Most IT security experts around the world believe that 80% of online frauds are happening through emails (Phishing attacks). Weaknesses in security policies, processes & infrastructure, and lack of awareness are to blame for such a kind of security breach.

That said, a phishing attack is one of the most dangerous types of cyber threat the world is facing now. But, how bad the situation is? To help you get a grip on the latest trends, we’ve brought together the statistics to put some light on the seriousness of the threat. Also, at the same, provide you with the remediation to ensure you are safe from security threats. 

Note: The statistics and report on phishing attacks provided are from third-party sources, they may change from time to time. We’ll be updating you with the latest figures as new researches unfold.

How Often Are Phishing Attacks Happening?

Every year, phishing attacks are rapidly increasing & in return posing a great threat to individuals as well as businesses around the world. According to a research report published in 2021 by Tessian, employees received an average of 14 malicious emails per year. 

While ESET’s 2021 research and phishing attack statistics show that a 7.3% increase in email-based attacks, especially phishing campaigns is seen between May & August 2021.

In addition, the 2021 report on phishing attack by IBM 2021 cited a 2% rise in phishing attacks between 2019 and 2020. Said to have partly occurred during COVID-19 and supply chain uncertainty. Plus, CISCO’s cybersecurity threat report shows that around 86% of organizations are falling victim to phishing attacks just by clicking on malicious links. And, as per the company’s data, majorly phishing is responsible for 90% of data breaches. 

It’s hard to predict the frequency of phishing attacks due to their uneven distribution throughout the year. However, CISCO discovered that attacks related to phishing are likely to arise during the holiday season. Reports suggest that phishing attacks surged nearly by 52% in December itself.

Phishing Attack Statistics Reveal The Attacks Spiked During Global Pandemic

Many cyber criminals took the advantage of the unfortunate COVID-19 and remote working situation. According to Zscaler, between January & March 2020, the number of suspicious messages targeting remote workers drastically increased by a huge percentage. While the number of COVID-19-related spear phishing attacks soared by around 600%.

In addition to that, the outbreak has seen approximately 130,000 plus suspicious newly registered domains. The sole motive behind registering for new domains is to take advantage of words and themes associated with current events and to slip away from reputation blocklists.

What Are The Most Common Subject lines Picked For Phishing Attacks?

Since the major source for carrying out phishing attacks is email, threat actors came up with clever subject lines to easily hook the users.

As per the phishing attack statistics and report by Symantec’s 2019 Internet Security Threat Report (ISTR), the top five subject lines for business email compromise (BEC) attacks started with: ‘Urgent’, ‘Request’, ‘Important’, ‘Payment’, and ‘Attention’.

Here are the most popular subject lines used by hackers in Q4 of 2020 –  

IT: Annual Asset Record

Changes to your health benefits

Twitter: Security alert: Urgent action needed

Amazon: Your Amazon Prime Membership has been declined

Zoom: Scheduled Meeting Error

Google Pay: Payment Successful

Stimulus Cancellation Request Approved

Microsoft 365: Action required:

Workday: Reminder: Important Security Upgrade Required

The Data That’s Compromised and The Overall Cost Associated

With reference to phishing attack statistics, cybercriminals target compromising these types of data.

1. Credentials(User names, passwords, ATM pins, etc)
2. Personal information(Name, address, email address, etc)
3. Medical Data(information related to medical history, health insurance, etc)

If you look into the serious impact of successful phishing attacks, then according to cyber experts here are the consequences cited by them.

• 61% of organizations lost their sensitive data.
• 53% of industries compromised their credentials.
• 20% of enterprises experienced financial losses. 

According to a report by IBM, data breach costs increased to 4.24 million dollars, the highest average total cost in history.

Phishing Attack Statistics Highlighting Real-World Examples 

With time phishing attacks also evolved and their target became corporate employees. They fulfill their malicious intentions through Business Email Compromise (BEC) attacks.

One of the biggest BEC scams of all time is when tech giants Facebook and Google fall victim to a phishing attack that led to losing $121 million. Just like that, many reputed organizations Toyota, Snapchat, Ubiquiti, etc to name a few also lost millions of dollars due to security breaches in their IT infrastructure.

Reports suggest that BEC attackers managed to make $1.8 billion in 2020 which is far more than the amount made via any other form of cybercrime.

How Can You Control The Phishing Attack Spikes?

Report on phishing attack suggests that you can’t stop hackers from sending phishing emails. But, you can certainly adapt to proactive security measures to prevent them. One such step is training. You should start taking the help of experienced professionals to educate your staff to make them aware of phishing attacks and their impact.

Whether it’s providing education around social media phishing, applying stronger endpoint solutions that can identify malicious behavior across device types, reducing smishing, or testing out a new zero-trust strategy, SysTools’ Cyber Experts always are on the frontline to assist. Hence, your organization should have the support of experienced hands to make the workplace more secure and phishing free.

Also, read the article Hire Professional Forensics Investigators to Identify Moonlighting Employees.

The post Phishing Attack Statistics and Trends You Should Know appeared first on SysTools Tech Blog.

Microsoft detected BlueKeep attacks connected with a coin mining campaign on November 2, 2019 and urges users to update outdated Windows OS.

For the first time, Microsoft perceived a malware campaign weaponized the BlueKeep vulnerability. The Microsoft Defender ATP Research Team also warned about upcoming destructive BlueKeep attacks and recommended Windows users to patch their OS as soon as possible. According to Microsoft, these attacks are using the same C2 (Command-and-Control) infrastructure that was being used with the coin mining campaign detected in September.

What is BlueKeep?

BlueKeep is an unauthorized remote code vulnerability affecting the out-of-date Microsoft Windows Versions. It is a wormable (a self-spreading malware), indexed as CVE-2019-0708, which allows any malware exploiting the Windows vulnerability to spread from one computer to another even without any user interaction. It directly attacks in computers’ RDP (Remote Desktop Protocol) that connects a computer (with Windows XP, Windows 7, Windows Server 2003, Windows Vista, Windows Server 2008 and Windows Server 2008 R2) to another over a network connection.

BlueKeep was first detected by UK National Cyber Security Centre in May and from May-mid, Microsoft is urging it’s users to apply a patch. BlueKeep directly attacks in the RDP of Windows computers and install a cryptocurrency miner, which allows cyberthreat to spread around quickly.

“As per our security signals, RDP-related crashes, associated with the use of unstable BlueKeep Metasploit module on certain sets of vulnerable machines”, quoted by Microsoft Defender ATP Research Team in an article.

A Critical Wormable Remote Code Execution Vulnerability in Windows RDP

In addition, Microsoft said that this is just the beginning of BlueKeep and the worst is yet to come. In future, the attackers will use BlueKeep for delivering the malicious payloads that will be much worse than these coin miners. BlueKeep will be a threat until the Windows Systems remain unpatched and the overall security posture will be unchecked.

The coin miner payloads delivered in the campaign were detected by Microsoft in UK, Spain, Italy, France, Russia, Ukraine, Germany and in several other countries. The attackers targeted all the vulnerable RDP services and downloaded multiple obfuscated PowerShell scripts, which were dropping the coin miner as final payload.

“Latest exploit attacks demonstrate that the BlueKeep will remain a threat as long as the Windows computers will remain unpatched and the entire security structure will remain unchecked”, Microsoft says.

Therefore, Microsoft is encouraging its Windows system users to update their outdated vulnerable systems immediately because all the unpatched devices could get infected or compromised easily. So, if you’re using an outdated Windows version, then the best method to address this vulnerability is to install the latest version of Windows OS.

The post BlueKeep Threat Confirmed – Unpatched Windows Computers are in Great Danger appeared first on SysTools Tech Blog.

Ever heard “We should be very careful while surfing the networks”? Of course, you’d because we all know this thing for a long time that cybercriminals and threats are lurking.

Last week security experts disclosed how eGobbler (a malvertising actor) victimized browser bugs and infected about 1 billion programmatic ads in two-months. Researchers also detected a new cryptocurrency crook and an IoT (Internet of Things) botnet launching various DDoS (Distributed Denial-of-Service) attacks. Moreover, they uncovered some new attack campaigns for even more established threats that includes Adwind and Emotet.

Those affected are basically iOS and macOS users through the so-called ‘zero-day vulnerabilities’, in both Chrome and Safari browsers.

So, What is eGobbler?

A series of uncontrolled malvertisement campaigns that have injected malware into thousands of devices, called eGobbler. It was titled eGobbler after generating billions of hits on the campaigns it generated.

gob·bler means a person who eats greedily and noisily.

As per his account information, it has infected WebKit (Safari) and Chrome both with around 1 billion advertisements. According to researches, this group can ramp up their purchase on weekends and holidays. These campaigns stay on the peak around 36-48 hours then, goes in the state of hibernation until the upcoming big push.

Users can easily recognize eGobbler as it uses “.world” TLD in its landing pages.

How it Works?

eGobbler is designed in such a manner that it skips all the browser features which blocks all the forceful redirections generated by unauthorized users.

Cross-origin inframes that loads resources from the domain other than the parent page, are being used in the forceful redirection endeavors. In some basic cases, the malicious ads try to redirect the parent page like – Top.window.location = “http://malicious_landing_page”. When this happens the browser security typically prevents this from happening but, eGobbler easily bypasses such browser mechanisms and initiates a forceful redirection to analyze if the user presses any button on the keyboard. All such forceful redirections will succeed on all the non-vulnerable web browsers in case if the sandbox attributes will be absent in the iframe where the ad is displaying.

Users will get a pop-up on the parent page even if the sandbox parameters will present. eGobbler hackers use CDNs (Content Delivery Networks) for payload delivery and whenever possible, they leverage subdomains carrying innocuous or famous brands.

Who’s Affected by eGobbler?

eGobbler was first detected in April 2019, informed by Apple and Google. But, the issue was not resolved at that time. Italy and Spain are the two most affect countries by this distributed malicious advertising. Initially, the attack was aimed just for mobile phones so it does not affect Chrome desktop versions but in second detection, the attack also affected WebKit, the search engine used by iOS and macOS in Safari. Attackers used the ‘onkeydown’, a JavaScript function that gets executed after pressing a key.

Till now, only Apple has updated its Safari vulnerability and Google is also developing its own solution. This means users who are not using the latest version are highly prone to get affected.

Final Words

Well, this is not the first time we are hearing about the eGobbler group. As we mentioned earlier, the hackers already executed their first major operation in early 2019. Hackers will try to gain your trust to infect your system and access your crucial information. They will overload ads and expect you to visit malware distribution sites. Therefore, be very alert while surfing on the Internet and get some good antivirus programs along with an anti-malware.

The post eGobbler Malvertising Affects 1 Billion Ads in Worldwide Campaign appeared first on SysTools Tech Blog.

“Making your calendar public will make all events visible to the world, including via Google search. Are you sure?”
Warning prompt on your screen, and you pressed OK button. Now, this is where the game begins.

Misconfigured Google Calendars are Leaking Your Private Information

Have you ever shared your Google Calendar with anyone intentionally or even without realizing it? If so, then its time to revisit your Google Settings immediately because all your commercial activities and events are on the Internet, everybody can access them.

According to security researcher Avinash Jain, “Right now, there are about 8000 publicly available Google Calendars that can be searched and accessed through Google’s search engine. These calendars not just allow others to see your confidential data but also add malicious information, events or links.”

Well, It’s Not a Vulnerability or Bug, It’s Misconfiguration

Most of us make calendars public for a particular group of users and think that we’re sharing the link with them only. But, it’s not true because when we make a calendar public, it gets indexed on Google’s database and later everyone can access it with an advanced Google search. Researchers ensure that the configuration does not sufficiently warn that sharing a calendar with others will expose a user’s private information in public.

So, it’s not something we can call a bug or vulnerability but, it’s the intended behavior of the service.

I was able to access the Google Calendars of thousands of organizations that leaked their confidential information like email identifiers, event’s name, location, the link of meetings, hangout chats, internal presentations and so much more.” said by a researcher.

This is happening with most of us including the most experienced Internet users because we simply ignore the warning. In this case, we cannot directly blame Google for exposing our Calendars data because the company specifically warns you before making it accessible for everyone. But, users apparently ignore the warning or some of us do not understand the privacy risks of making a Calendar public. Well, this is not happening for the first time as similar issues were encountered before with multiple networking sites, web portals like Facebook.

Proof: Several Poorly Configured Calendars, Exposed Private Information

Before a few months, scammers used Google Calendar Service to attack users for credential theft in which they sent victims an email containing an invitation to the event mentioned in their Google Calendar with malicious links.

Just a Few Searches and Private Information is Revealed

All the Google Calendar, you made public can be accessed by anyone in some simple quick searches. According to researchers, Google does not notify the Public Calendar Creator that someone is accessing or adding an event in their Calendar, which makes it difficult for users to know about the spammers and phishers. Moreover, there is no graphic indication in the Google Calendar interface from which users can get to know that they made their Calendar public and stop adding more personal events within it.

GOOGLE DORK (an advanced Google Search Query) can list all the publicly available calendars within a few seconds and expose all your private information in front of everybody.

So, How Can I Fix This?

To ensure your Google Calendars information is safe, check your Google Calendar Settings and make sure if you really want to share your Calendars publicly. In case if you want to share your Google Calendar with someone privately, then Google provides you an option to invite that specific user by adding their email addresses in Calendar Settings instead of making it public. To know more about this, visit – https://support.google.com/a/answer/60765?hl=en. Besides, you can enable Google alerts when your Google calendars, presentations, and docs go public.

Recommended Best Solutions to Secure Your Google Account

Recent researches shows, 6.5 million data records are stolen on daily basis and Data breach cases are becoming a day-to-day struggle for users. Therefore, we’ve picked some best solutions to secure your Google account. So, you can pick the solution accordingly:

1. Solution For Personal Gmail Account Users

SysTools Gmail Backup Software is one of the best and most reliable software that allows to backup your Gmail Calendars, Contacts, Emails, Documents. With this, you can save your Gmail Calendar events locally in .ics file format directly and prevent yourself from leaking private information online.

2. Solution For Business Gmail Account Users

SysTools G Suite Backup Software is another reliable utility to backup your Google Apps/ G Suite Calendars, Emails, Contacts, Documents, etc. With this, you can archive the data of both Single as well as Domain User Account and save your crucial information locally.

The post Attention: Google Calendars Are Exposing Your Private Information Online appeared first on SysTools Tech Blog.

Google Security Researchers claimed: “iPhone could have been hacked and spied for several years with a malware. Attackers had complete virtual control over devices and were able to access photos, passwords, chats, and other user data.”

Biggest iPhone Attacks Ever

Apple is back on headlines, for its security flaws. Google’s Zero Project Team, to investigate all the possible zero-day security failures of digital devices, has revealed a series of iPhone security holes, allowing malware strain. Since then, no one has ever noticed the issue and the team described it as “one of the biggest iPhone attacks ever”.

Thousands of pirated websites have been used to suck iPhone users’ information for years (at least two years) and every updated iPhone was vulnerable. These pirated sites, slip malware within iPhones quietly even without notifying anything to its users and a simple visit to the pirated site was very enough to exploit and attack the device. This attack was targeted indiscriminately, regardless of the region or country.

Ian Beer, a security researcher at Zero Project stated, “We’ve discovered exploits for a total of 14 vulnerabilities in 5 chains: 7 for the iPhone web browser, 5 for the kernel and the sandbox. When one exploit chain rendered useless by the Apple patch, the hackers were quickly implementing the next one.”

According to Ian Beer, Google’s instant messaging, Gmail, and Hangout were also affected, which provided details of how the malware has targeted and exploited the vulnerabilities of the iPhone. The Zero Project Team, tested almost every operating system and most of the security holes were found in the default Safari web browser.

Main Highlights

• The malware was stealing passwords, encrypted messages, photos, contacts, and live geolocation
• Attackers behind the iPhone hacking campaign are still unidentified
• If you’ve updated your iPhone recently or if you update it often, then you’re protected

Infected Websites Hacked Millions of iPhones Since 2 Years

The malicious websites were operating for the last two years and every iOS from v10 to 12 was vulnerable to attacks. Researchers discovered 5 different attack chains and said, once an iPhone gets hacked, it could be a spy on the target and attackers could access all the private information such as Photos, GPS, iMessages, etc.

Once the malware embedded with the iPhone, it captures all the user data including live geolocation and transmits it to the attackers every minute. iPhone users wouldn’t even know that their device is being hacked because the malware runs in the background without any indicator and there’s no another way to identify if some process is running behind the device.

Who’s Behind All This?

Well, this question is still unclear and the experts of Zero Project made no assumptions concerning this. But, aimless attackers behind multiple infected websites is quite unusual, said experts without disclosing more precise information. So, it seems like neither Google nor Apple has any accounting of victims but, there might be other clues.

What Apple Did Next?

Since Google has given a week to Apple to resolve all the revealed flaws so, after 6 days, the company released a patch available on iOS 12.1.4 for iPhone 5S and iPad later models. After rebooting, iPhone wiped the malware. Apple has patched all the security holes in different updates including iOS 12.1.4 that fixed the FaceTime listening error and other security issues discovered by Google’s Zero Team.

Eventually, if you are an iPhone user, we recommend you to check if you are using the most up-to-date iOS version or not. The latest updated version of iOS is 12.4.1.

The post Google Discovered a ‘Web Exploit’ That Has Hacked iPhones for Years appeared first on SysTools Tech Blog.

Finally, its time to say Goodbye to Donut, KitKat, Oreo, and Lollipop because Google’s Android platform is on diet from now. Till date, Google used dessert-themed names for each major Android version and progressed names in alphabetical order after releasing Android Cupcake. However, with the upcoming mobile OS launch, the epoch or sweetness will be ended.

Thursday: Aug 22, 2019 – According to Google, the upcoming mobile operating system, earlier named Android Q, is leaving dessert monikers aside. The new Android Q will not be titled as Android Quesillo/ Quiche/ Quinoa but, will simply be called “Android 10”. This Google update has ended the tradition of the past ten years of naming Android OS versions with dessert names.

The Announcement of the Official Name of Android 10

“Well, dessert-themed naming convention was really fun but now Android OS has become a global operating system and is used in 2.5 billion devices worldwide. So, the name of the Android OS must be clear and relatable for every user in the world. Therefore, we’ve decided that the next release of Android will simply use the version number as a name and be called Android 10.” the company posted in its official blog post.
Sameer Samat, responsible for Android products says “After a deep research, I found that pie is not a dessert in all languages, pronouncing lollipop is difficult in some regions and the meaning of marshmallows is nothing in many places. So, we think this major change can help to make Android OS names simpler and intuitive for the global community.”

So, the official name of Android Q is Android 10, plain and super simple. Android 10 is so much more than 9 and a bit less than 11. Remembering Android 10 only will be much easier for users than remembering that Marshmallow is Android 6, Nougat is Android 7, Oreo is Android 8, and Pie is Android 9.

The latest Android OS will officially be available in the fall from Pixel 4 and Pixel 4 XL, although it has arrived in the shape of beta for some months. Then, it will be deployed to different mobile brands. Motorola, Huawei, LG, and several other companies have declared that their upcoming cell phones, especially from the high-end, will comprise Android 10. Some other innovations that will come up with Android Q are Security Improvements, Modern Gestures, Compatibility with 5G, Live Caption, and much more.

One More Update – Android Logo is Also Updated as a Part of This New Idea

Moreover, Google is updating the Android logo to give it a modern accessible look along with this new idea. This time, that Android robot is situated at the top of the text and the green color of the logo also has been replaced with black for improved visibility.

The Verdict

Eventually, the latest Android version with the latest Android logo is about to come in a few weeks. From now on, all the upcoming Android versions will be known as Android 10, Android 11, and so on along with a modern logo.

The post The Official Name of Android Q is ‘Android 10’ – The Sweet Emotion Has Gone appeared first on SysTools Tech Blog.

A message was posted recently on the company’s blog in which Simon Pope, Microsoft Director of Incident Response stated:

“About 800 million Windows 10 users were potentially at risk of being infected by a virus and this virus could be transmitted from one infected computer to another even without any user action. All the clients who have enabled automatic updates are already automatically protected”

Microsoft engineers discovered two CRITICAL system vulnerabilities that can rival the previous “BlueKeep” crisis. This bug could lead users to new issues like “deworming”, which means the malware could be spread from one machine to another even without any user interaction.

So, Microsoft Asked its Users to Update Their Windows 10 ‘Immediately’

Windows 10 is a globally popular desktop operating system and as per Net Marketshare, more than 800 million digital devices are using it. Lately, while running a simple security test, Microsoft engineers detected some “critical” vulnerabilities that are potentially “problematic and could damage/ infect millions of Windows 10 machines. It was like the BlueKeep bug, which was a malicious code that allows hackers to control the affected systems.

Therefore, Microsoft launched a patch to protect millions of computers and urge its clients to update their Windows 10 version as soon as possible. Precisely, this updated package is specially designed to defend systems from some serious vulnerabilities in Windows 10 among which two are just like the BlueKeep vulnerability discovered in earlier Windows versions this year.

This is How You Can Update Your PC’s Operating System

If you have enabled automatic updates on your Windows 10 computer then, that’s good because you’re protected already. But, if in case, you are one of those who update their machine manually, then, you have to protect your crucial information and this can be done via installing the latest security update for Windows 10. Below are the instructions to update your system:

• Open your Windows 10 Start menu and search Settings
• Select Update and Security >> Windows Update

• Check Updates Available
• If new updates are waiting to be installed then, Download them

The post ‘Update Your OS Immediately’ – A Warning By Microsoft to Windows 10 Users appeared first on SysTools Tech Blog.

As it occupies limited space that is 10MB so, it is easily downloadable. It doesn’t run out all the space unnecessarily. Moreover, it is compatible with SD Card where you can store photos of your choice. In Gallery Go, AI is used for the proper management of your photo collection. The systematic approach facilitates searching of what is needed. Features like auto-enhance brighten up your pics along with the simple to use tools, for example, rotate, crop and filters.

You can download Gallery Go Google apk from the Play Store. It supports any device in which Android 8.1 Oreo or above version is installed.

What Exactly Gallery Go Makes Possible For You

1.Systematized Your Memories

Gallery Go arranges your reminiscences, captured in photos, enables to find your much-loved selfies more easily, documents which are important are now effortlessly traceable. Without using internet data, labeling of pics is done automatically along with many other features. You can create folders for the systematic arrangement of the photos. Gallery Go is compatible with SD cards so, you can copy your pics without any hassle.

2.Editing tools – Simple yet Useful

Great Looking photos are everyone’s wish which is fulfilled by this App that too in few taps. Auto-enhance feature fixes Google Photos instantly. In order to get a new look, various filters are available for example, rotate and crop to make photo to look right.

3. Designed To Be Light and Offline

Gallery Go was designed while keeping this in mind that you could manage your photos even with less data connectivity. As it takes 10 MB of space on user’s phone so, this app doesn’t slow down user’s phone and provide enough space to store more memories.

4. Systematic Approach For Photo Organization

Gallery Go group wise organize your photos and this grouping is made on the basis of: Selfies, Nature, People, Animals, Videos, Documents and Movies etc. It saves your time as you need not to scroll much for the photos of people belongs to your family. You could stay organized and have more time to share your memories with friends and family.

5. Exclusive Feature AUTO-ENHANCE

Gallery Go makes your photo to look one of the best photos. As user just by taping at photo editing tool i.e. auto–enhance, can do this wonder.

6. Folders To Organize, SD Card Support

Folders are used to organize photos the way you want. Moreover, additional storage support is provided by SD Cards for viewing and editing as well.

7. Improved Performance

Gallery Go does not occupy much space so, provide more space vacant for storing your personal photos. Further because of this it prevent slowing down of your phone as well.

8. Functional Even If Offline

It is a light-weight app and give facility to work even offline. It can manage and store your pics and videos without eating up all data.

*Currently grouping is not made available in all countries

Quick Glance At Features

• One-Tap Editing
• Easy-To-Use Tools Like Filter, Rotate, And Crop
• Use Less Space
• Optimized To Perform Best
• Photos’ Sharing Without Slowing Down Phone.
• Makes Sharing Of Memory Worth
• Fast Searching Of Photos That Too With Systematic And Automatic Organization.
• Auto-Enhance Tool Enhance Picture Quality.
• Less Data Usage Make You Work Even Offline.

Wrap-Up

Gallery GO is basically designed for developing countries like Nigeria as an alternative of Google Photos. It was aimed to provide functionalities of a photo gallery and is designed to work offline. It uses machine learning to organize photo and let user’s photo look at their best. User can improve picture quality by using Auto-enhance feature and apply filters as well. This App is designed to work offline and it takes space upto 10MB on user’s phone. The entry-level smartphone users will be able to find, edit or manage their photos easily, in fact without having high-speed internet connection or cloud backup.

The post Gallery Go: Lightweight, Advanced App Replacing Google Photos appeared first on SysTools Tech Blog.