With the current situation in Ukraine, it is essential that we take extra steps to ensure our own security. A number of Russian hacking collectives, namely Conti, have been targetting companies and individuals in NATO member states, European Union, and anyone else who doesn’t believe and support the rhetoric coming from Red Square.

While I have no proof that the Kremlin supports these groups, there is a lot of collaborative evidence to show that is the case.

Until there is a resolution, please ensure you enhance your own security, both at home and at work.

  • Change passwords on a regular basis
  • Use 2 Factor Authentication where possible
  • Be careful when receiving emails with attachments, especially from people you don’t know / are not expecting
  • Restrict your social media useage, consider limiting who can read your posts / tweets.

You should also be aware of the signs of a scam

  • It appears out of the blue, such as winning a competition that you did not enter.
  • There is an air of urgency. A deadline to respond
  • They request details which you would not normally expect to be asked for, such as someone pretending to be your bank asking for your PIN. This may not be obvious (like “please give me your PIN”, but could take the form of “May I have numbers 1 and 3 from your PIN. I am sorry, that did not work, may I please have numbers 2 and 4”.) This could lead to your PIN being disclosed
  • There are threats in the contact, which could be a sextortion scam
  • Be aware of clicking on links in email. It is incredibly easy to spoof an address. Some sites will obsfucate the address (mail.legitcompany.com?returnUrl=https://www.virtuesecurity.com), some will make a domain similar to the one they are purporting to be from (support.appplecare.com), and some will use substitution of letters, such as double v to make vv (opposed to w).
  • This last one can be quite hard to spot, www.natwest.com (legit) against www.natvvest.com (not legit).
  • My general rule of thumb is “If it seems too good to be true, it probably is”.

Please be careful, if you receive something that doesn’t feel right, trust your instinct.

Until next time, stay safe, stay frosty.