Cox Communications is one of the largest providers of internet and cable service in the United States. This company is just the latest victim of a hacking attack. The hacker gained access the company's servers by pretending to be a member from Cox Communication's Customer Support group. Details are still sketchy at this stage as the investigation is ongoing.

The breach notification statement for the company reads:

Cox discovered that an unknown individual had taken the identity of a Cox agent, and gained access to small numbers of customer accounts. We launched an internal investigation immediately, secured the customer accounts and informed law enforcement.

Further investigation revealed that an unknown person may have seen certain information in your Cox customer accounts, including your name and address, phone number, Cox account numbers, email addresses, username, pin code, account security question, answer and the types of Cox services you receive.

The hacker has not yet been able to access the exact number. Given the above, Cox customers should change their passwords and security questions at least once a year.

Even though payment card information regarding impacted accounts wasn't specifically mentioned, it is important to monitor any payment cards that you have linked to your Cox account to ensure safety.

It's also worth noting that Experian Identity Works is being offered a free year to all customers who have been impacted. This program is designed to monitor credit reports and identify fraudulent activity.

Although we wish that this would be the final major breach of the year, it is almost certain not. Be vigilant. It can be dangerous out there.

Could this happen to you? If have any doubts, contact Integrated Technology Systems for an in-depth evaluation of your systems.

New Emotet Malware Found A New Way To Distribute

data breachEmotet is a highly-feared strain of malware. It has infected a wide range of targets around the world by its creators. It is a serious threat. The Emotet group has just increased the threat. Researchers recently discovered that malware is being distributed through a new channel.

This malicious Windows App Installer appears to be an innocent Adobe PDF reader. Windows App Installer is an integral feature of Windows 10 and 11. Users can infect their systems by clicking attachments in email messages that trigger the App Installer.

Emotet prefers a "conversation-in-progress" approach to communication. A crafted email already contains several replies. It appears at first glance that the email recipient and the person who sent it have been in conversation about something. The "most recent" reply contains a PDF file and a variation of "please See Attached".

The malware is installed when the recipient clicks on the file. This completely bypasses most malware or AV software as the recipient has made a conscious decision that they want to open the file.

This campaign is extremely well-constructed. The Adobe Acrobat components that were attached and the prompts that followed appear legitimate, down to having an official company icon as well as a certificate certifying it to be a trusted application. If the user examines the email that contains the attachment, there is no reason to believe there are any problems.

This is exactly what hackers count on. They understand that people may not be able to read the entire email and click on the link to find out more.

These types of shenanigans can be avoided by being vigilant and mindful. Properly training your staff on what to look for is imperative. Integrated Technology Systems can train your employees on how to stay cyber safe. Contact our team today to schedule a review of your cyber practices.