Sign in to my portal
CyberCheck FAQS
The CyberCheck solution is a passive-service, that uses automated, real-time web-domain monitoring to provide businesses with the tools to protect against potential Phishing, Hacking and Ransomware threats.
The platform uses automated analysis methods to seek out and identify potential compromises across a variety of Internet sources. After collecting this data, the service will send an alert notification if any look-alike domains (including SSL certs) and data breaches have been detected.
Exposed Credentials Alert
Some of your company email accounts have been included in a newly discovered data leak. These email accounts are often accompanied by passwords and other personal information which can be used to access your systems
such as email, servers and more.
We constantly search for data leaks across
all parts of the internet (Clearnet, darknet and
deep web) and when we find a leak, we automatically cross check your email accounts against
the leak. When we find a match, the notification you have received is automatically sent.
Exposed credentials are common, most people’s email accounts have appeared in multiple data leaks. It is unlikely that this is part of a wider malicious campaign.
Once the details are leaked, it is nearly impossible to take them down. We advise taking the steps below to minimise any impact from this:
1. If a requirement for employees to change passwords on a regular basis is not in place, trigger mandatory password resets for all employees
2. Implement two/multi factor authentication or regular, mandatory password changes
3. If not already implemented, enforce a rule that employees can not use company email accounts for personal use
4. Implement password managers to allow users to easily create unique and secure passwords for different accounts
One of the most common routes for a malicious actor to gain access to systems such as email, servers and more is via ‘credential stuffing’ which relies on the victim having used the same email and password combination (credentials) for multiple
accounts. If the credentials are exposed, these are often tried in various places to gain access. This can give a malicious actor the opportunity to access your systems such as email, servers and more which can lead to a significant and costly incident.
1. If a requirement for employees to change passwords on a regular basis is not in place, trigger mandatory password resets for all employees
2. Implement two/multi factor authentication or regular, mandatory password changes
3. If not already implemented, enforce a rule that employees can not use company email accounts for personal use Implement password managers to allow users to easily create unique and secure passwords for different accounts
Impersonation Alert
Someone has registered a new website or activated an existing one which seems to closely resemble your brand. This is commonly an attempt to target your customers and/or employees designed to dupe them into submitting their details for the purposes of crime such as to gain access to your systems or to defraud the victims.
We constantly cross check your brand against all newly registered domains and SSL certificates looking for matches to your brand, including typos and variations.
When we find a match, the notification you have received is automatically sent.
If you are seeing this alert happening more than three times in a month, this is likely part of a sustained campaign to target your brand.
We have already actioned a takedown of the relevant website and no further action is required.
Typically, these websites are linked to an email campaign or paid for advert targeting your customers and/or employees designed to duping them into submitting their details for the purposes of crime such as to gain access to your systems or to defraud the victims. Although it is not your company committing the crime, many victims report losing faith in the actual business after an incident. If you employees submit their login details, this can give a malicious actor the opportunity to access your systems such as email, servers and more which can lead to a significant and costly incident.
Although identifying and taking down the websites as they are registered is a fantastic approach, we also recommend educating your customers and employees on how to spot phishing emails.
Often, companies commission ‘phishing simulation’ tests on their employees to test their resilience to fraudulent emails (phishing emails).
Disclaimer:
Zen does not guarantee that this service (whether supplied by Zen or a third party) will detect, obstruct and/or prevent any viruses, trojans, worms, denial of service attacks or unauthorised access to the Customer’s network and/or computer system.
