CYBER SECURITY: Beware of New Hacking Method, Says Sophos
TECH DIGEST – A research firm, Sophos, has joined in the call for African mobile money, and internet users generally, to guard their data jealously as fintech growth appears to be astronomical in the continent.
According to Sophos, as data explosion sets to happen in Africa considering the growth in mobile money and other financial services accounts, users in Africa should adopt the method of first considering every mail as a potential threat before opening it.
A report released recently by the company revealed that a new information stealer, Agent Tesla which spreads through malicious email spam is being used to destroy hapless internet users and vulnerable corporate organisations.
Although Sophos says the hacking method is seven-year-old and goes through new phases, it has, however, remained a powerful threat to people. The research firm warned that people should be cautious with email attachments from unknown senders.
According to the company, Agent Tesla steals information from web browsers, email clients, virtual private network clients, and other software that stores usernames and passwords.
It explained that it can capture keystrokes while users are typing, for example entering their password, and record screenshots, so it can see what is on their screen.
It noted that the more recent version of the info-stealer can use the Telegram messaging service to communicate with its operators, as well as a software programme called Tor (that’s very popular on the dark web) to hide activity like the removal of stolen data. It also tries to alter software code to block security protection.
Senior Security Researcher at the company, Sean Gallagher said: “Agent Tesla malware has been active for more than seven years, yet it remains one of the most common threats to Windows users.
“The most widespread delivery method for Agent Tesla is malicious spam attachments. The email accounts used to spread Agent Tesla are often legitimate accounts that have been compromised. Organisations and individuals should, as always, treat email attachments from unknown senders with caution, and verify all attachments before opening them.”
The firm recommended that Information Technology, IT admin checklist for email security should include:
*Installation of an intelligent security solution that can screen, detect and block suspicious emails and their attachments before they reach users.
*Implementing the recognised authentication standards to verify emails are what they claim to be.
*Educating employees to spot the warning signs of suspicious emails and what to do if they encounter one.
*Advising users to double-check that emails come from the address and the person they claim.
*Advising users to never open attachments or click on links in emails from unknown senders.
*Sophos endpoint protection, Intercept X, detects Agent Tesla malware.
Another internet security outfit recently disclosed that out of over one billion mobile money accounts in the global financial technology space, Africa has about 46 per cent of the accounts. The one billion accounts were said to be processing up to $1.9 billion daily, meaning that 46 per cent of that is processed in Africa. The continent is also expected to exceed half a billion accounts before the end of first quarter 2021.