend themselves, how to recognize them, how to prevent them etc...

You can configure the wireless firebox to detect unauthorised wireless access points that operate within the same range as your wireless network.

An unwanted access point is any wireless access point within range of your network that is not recognised as an authorised access point or is not configured as an exception in your wireless deployment. A rogue access point can be an unauthorised access point that someone within your organisation has connected to your network without permission. These access points pose a security risk to your wireless and wired network if they do not have the proper security features enabled. A rogue access point can also be an access point outside of your wireless network that is within range of your network. This includes fraudulent access points such as Honeypot or Evil Twin that masquerade as legitimate access points by broadcasting the same network SSID name as your authorised access points.

When you enable rogue access point detection on your Firebox wireless device, the device's wireless radio scans the wireless channels to identify unknown wireless access points. You can configure the scan to run continuously or to run at a scheduled interval and time of day.

Take social engineering to the next level with hot plug attacks (HAK5), which are devices hidden in the packaging of a common USB flash drive, network cable, wi-fi receiver and other devices.

Hot plug works largely on human vulnerabilities. For example, for devices that hide in the packaging of a flash drive - RubberDucks - the device is identified on the computer as a keyboard or mouse, and the device can easily be infiltrated. That's because virtually every computer, whether a desktop PC, laptop, tablet or smartphone, takes input from a human operator via keyboard, mouse or touch. This is the reason ehy the ubiquitous HID - Human Interface Device - standard was created. Simply put, if you connect a device to a USB that claims to be an HID standard keyboard, the vast majority of operating systems will automatically detect and connect it. Windows, Mac, Linux or Android - it's simply a keyboard.

The simplicity is taken into account, for example in the scripting language used in these devices. Writing a payload is as simple as writing in a notepad.