The threat of cybercrime continues to evolve, encompassing a vast range of criminal activity that affects individuals and organisations alike. We have seen a rapid increase in the use of social engineering to deceive and manipulate individuals into divulging private and confidential information online and it is important to ensure you take the necessary steps to avoid falling victim.
One of the most common forms of social engineering is the use of malicious hyperlinks – clickable links from hypertext documents which direct users to fraudulent locations, often in the form of web pages. By using ‘website spoofing’ and disguising as a genuine website, these malicious links can be used to capture your personal details including passwords, personal and financial information.
Criminals might also use these links to download malicious software (known as malware) to your device, capable of stealing private data, compromising your organisations network, disrupting operations and causing significant long term financial and reputational damage.
Caption: Through a technique called “email spoofing” criminals can fake where an email was sent from.
Here are several steps you can take to avoid falling victim to criminals using malicious hyperlinks:
- Beware of emails which pressure you to act quickly. Stop and take a moment to think.
- Identify the hyperlink location. By hovering your mouse over the hyperlink, without clicking, you can reveal it’s intended location which may be different to the location displayed in the text.
- Utilise a Security Operations Centre (SOC).
Caption: By hovering your mouse over the hyperlink, you can see where it will take you.
Caption: Whilst the text might provide one location, a hyperlink could take you to a different, unexpected location.
At Systal, our Security Operations Centre (SOC) can help you proactively detect, defend against and respond to cyber-attacks including those that utilise social engineering and malicious hyperlinks. We use a combination of measures including continuous monitoring, analysis of suspicious and identified links, utilisation of up-to-date threat intelligence platforms, and regular recommendations to internal information technology teams for malicious hyperlinks to block.
Whilst avoidance is the best solution, some organisations do fall victim to cybercrime. When this happens, it is important to identify and minimise the disruption and impact to your organisation and customers. Systal’s Digital Forensics and Incident Response (DFIR) team can assist by conducting an in-depth investigation into cyber attacks allowing you to identify affected devices, a safe backup point to restore operations with minimal disruption, and the impact of the incident and any potential risks it may pose.
Malicious hyperlinks are a dangerous but avoidable cybersecurity risk which can have catastrophic outcomes for you and your organisation. Thankfully with investment in the right knowledge and tools, you can prevent this risk and the associated financial and reputational damage.
Contact us to find out how Systal Technology Solutions can assist you in keeping your organisation secure.
Calum Baird is a Digital Forensics and Incident Response Consultant within the Cyber Security Incident Response Team (CSIRT) at Systal Technology Solutions. He has over 9 years law enforcement experience which included compiling technical reports and presenting evidence at court within the Digital Forensics Unit before moving to Cybercrime Investigations – a department specialising in the investigation of cyber dependant crime, network intrusion and ransomware.
Contact Systal's Experts