The Case of the Unfortunately Titled Spambot "Onliner" and the Real Onliners Fighting It

Written by Steve Levinson | Sep 1, 2017 3:56:21 PM

Earlier this week a new spambot emerged, targeting no less than 711 million email addresses. Basically, the spambot delivers malware called Ursnif into the victim's inbox and is capable of stealing personal information such as login details, passwords, and credit card data.

The name of this spambot, “onliner”, is a touch disappointing, a bit ironic, and of course has no relation to us whatsoever. At Online, our team (our employees) are known as Onliners.

The real Onliners are made up of a group of highly talented people who are dedicated to helping companies transform their businesses and run more securely. We are proud of the title Onliners and everything that it represents (#onlinerlife). Onliners from our Risk, Security, and Privacy practice work with our clients every day to implement right-sized security strategies to fight cyber miscreants and spambots just like this one. While we might not care for the name of this latest spambot, when new threats emerge, we know who to turn to for guidance – we ask an [real] Onliner.

"Ultimately, attackers are finding that the easiest vulnerability to exploit is our trusting and helpful nature," said Jay Smith, Onliner and Security Consultant with Online. "We've known about this 'vulnerability' for years, but it's not something that can be fixed with a software patch. It's something that involves developing a healthy sense of skepticism, and that takes time and practice."

According to Smith, the most important steps someone can take to protect themselves from threats such as spambots are:

Don't underestimate the complexity of modern phishing attacks. We're past the days where we could identify malicious emails based upon poor spelling and dubious connections to Nigerian royalty. Thanks to social networking sites like LinkedIn and Facebook, attackers can learn a lot about you based on your email address alone, and they will use that information to tailor their attacks against you.

Understand the limitations of modern antivirus software. Just because your antivirus solution doesn't flag an attachment as unsafe, doesn't mean it's safe. While antivirus software has become more sophisticated over time, it can still easily be fooled by threats that it hasn't seen before as it is ‘signature based’.

When in doubt, don't click on the link and don't open the attachments. Just don't. Even if it seems urgent, find another way to verify that the email is legitimate, even if that means picking up the phone and calling the alleged sender.

If you have been the victim of a spambot or just want to protect yourself from cyberthreats such as these in the future, please feel free to contact us here and a real Onliner would be happy to help you!