Threat Watch Alert: Spoofing

Havoc Shield has identified a recent security threat. Refer below for the latest vulnerabilities along with recommended action steps.

Security Threat: Our security scanning picked up a recent uptick in phishing email strategy that leverages a companies lack of email authentications called spoofing.

Recommended Action: Update your domain authentication records following the steps below to ensure you have correctly authenticated your domain.

Check if your domain has authentication vulnerabilities: 

• Open the link to open a Domain Message Authentication Record & Conformance (DMARC) authenticator
• Type in your companies domain name (i.e. @havocshield.com)
• If your DMARC record is not found or you would like to edit your DMARC records to match that of the security experts, please follow the steps
• Update your company's DMARC records to best in class standards in order to stop spoofing emails.

What to do now:

Patches are released for operating systems, and patching your device ensures these vulnerabilities are fixed so that hackers cannot gain access.

What is email spoofing?

Spoofing is a type of phishing attack that leverages your company's lack of authentication inside of your domain. Without authentication, attackers are able to send emails that would seem to come from inside of the company. 

Spoofing example:

If DMARC records for Havoc Shield domain were not updated, then you could receive an email from a malicious attacker with the email hmoesta@havocshield.com. This malicious email may request that you update personal data, such as updating a company's card on file. However this email was not really sent from hmoesta@havocshield.com but instead sent form someone spoofing this email. Since the email looks to be legitimate, it can be challenging to catch these types of attacks.

This above example will not happen as Havocshield.com is correctly configured with DMARC records.

How can you fend off these attacks?

In order to combat these types of phishing attacks, verify that your company's DMARC records are updated. Refer to the directions linked here. 

Need additional help? 

• Sign up for a free 14 day trial for immediate access to our cybersecurity platform and portfolio of best in class cybersecurity tools.
• Ready to upgrade your account? Reply directly to this email with any questions or book a meeting
• Don’t have the bandwidth to roll out Havoc Shield’s cybersecurity tools? Consider upgrading to our Managed Plan. As part of the managed plan, our team rolls out all cyber tools across your fleet as part of a white glove implementation. If interested in upgrading, simply reply to this email for more information.