Skip to content

擺脫釣魚攻擊! 懷疑中招後的 10 個自救步驟

釣魚郵件已成為犯罪份子竊取個人資料並植入惡意軟件的首選工具,即使是 IT 專業人員,也有可能在片刻之間成為受害者。黑客有時會花費大量的時間去精心策劃,甚至查看目標人物的通訊歷史,使攻擊變得更具說服力。如果您點擊了一封看似無害的郵件中的連結,但隨後感到不安,並意識到可能被欺騙,您應該採取哪些措施呢?

以下是 10 個懷疑中招後的自救步驟

1. 堅守信息保密原則
假設您不小心點擊了來自網上商店的可疑郵件中的連結,此時,最有效的自我防護方法就是保護好自己的信息。千萬不要輸入您的帳號信息或提供銀行帳號資料。如果詐騙者只是在試圖盜取您的數據,那麼您很可能已經成功地避開了他們的陷阱。

2. 立即斷開網絡連接
許多釣魚攻擊可能會使您的裝置受到感染或被黑客遙距控制。為了最大程度地減少損害,您需要立即將您的裝置與互聯網斷開連接。

3. 備份您的數據
即使您已經斷開了互聯網連接,您的數據依然可能受到威脅。建議您備份重要的文件,尤其是敏感的或對您有較高價值的文件,例如相片或影片。

4. 使用反惡意軟件工具進行掃描
在裝置與互聯網仍然斷開的情況下,使用來自可信任的反惡意軟件工具進行全面的掃描。

5. 考慮恢復出廠設定
恢復出廠設定可以將您的裝置恢復到初始狀態,從而刪除所有可能的威脅。但請注意,這將會刪除所有的本地數據。

6. 重設您的密碼
如果您懷疑自己可能已經成為了攻擊的目標,那麼應該立即更改您的密碼。特別是如果您在多個帳戶中使用相同的密碼,這一步驟尤為重要。

7. 聯繫相關人員並報告疑似欺詐行為
如果您已經輸入了銀行或信用卡的詳細信息,或者瀏覽了包含敏感信息的網站,請立即通知銀行或相關機構。

8. 保持警惕,檢查所有異常
黑客可能會試圖更改您的登錄信息、電子郵件地址、電話號碼或其他信息,以便進一步控制您的帳戶。請密切關注您的所有帳戶,尋找任何異常或未經授權的行為。

9. 查驗所有已登錄的裝置
黑客可能會使用其他裝置來登錄您的帳戶。大多數社交媒體平台都會記錄已登錄的裝置信息,因此請查驗並強制登出所有您不認識的裝置。

10. 通知所有可能受影響的人
如果您的帳戶被黑客入侵,那麼您的聯絡人可能會受到攻擊。請通知您的朋友、家人和同事,提醒他們不要點擊來自您的任何可疑連結或附件。

結語

誤中釣魚攻擊可能讓您感到羞愧和害怕,然而網絡安全是一個持續的過程,需要我們時刻保持警惕。每年都有成千上萬人在全球受到這種威脅,只要保持冷靜並遵循上述建議,即可最大程度地減少損失。

 

About Version 2

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

關於ESET
ESET成立於1992年,是一家面向企業與個人用戶的全球性的電腦安全軟件提供商,其獲獎產品 — NOD32防病毒軟件系統,能夠針對各種已知或未知病毒、間諜軟件 (spyware)、rootkits和其他惡意軟件為電腦系統提供實時保護。ESET NOD32佔用 系統資源最少,偵測速度最快,可以提供最有效的保護,並且比其他任何防病毒產品獲得了更多的Virus Bulletin 100獎項。ESET連續五年被評為“德勤高科技快速成長500 強”(Deloitte’s Technology Fast 500)公司,擁有廣泛的合作夥伴網絡,包括佳能、戴爾、微軟等國際知名公司,在布拉迪斯拉發(斯洛伐克)、布裏斯托爾(英國 )、布宜諾斯艾利斯(阿根廷)、布拉格(捷克)、聖地亞哥(美國)等地均設有辦事處,代理機構覆蓋全球超過100個國家。

擺脫釣魚攻擊! 懷疑中招後的 10 個自救步驟

釣魚郵件已成為犯罪份子竊取個人資料並植入惡意軟件的首選工具,即使是 IT 專業人員,也有可能在片刻之間成為受害者。黑客有時會花費大量的時間去精心策劃,甚至查看目標人物的通訊歷史,使攻擊變得更具說服力。如果您點擊了一封看似無害的郵件中的連結,但隨後感到不安,並意識到可能被欺騙,您應該採取哪些措施呢?

以下是 10 個懷疑中招後的自救步驟

1. 堅守信息保密原則
假設您不小心點擊了來自網上商店的可疑郵件中的連結,此時,最有效的自我防護方法就是保護好自己的信息。千萬不要輸入您的帳號信息或提供銀行帳號資料。如果詐騙者只是在試圖盜取您的數據,那麼您很可能已經成功地避開了他們的陷阱。

2. 立即斷開網絡連接
許多釣魚攻擊可能會使您的裝置受到感染或被黑客遙距控制。為了最大程度地減少損害,您需要立即將您的裝置與互聯網斷開連接。

3. 備份您的數據
即使您已經斷開了互聯網連接,您的數據依然可能受到威脅。建議您備份重要的文件,尤其是敏感的或對您有較高價值的文件,例如相片或影片。

4. 使用反惡意軟件工具進行掃描
在裝置與互聯網仍然斷開的情況下,使用來自可信任的反惡意軟件工具進行全面的掃描。

5. 考慮恢復出廠設定
恢復出廠設定可以將您的裝置恢復到初始狀態,從而刪除所有可能的威脅。但請注意,這將會刪除所有的本地數據。

6. 重設您的密碼
如果您懷疑自己可能已經成為了攻擊的目標,那麼應該立即更改您的密碼。特別是如果您在多個帳戶中使用相同的密碼,這一步驟尤為重要。

7. 聯繫相關人員並報告疑似欺詐行為
如果您已經輸入了銀行或信用卡的詳細信息,或者瀏覽了包含敏感信息的網站,請立即通知銀行或相關機構。

8. 保持警惕,檢查所有異常
黑客可能會試圖更改您的登錄信息、電子郵件地址、電話號碼或其他信息,以便進一步控制您的帳戶。請密切關注您的所有帳戶,尋找任何異常或未經授權的行為。

9. 查驗所有已登錄的裝置
黑客可能會使用其他裝置來登錄您的帳戶。大多數社交媒體平台都會記錄已登錄的裝置信息,因此請查驗並強制登出所有您不認識的裝置。

10. 通知所有可能受影響的人
如果您的帳戶被黑客入侵,那麼您的聯絡人可能會受到攻擊。請通知您的朋友、家人和同事,提醒他們不要點擊來自您的任何可疑連結或附件。

結語

誤中釣魚攻擊可能讓您感到羞愧和害怕,然而網絡安全是一個持續的過程,需要我們時刻保持警惕。每年都有成千上萬人在全球受到這種威脅,只要保持冷靜並遵循上述建議,即可最大程度地減少損失。

 

About Version 2

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

關於ESET
ESET成立於1992年,是一家面向企業與個人用戶的全球性的電腦安全軟件提供商,其獲獎產品 — NOD32防病毒軟件系統,能夠針對各種已知或未知病毒、間諜軟件 (spyware)、rootkits和其他惡意軟件為電腦系統提供實時保護。ESET NOD32佔用 系統資源最少,偵測速度最快,可以提供最有效的保護,並且比其他任何防病毒產品獲得了更多的Virus Bulletin 100獎項。ESET連續五年被評為“德勤高科技快速成長500 強”(Deloitte’s Technology Fast 500)公司,擁有廣泛的合作夥伴網絡,包括佳能、戴爾、微軟等國際知名公司,在布拉迪斯拉發(斯洛伐克)、布裏斯托爾(英國 )、布宜諾斯艾利斯(阿根廷)、布拉格(捷克)、聖地亞哥(美國)等地均設有辦事處,代理機構覆蓋全球超過100個國家。

Porsche Holding Salzburg Selects Keepit for Ransomware Protection

Copenhagen, Denmark  – November 09, 2022 – Keepit, the market leader in cloud backup and recovery, today announced that it has been selected by Porsche Holding Salzburg to provide the company with its industry-leading SaaS data backup solution designed to guard against growing ransomware threats. Keepit is the world’s only independent, vendor-neutral cloud dedicated to Software-as-a-Service (SaaS) data protection with a blockchain-verified solution.“We are pleased that our data centers meet Porsche Holding Salzburg’s stringent data storage requirements, and to be the company’s provider for cloud data backup and recovery,” said Frederik Schouboe, Keepit CEO.
Keepit is uniquely positioned in the SaaS data protection market, and we are proud to support Porsche Holding Salzburg as it seeks to defend against the increasing ransomware threats.

Frederik Schouboe Keepit CEO

“More and more companies are being affected by ransomware globally. We were searching for a SaaS solution, and we didn’t want to back up all the data on-premise. By working with Keepit, we now have a solution if a ransomware event ever impacts Porsche Holding,” said Andreas Fackler, system engineer at Porsche Informatik, a subsidiary of Porsche Holding Salzburg. “After researching the SaaS data backup solutions available, Keepit’s user-friendly, transparent backup and recovery process was the most appealing option. Keepit’s per user pricing model makes it simple and cost-effective to manage accounts, and its simple, easy-to-use cloud backup delivered what we were looking for.”Keepit follows the 3-2-1 principle of backup, where 2 copies of data are stored at separate locations, and one copy is backed up in an off-site, private cloud. This principle ensures that each customer’s data can survive any calamity, making it impenetrable to ransomware and accidental deletion. 

Porsche Holding Salzburg is the largest and most successful automotive distributor in Europe. The Salzburg-based company was founded in 1947 and operates today in 22 countries throughout Europe, as well as in Colombia, Chile, China, Malaysia, Singapore and Japan. After migrating from a locally installed, on-premise mail system to the cloud, Porsche Holding sought a scalable, SaaS cloud backup solution that would secure its 30,000 user accounts and safeguard against data loss.

“Keepit’s European-based data centers were a key consideration during Porsche Holding’s research and selection process as we sought a cloud backup and recovery solution,” said Michael Bojko, system engineer at Porsche Informatik.

Additionally, we felt perfectly supported during our quick, one-week onboarding process. We have also been very satisfied with the continuing customer service, as we always get an answer when we have questions. The Keepit team is trustworthy and friendly, and working with them has been a pleasure.

Michael Bojko System engineer at Porsche Informatik

As a software company specializing in cloud data backup and recovery for SaaS, Keepit has more than 20 years of experience in building best-in-class data protection services at scale. Founded in 2007 by data hosting entrepreneurs Frederik Schouboe and Morten Felsvang, Keepit’s primary mission is simple: to help companies around the world protect and manage their cloud-based data.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

How to find OpenSSL 1.1 instances

How to find OpenSSL 1.1 instances

On September 11th, the venerable OpenSSL 1.1.1 reached its end of life date
That means that it will no longer be receiving publicly-available security fixes.
Users without a third-party extended support contract will no longer receive security fixes or updates.

With this end-of-life announcement, no versions of OpenSSL prior to 3.0.0 are publicly supported.

What is OpenSSL?

OpenSSL is a library that implements a large variety of security functionality, including the Transport Layer Security (TLS) cryptographic protocol that underlies most secure protocols on the Internet like HTTPS.
It also provides the cryptographic functionality needed to compute secure hashes, validate certificates, and perform various other critical operations involving cryptography.

(The early versions of TLS were known as the Secure Sockets Layer, hence “SSL” in the name.)

OpenSSL is extremely widely deployed, and is built into or included by default in a large number of operating systems and distributions.
It is present in countless embedded and mobile devices, and is used by the majority of websites on the Internet to secure their traffic.

Despite (or because of) its popularity, numerous vulnerabilities have been discovered in OpenSSL over the years.
Perhaps most famously, the Heartbleed vulnerability, disclosed in 2014, allowed for sensitive memory disclosure.

Are updates available?

OpenSSL 3.0.0 is available and publicly supported until 2026, while OpenSSL 3.1.0 is available and publicly supported until 2025.
A migration guide has been made available to ease upgrades to these new versions.

How do I find older versions of OpenSSL with runZero?

Detecting OpenSSL can be difficult, since it is a library used by countless other software products.
However, runZero’s advanced scanning and fingerprinting is often able to detect the OpenSSL version used by analyzing the telltale features of cryptographic exchanges.

To find services running on your network that use OpenSSL 1.1.1 or earlier, you can use the following query in the runZero asset inventory:

	tls.stack:"openssl=1.1"

Results from the above query should be triaged to determine if they require patching or vendor intervention.

As always, any prebuilt queries are available from your runZero console. Check out the documentation for other useful inventory queries.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×