As we commence the opening of the winter Olympics today and given the heightened interest this year, this is also a prime opportunity for cybercriminals to exploit the security of the games online using phishing attacks and sending harmful emails.
David Grange, of Dyn has offered some thoughts and advice on the subject.
“The spike in interest around the Winter Olympics offers a prime opportunity for cybercriminals targeting users with phishing attacks – and making businesses an easy target. More than 144 billion emails are sent every day with a large portion of those being vital transactional emails sent from businesses across the world. By sending emails pretending to be event updates and insight, cyber criminals capitalise on the widespread interest in the Winter Olympics to inject malware or malicious downloads onto company servers. The only way to know whether the emails in employees’ inboxes are coming from a verified sender is to use DNS. While traditionally, DNS is associated with keeping websites performing fast and preventing downtime, DMARC offers up a new way of authenticating email delivery by using the DNS. If the email that arrives does not pass this validation process, the receiver then knows to junk or reject the email, avoiding harmful messages. This method eliminates the guesswork and ensures every step along the email delivery chain is secured.”
To avoid becoming the victim of an Olympic phishing scam, David recommends that businesses should consider:
1) Advising their employees to check links before clicking by hovering over them, or holding them down for a few seconds on smartphones
2) Encouraging employees to go websites directly in their web browser rather than clicking a link from a suspicious email
3) Evaluating their email security and consider strengthening their defences with technologies such as SPF, DKIM and DMARC
David Grange, Director of Operations and Client Services (EMEA) at Dyn
Dyn solutions are at the core of Internet Performance. Through traffic management, message management and performance assurance, Dyn is connecting people through the Internet and ensuring information gets where it needs to go, faster and more reliably than ever before. Founded in 2001 at WPI, Dyn’s global presence services more than four million enterprise, small business and personal customers.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.