Credential Harvesting

Limit Credential Harvesting With 2-Factor Authentication

We have recently seen a worrying spike in cyber-attacks which:

  • Aim to steal user’s login details
  • Bypasses traditional Spam, Anti-Virus and Firewall protection
  • But, is preventable with 2-Factor Authentication

Watch Phil’s Awareness Video.

Commercial Director, Phil Denham has put together this short awareness video. We recommend that you take a few minutes to watch it, to understand how therse attacks happen, and the impact it can have on your business.

Our Support Desk Have Reported An Increase In Credential Harvesting Attacks On Businesses.

So much so, that this has prompted us to take action and implement measures to protect our customers. These attacks are leading to users freely giving away their usernames and passwords to seemingly legitimate login pages.

These attacks are often coming from genuine contacts in your email list, as they have been affected themselves. Therefore, these emails and requests are not picked up by anti-spam solutions, firewalls or anti-virus software in most cases.

This is preventable by using 2-Factor Authentication as it requires hackers to have multiple pieces of unique information in order to access services or accounts that users may have compromised.

We strongly advise that you act quickly and speak to your account managers today.

Office 365 customers may have a 2-Factor Authentication as part of their subscription, which can be used as part of a larger solution, but we urge you to speak with someone to understand how this affects your particular business.
Call us today on 01724 400 303 or contact your account manager directly.

Hi everybody,

I just wanted to give a quick update because several different attacks are happening at the moment from a cyber-security point of view that are affecting far too many customers and far too many people that we’re seeing out there. The fix of it is relatively straight forward.

So we wanted to do some updates in various methods included in this video to make you aware of what’s going on and ultimately what you can do to stop it.

So, what we’re seeing is what’s known as credential harvesting. Basically, this is when you receive an email that may well be coming from a legitimate email within your email contact book. For example, somebody else has been hacked that you know, and emails are coming from their email address and hitting you as the end-user.

What those emails normally look like is asking you to view a file or download a file that looks like it’s been accessed through Microsoft Office 365. So it looks like a file that’s been shared with you.

What happens is that you click on that link, then you are taken to a page that looks like the Microsoft Office 365 login page, you put in your details your password and something happens. Either it goes nowhere, or it fails or something like that.

But ultimately, you’ve just given away your login details to a cyber-criminal. What’s happening is those details are being used to do the same to your contacts. Potentially targeting your customers and your suppliers and sending out emails to do the same thing. (In other words, searching and harvesting more login details).

First thing, it’s not good for your reputation when it’s coming from you.

Secondly, it could easily be part of a longer kind of hack. Basically, where they are credential harvesting all of these details to put you on a bit of a list of someone that will click links, the next time around, that could be something much more severe and affect more than just reputation.

Now the fix for this is pretty straight forward it’s called two-factor authentication or multi-factor authentication. It’s no different from how your bank card works in that you need your bank card, one form of authentication, and the second one is a pin code.

So what this does, is it usually uses a mobile phone, so when I go to log into my Office 365 account or when I log into my computer, basically a little alert pops up on my mobile phone, the second factor and it says yes that’s me and it lets me in.

What that means is even if somebody gets hold of my username and password, they can’t actually log into either my computer or in my case, my Office 365 account or any other any of the other pieces of software I’ve got enabled.

So, how do you get there? What do you need to do?

The good news is if you’re using Office 365, which is where we see a massive amount of these kinds of attacks take place, it’s very likely that your Office 365 and subscription have 2-factor authentication included. However, it does depend on your subscription.

You would need two things.

One, there would be a small labour charge dependant upon the number of users you’ve got to get that set up for you.

It would help if you also had buy-in from your company because people are going to have to change the way that they work slightly. But hopefully, you can see from what I’ve talked about and some of the supporting material that we’re putting out the moment, just how important that is.

The second thing is to invest in a full-blown two-factor authentication program to cover your whole software and IT remit. We recommend Watchguard AuthPoint. That’s a product that can secure your PC, your Office 365, but also any other software as well. Assuming it’s in the right format, but it’s the vast majority of software.

So, if somebody gets my password and username for any other piece of software I use can also be locked down by two-factor authentication. There’s a little more investment from the software side, including the installation and the buy-in from staff.

We’ve done this all here at HBP and Kamarin to lock ourselves down.

The company buy-in initially can be made to sound a bit trickier than it is. For example, I’ve always got to remember my mobile phone to login to somewhere, but very quickly people buy into this. It’s very straightforward and easy.

So, we don’t like lots of scaremongering, and you have to do this. At the moment, this is by far the most prominent type of cyber attack we’ve seen.

We can’t urge you strongly effort to do something. If budget is the issue and you’ve got Office 365. There is a simple fix, with a relatively small charge in comparison to what you’re protecting against. If you want a bit of a belt and braces approach, then Watch Guard AuthPoint is the way to go.

If you’ve like to do something, can you contact your account manager or phone us up on our of our main lines and ask to speak to someone about Two Factor Authentication, and we’ll do everything we can to help.

Thank you