February 09, 2021: International Safe Internet Day
This day, promoted by official bodies and with the support of the European Commission, aims to raise awareness about the importance of promoting a safe and positive use of digital technologies. Under the slogan “Together for a better internet” , the 18th edition of Safer Internet Day will be held around the world, with the coordination and holding of events to raise awareness about the safe use of the internet, especially dedicated to the protection of children and young people in the use of technologies.
In 2021, the celebration of this day makes even more sense than ever, due to the changes in lifestyle that the coronavirus pandemic has caused around the world. The Internet has been the means that has allowed the majority of the population to continue working, studying, shopping, socializing and entertaining when it could not be done in person. The use of internet has exploded worldwide, in the same way as they have done cyberattacks. During the past year, cybercriminals took advantage of the circumstances caused by the coronavirus to launch cyberattacks related to health matters , they also launched phishing and spam campaigns to attack users and launched large ransomware cyber attacks against recognized international companies.
The cybercriminals continue to evolve their attacks and taunting defenses users to take economic return to the carefree movements of citizens in the network. The greater the access to the Internet worldwide and its daily use becomes general in the population, the more cybercriminals evolve and become more sophisticated in their techniques and attacks . However, it is not always necessary for cybercriminals to update their tactics as some cyber attacks sometimes remain effective for many years. This is the case of the information thief called Tesla Agent, who, according to Sophos in a new investigation, has been active for 7 years and continues to be a significant threat .
Agent Tesla spreads through malicious spam emails to steal information from web browsers, email users, virtual private network users, and other programs that store usernames and passwords. It is capable of capturing keystrokes while users are typing, for example entering a password, and of recording screenshots to access information on the user’s screen. In the most recent version identified by Sophos, the information thief uses the Telegram messaging service to communicate with the agents who are carrying out the cyber attack , as well as the use of Tor(system that allows access to the dark web) to hide movements such as the extraction of stolen data. Furthermore, this malware tries to block security protections by altering the software code.
” The Tesla Agent malware has been around for more than seven years, but it is still one of the most common threats to Windows users”, said Sean Gallagher, Senior Security Researcher at Sophos. The most common form of access for the Tesla Agent is through malicious spam attachments . Most importantly, the email accounts from which it spreads are often legitimate accounts that have been compromised by cybercriminals. That is why both companies and users should, as always, be very careful with email attachments from unknown senders and check attachments before opening them.
For all this, it is necessary to raise awareness among users and companies and have the necessary mechanisms to make a safe and positive use of the network. Sophos carries out this mission of cyber protection for users and companies, offering at Safer Internet Day the following recommendations to review our online security practices and be protected against these types of cyber threats:
– Protect websites . If you are a company or a business and have recently implemented online channels, it is important to secure the website that users access, as well as to check the security of the payment methods used. If possible, it is always advisable to have an external and professional opinion assessing the security of the website. There have been multiple cases where botnets are managed from legitimate web pages without their administrators being aware of it, as well as other pages that try to deploy malware on their visitors, with great effect on the brand image.
– Be careful with internet purchases . There are many small actions that users can carry out to make their online purchases as secure as possible, from activating double factor authentication (2FA) for payments or deleting the autocomplete of bank details, to consulting with your bank the way to block your cards in an emergency or not to provide unusual financial information on any website
– Secure the devices with which you access the internet . Check the security policies of the devices, especially if you telecommute from home, since your computer is now part of the corporate network. If doubts arise, it is always advisable to go to your company’s IT and security manager to tell you how to improve your protection. It is also important to check the security of home Wi-Fi connections and make them more secure with small measures such as changing the default password for the Wi-Fi network, to make it difficult for cybercriminals to enter.
– Monitor emails from unknown or unsolicited senders . Many malware attacks through emails impersonate accounts of official organizations or widely used companies, such as banks, courier services or package delivery to gain access to their victims. Check the email address of the senders, do not open attachments or click on links that you have not requested or from unknown senders and, when in doubt, check with the entity or company the authenticity of the email through an alternative route.
– Install a smart security solution that can examine, detect and block suspicious emails and their attachments before they appear in your inbox. Protecting endpoints and home devices will also make Internet use safer.