The Dire Wolf would get on your computer via a phishing link you clicked on that you probably shouldn’t have. It would then sit and wait….and wait….and wait until you logged into your bank account. When you did, the bad guys would reach into your account and steal your credentials. Fairly common right? Here’s where this malware differs. Let’s say you want to make a large- scale wire transfer. You start the process, and a prompt would pop up from your bank indicating there was a problem with your account and that you need to call the bank immediately along with the number to the fraud department. You call, and go through all of the security prompts verifications and checks. The problem is you’re not talking to the bank; you’re talking to the criminals. This organization had built an English-speaking help desk and fake overlays to the legitimate banking site. The execution was so successful, they were moving between $500K to $1 Million per attempt.
How are we going to stop this? Let’s think about a new approach. Think about what happens when a pandemic occurs. The first step is to identify who’s infected, and take steps to isolate and inoculate. From a cyber standpoint, shouldn’t that happen as well? The norm, from a corporate or individual standpoint, is to keep attacks secret. But if we do that, are we helping stopping cybercrimes in its tracks? Are we being open and collaborative?
Maybe it’s time for us to rethink how we react.
https://www.ted.com/talks/caleb_barlow_where_is_cybercrime_really_coming_from/up- next?referrer=playlist-who_are_the_hackers