What are distributed spam distraction attacks?

The average person goes through anywhere between one and a dozen assorted emails per day, but have you ever experienced receiving a few thousand emails in a span of a few hours? If so, you may be experiencing a distributed spam distraction (DSD) attack. Here are some things you should know about it:

What is DSD?

DSD is a type of attack wherein cybercriminals bombard email inboxes with tens of thousands of emails in a short span of time, typically between 12 and 24 hours. These emails don’t contain dangerous links, ads, or attachments, just random excerpts of text taken from books and websites. But because of the sheer volume of these emails, deleting and blocking each one of them can be overwhelming. Worse, the email and IP addresses used to send them are all different, so victims can’t simply block a specific sender.

While these spam messages may seem like harmless annoyances, their true purpose is to draw victims’ attention away from what attackers are doing behind the scenes, which is stealing and using personally identifiable information to conduct a raft of illegal activities. These include stealing money from the victims’ bank accounts or making unauthorized purchases in their name. In a DSD attack, the thousands of spam emails serve as a smokescreen that hides payment confirmation messages.

In other words, if you are receiving an unusually large volume of emails from legitimate-looking accounts, you should act very quickly because the attackers likely already have access to your login credentials.

What signs should users look out for?

Over the years, attackers have developed new DSD tactics. Several reports show that instead of nonsensical emails, these crooks are using automated software to trick their targets into signing up for thousands of free accounts and newsletters to distract them with authentic messages. This allows DSD blasts to slip past spam filters that weed out the email text used in traditional DSD attacks.

Also, anyone can go on the dark web and pay for DSD services. For as little as $40, you can get an attacker to send out 20,000 spam emails to a specific target. All you need to do is provide the attacker with your target’s name, email address, and credit card number — all of which can also be purchased on the dark web.

What to do if you’re experiencing a DSD attack

DSD is a clear sign that your account has been hijacked, so if you receive dozens of emails in quick succession, contact your bank to cancel any unfamiliar transactions and change your login credentials as soon as possible. Also, you should install anti-spam software, or update your existing software if you already have one to protect your inbox from future DSD attacks.

Attackers only initiate DSD attacks after they’ve obtained their target’s email address and personal information, so make sure your accounts and identity are well protected online. Regularly change your passwords and PINs, enable multifactor authentication, set up SMS and/or email alerts for whenever online purchases are made in your name, and be careful about sharing personal information with others.

DSD is just one of many cyberthreats out there. For expert advice on how to ensure your safety and security online, get in touch with our team of IT professionals.

This post was originally published on this site

Protecting Your Business from Cyber-Criminals

Even small businesses can be vulnerable to cyber-attacks, which can compromise not only your company’s integrity, but possibly result in leaks of sensitive information, proprietary secrets, financial data, and client information. Ensuring your computer systems and online activities are protected will be an asset for you and your customers. B.S. Consulting offers a range of resources that can help keep your business operating in a safe and secure manner.

What is Cyber-Crime?

According to the Federal Bureau of Investigation (FBI), cybercrime includes activities like email scams, identity theft, and the installation of ransomware that holds data captive in exchange for monetary payment. Malware and viruses can also compromise or shut down your network. Some types of cyber-crime are highly sophisticated, which makes them even tougher to identify and eradicate. Your best defense, in this case, is a good offense. Making sure your systems are secure and that you’re alerted to suspicious activity will keep you, your business, and your customers protected.

What’s the Damage of Cyber-Crime?

On the low end of the spectrum, small attacks can result in slow-operating systems, glitches, corrupted files, and reduced productivity. On the higher end of the scope, cyber-crime can be financially devastating for you or your clients. You also run the risk of having your reputation ruined if you have a data breach. Consumers need to know the companies they do business with are protecting their personal and financial information, so guarding against cyber threats is a critical function of business operations. 

How Criminals Target Businesses

The majority of cyber-crime is financially motivated, so hackers and bad actors look for opportunities to steal money. This might be in the form of lifting identities and getting new credit or access to finances under those names. Skimming credit card data is another approach, while phishing scams that trick people into sending money under the guise of legitimacy are another. Criminals may also target wealthy individuals, as well as businesses that have wealthy clients or are likely to have financial information for clients in their databases. Criminals look for unprotected systems that are easy to access.

Why You Must Train Employees

Having anti-cyber-crime protocols in place can help reduce your company’s vulnerability. According to PC Mag, instruct employees about proper online activity and information protection. Also, be detailed in explaining what type of information is shareable and what is not, and institute strict password guidelines to help reduce the potential for botnets that spread malware. Staffers should also be instructed to immediately report any activity that appears unusual or suspicious. If you have an IT staffer or consultant, regularly-scheduled diagnostic system reviews can also help identify areas of concern.

Be Proactive in Protecting Networks

Preparation is key to reducing the potential for security breaches. In addition to training employees, back up your systems regularly and update software as necessary. If you aren’t a cybersecurity expert, enlists the services of someone who is. This is a rapidly evolving field, and professionals who work in it every day are up to speed on relevant best practices. Consider hiring a freelance cybersecurity professional from a reputable job board. Weigh reviews, delivery time, and cost before retaining someone’s services.

The world of cyber-crime is continually advancing, evolving, and becoming more and more sophisticated. To protect yourself, your business, and your clients, ensuring the security of your networks is an issue of paramount importance. If you are hacked or otherwise infiltrated, fast action is a necessity. Contact B.S. Consulting to learn more about the best ways to prevent and appropriately respond to cybercrime activity in your business. Call (512) 434-0611 or reach out via email.

Photo by Pixabay