Author Archives: Carol

Green Radar 聯手 Microfusion全方位守護企業網絡安全

釣魚電郵暴增，企業面臨極大風險！
企業遭受的網絡攻擊日益嚴重，尤以釣魚電郵為甚。釣魚電郵攻擊漸趨勢「本地化」，偽裝港鐵、PayMe甚至香港政府等常見品牌，企業容易受騙。隨著遙距營商擴大，電郵及端點成為主要攻擊目標，釣魚電郵威脅大幅上升。調查顯示，56%企業受過外部網絡攻擊，其中釣魚電郵及電郵詐騙激增，各行業均深受其害，尤以金融、零售、科技資訊等屢次中招。企業迫切需要提高電郵安全意識，防範極具威脅性及日益複雜的釣魚電郵攻擊，以守護業務安全。

電郵安全領先技術 – grMail
Green Radar的主打產品 grMail 以獨特的人工智能引擎 aidar™ 為核心，24/7 不斷學習全球與本地的威脅情報釣魚電郵、勒索及垃圾郵件等，會進行精密的二次清洗隔離，全天候確保客戶所收到的郵件毫無安全疑慮。這種全天候的郵件安全保護，為企業提供了可靠的安全屏障。
除了強大的人工智能監控外，grMail更借助雲端沙盒技術，系統會將有可疑的郵件送至雲端沙盒，企業可遠程檢查附件，極大降低了企業受到入侵風險的可能性，同時快速阻隔各種風險並將安全郵件即時傳遞給客戶。Green Radar 在香港及新加坡設有安全監控中心（SOC），可隨時協助企業客戶應對各種郵件帶來的挑戰與問題。Green Radar 亦提供持續性培訓－grAssessment （釣魚演習）以及企業管理智能解決方案－grKey，更進一步提升了企業的網絡安全意識和資源管理效率。

中小企業首選：「保安即服務」輕鬆解決資源壓力！
「保安即服務」（Security-as-a-Service）這項新型網絡保安方案不僅提供頂級的網絡安全專業知識和技術，全面保護電郵及終端，還有專人負責維護及更新，解決企業人手資源短缺問題，是中小企業的最佳選擇。Green Radar的grMail更推出經濟實惠的郵箱數量收費計劃，享受企業級電郵保護及技術支援。效率更高、成本更低，解決網絡保安上的各種難題，成為中小企業的新寵。

Green Radar聯手宏庭科技全方位守護企業網絡安全
宏庭科技憑藉超過十年的產業經驗與多元原廠雲端技術資源，提供客製化的雲端安全解決方案，依照企業生態與需求彈性部署。以Google Cloud Platform為例，身為Google Cloud菁英合作夥伴，我們提供針對GCP的多重資安解決方案。例如，Cloud Armor作為網路應用程式防火牆(WAF)，能有效阻擋L7攻擊、XSS和SQLi等威脅，配合企業級的分散式阻斷服務(DDoS)達到最佳防禦效果。此外，我們也提供Security Command Center、reCAPTCHA Enterprise、Chronicle、BeyondCorp、Cloud IDS等多重雲端資安解決方案，全方位保護企業免於惡意攻擊和資安威脅。結宏庭科技的雲端專業經驗與Green Radar全球領先的郵件安全解決方案，為企業提供一站式的網路安全服務，確保業務運作安全無虞。

完整文章：Green Radar x Microfusion_Article

Green Radar 公佈2023年上半年季電郵威脅指數 ChatGPT助黑客降低釣魚成本GR以AI領先一步

(香港，2023年7月25日）劍達（香港）有限公司（「Green Radar」或「公司」）發表 2023 上半年的電郵威脅指數 Green Radar Email Threat Index（「GRETI」或「指數」）。指數顯示為 62.1分（上季為64.3分），反映電郵威脅風險較上季下跌，但風險級別水平維持在「高」。與去年同期相比，Green Radar觀察到每封電郵的整體攻擊量增加了1%，表明整體的攻擊量相對穩定。然而，實際上的攻擊量絕對增長率增加了86%，這是一個不容小覷的數字也解釋了GRETI指數的下跌。在這個數字中，未知攻擊（Unknown Attacks）/零日攻擊(Zero Day Attacks)與去年同期相比增加了33%。

報告發現，ChatGPT的興起為黑客製作釣魚電郵和假網站提供了便利，使黑客更活躍發動網絡攻擊。加上臨近暑假，黑客看準時機假冒旅游預訂網站騙取信用卡兼個人敏感資料。 Green Radar 的電郵安全監控中心（SOC）攔截了不少相關的釣魚電郵，大部分以信用卡使用情況有「可疑」為由釣魚。

LinkedIn成最常假冒品牌第一 DocuSign首次上榜

根據上半年的GRETI 數據，商業電郵詐騙(BEC)攻擊較上季微跌。Green Radar SOC 統計數據顯示最常被冒充的三大品牌包括：LinkedIn、微軟和恆生銀行；排行第四和五的分別是Facebook和DocuSign。相信Facebook榜上有名大家已見慣不怪，而第一次出現的DocuSign很值得留意。DocuSign成立於2003年，是一家來自美國的電子簽名服務提供商，提供基於雲的電子簽名平台，幫助企業或用戶在線上快速創建並獲取合法有效的電子簽名。黑客利用非法手段竊取其客戶電郵地址後，偽造了一個假域名“DocuSgn”（比DocuSign少一個字母i），並偽裝成財務部門的發票向用戶發出惡意電郵，由於郵件標題及內容均使用DocuSign的品牌標識，輕易獲取了用戶信任。因此用戶一不留神便被誘使點擊含有惡意代碼的word文檔。如沒有強大的電郵保安措施，企業的内部資料會輕易受到黑客攻擊，造成損失。

（黑客假冒DocuSign示意圖）

十大惡意軟件家族排行榜的第一位是HEUR:Hoax.HTML.Phish，第二位是HEUR:Exploit.MSOffice，HEUR:Exploit.MSOffice.CVE-2018-0802則排行第三位，表示這類軟件頗受黑客歡迎，需要多加留意。

黑客看準時機設計釣魚陷阱

疫情放緩加上旅游業復蘇，黑客看準時機假冒旅游預訂網站向其客戶發送釣魚電郵。根據 SOC提供的booking.com釣魚案例可見，黑客透過盜取用戶的網絡交易資料假冒「網站」以信用卡使用情況有「可疑」並會取消預訂為由實施釣魚詐騙。黑客善於操縱心理，利用用戶收到電郵後的不安情緒逐步讓對方落入自己所設下的陷阱，誘使收件人點擊假網站的連結以盜取其個人及信用卡資料；黑客在電郵中提到「此通知將在72小時後失效」和「booking.com不會向您發送電郵或……驗證你的賬戶密碼或銀行信息」等字眼獲取信任和增加迫切性。只要小心閲讀，便會發現電郵内容是自相矛盾的，一方面讓用戶點擊連結一方面提醒切勿點擊連結。

在此提醒大家在點擊任何連結前請三思，因爲很可能在幾秒鐘的時間内識別到黑客的漏洞從而避免損失。所以，了解釣魚威脅並進行適當的釣魚意識評估和演習必不可少，尤其是當黑客針對性地向企業出擊，提早預防可以消除潛在威脅，大大減少資料外洩、勒索程式及詐騙的風險。Green Radar的grMail 和grAssessment（釣魚意識演習）可為企業提供最適切的電郵解決方案，增加員工對電郵威脅的了解，成爲你企業的把關者。

（黑客假冒booking.com的釣魚電郵例子）

Green Radar 服務營運執行副總裁李祟基先生表示：「網絡犯罪活動越趨頻繁，而且ChatGPT的出現無疑為黑客提供便利，只要巧妙運用字眼便可以利用ChatGPT編寫釣魚内容。所以，選用優質的電郵保安服務供應商是保護企業的第一道防綫，强化企業保護屏障。針對未來發展，我們會不斷優化grMail的技術水平，以自家研發的AI(aidar^TM)去調整並提升全球及本地威脅情報、監控及攔截能力，緊貼用戶防衛需求。」

如欲了解更多電郵威脅最新情報，歡迎點擊下載 2022 Q4 GERTI：Green Radar_1H 2023 GRETI Press Release_CN

(25^th July 2023, Hong Kong）Green Radar (Hong Kong) Limited (“Green Radar” or “Company”) has released the Green Radar Email Threat Index (“GRETI” or “Index”) for the first half of 2023. The index for the first half is 62.1 (the index released for 2022 was 64.3), the index reflects a moderate decrease compared to the last assessment, though the overall risk level remains ‘High’. Compared to the same period last year, Green Radar observes an 1% increase in overall attack volume per email, showing that the overall attack volume is relatively stable. However, in actual terms the absolute increase in attack volume was 86% year on year and is a significant number. Of this volume, the Unknown / Zero Day attacks had increased by 33% vs the same time last year.

The rise of ChatGPT and other AI tools have facilitated hackers to create phishing emails and fake websites more efficiently, thereby lowers the barrier in launching cyber attacks. In another showing of hackers executes timely attacks, to the summer and holiday season promotions were impersonated with fake travel booking emails and websites to defraud credit cards and personal sensitive information. Green Radar’s Email Security Operations Center (SOC) intercepted many related phishing emails, most of which were phishing on the grounds that the credit card usage was “suspicious”.

LinkedIn ranks no. 1 for most impersonated brand, DocuSign on the list for the first tim

According to GRETI statistics in this first half, business email compromise (BEC)attacks recorded a slight decrease over the same period last year. Though that is not to say that the threat is lessening, the top three most frequently counterfeited brands include: LinkedIn, Microsoft and Hang Seng Bank, with Facebook and DocuSign being the fourth and fifth respectively. It is no surprise that Facebook is enlisted, but DocuSign which debuted on the list is worth noting. Founded in 2003, DocuSign is an electronic signature service provider from the United States. It provides a cloud-based electronic signature platform to help enterprises or users quickly create and obtain legal and valid electronic signatures online. Hackers used illegal means to steal their customers’ email addresses, forged a fake domain name “DocuSgn” (one letter i less than DocuSign), and disguised themselves as invoices from the financial department to send malicious emails to users. Using DocuSign’s brand identity, it is easy to gain the trust of users. Therefore, users are tempted to click on the word documents containing malware without paying attention. In the absence of strong email security solution, this could bring loss to enterprises as their internal data could then be easily hacked.

HEUR:Hoax.HTML.Phish ranks first on the list of top ten malware families, with HEUR:Exploit.MSOffice the second. HEUR:Exploit.MSOffice.CVE-2018-0802 places third. Such ranking indicates that the software is popular among hackers and enterprises should pay more attention to it.

Hackers saw the right time to design phishing traps

With the easing of the epidemic and the recovery of tourism, hackers took advantage of the upsurge to send phishing emails to customers by impersonating travel booking websites. In the phishing case of booking.com, hackers defraud users of their online transaction information and impersonate “websites” to carry out phishing scams, claiming that the credit card usage was “suspicious” and the reservation would be cancelled. Riding on mental manipulation and users’ anxiety after receiving these emails, hackers induce users to fall into their trap gradually by luring recipients to click on fake website links to steal their personal and credit card information. “This notice will be expired in 72 hours” and “booking.com will not send you an email or… verify your account password or bank details” are used to gain trust and add urgency.

Users should be viligent when responding over any links. It is essential to understand phishing threats and conduct appropriate awareness assessment training for enterprises, who with its ample staff of different levels of cyberthreat awareness are prime targets for hackers and potential returns high and worthwhile. Early preventions can eliminate potential threats and greatly reduce the risks of data leakage, ransomware, and financial frauds. Green Radar’s grMail and grAssessment (phishing assessment services) can provide enterprises with the most appropriate email security solutions, increase employees’ understanding of email threats, and become the gatekeepers of your enterprises.

Mr. Francis Lee, Executive Vice President, Service Operations at Green Radar, said, “Cybercrime activities are becoming more and more frequent. The emergence of ChatGPT undoubtedly facilitates hackers by writing phishing content, as long as they weigh their words skillfully. Choosing a professional email security service provider with good quality builds the first line of defense to protect the enterprises and strengthen their protection barriers. For future development, we will continue to optimise the technical level of grMail, as well as adjusting and enhancing global and local threat intelligence, monitoring and interception capabilities by using our own developed AI (aidar^TM), so as to align with users’ needs to defense.”

For more email threat updates, please click to download 2022 Q4 GERTI: Green Radar_1H 2023 GRETI Press Release_EN

Green Radar 公佈2022年第四季電郵威脅指數 grMail獲Frost & Sullivan認可為電郵安全服務領導者

(香港，2023年2月2日）劍達（香港）有限公司（「Green Radar」或「公司」）發表 2022 年第四季度的電郵威脅指數 Green Radar Email Threat Index（「GRETI」或「指數」）。第四季指數顯示為 64.3分（第三季為68.1分），反映電郵威脅風險較上季適度下跌。根據分析，網絡釣魚和商業電郵詐騙攻擊有所緩和但出現大量且持續的回避攻擊(“evasive attacks”)，因此風險級別水平維持在「高」。今季報告發現，年近歲晚金融服務業繼續是網絡釣魚攻擊活動的目標，黑客以財務部發放年度獎金為由廣撒電郵，利用大衆期待獎金的情緒釣魚。此外，Green Radar 的 grMail 於 2023 年 1 月被市場調研公司Frost & Sullivan 評為香港和新加坡地區電子郵件安全服務供應商的行業領導者，反映了對公司產品在這兩個營運地區在技術水平及複雜程度的認可。

DHL再次升至最常假冒品牌榜首 Apple榜上有名

根據今季GRETI 報告，商業電郵詐騙攻擊較上季下跌。Green Radar電郵安全監控中心（SOC ）統計數據顯示最常被冒充的三大品牌包括：DHL 、微軟和 LinkedIn。另外，滙豐銀行在本季雖未上榜，但SOC 攔截了不少與其相關的釣魚電郵；内容以 “不活躍的帳號警報”為題，誘使用戶點擊連結並激活賬號，進一步盜取用戶的個人資料和憑證密碼。根據SOC統計，在過去的3個月黑客每日發動超過1,000次含有釣魚連結的攻擊，這意味著沒有足夠强大的電郵保安措施，企業便會輕易受到黑客攻擊，造成難以預料的損失。

十大惡意軟件家族排行榜的第一位是HEUR:Exploit.MSOffice.CVE-2018-0802由第三位升至第一位，HEUR: Exploit.MSOffice繼續維持在第二位，HEUR: Exploit.MSOffice.Badur則由第五位升至第三位，表示這類軟件頗受黑客歡迎，需要多加留意。

内部培訓有效應對釣魚危機

了解公司的內部威脅並為員工提供適當的釣魚意識評估十分重要，衆所周知黑客會針對企業最薄弱的環節出擊，而員工正是所潛在的威脅。對企業而言，前述每日超過1,000 次的攻擊，每一個都代表著資料外洩、勒索程式及詐騙的風險。員工由於意外或疏忽而在無意間泄露資料，例如遙距工作時繞過資訊科技保安控制措施和相關的安全設定；黑客可以在未經授權的情況下竊取敏感和機密資料。

由此可見，提升員工的安全意識能幫助員工成爲防禦黑客攻擊的第一道防綫。Green Radar的grAssessment（釣魚意識演習）可為企業度身定做合適的方案，增加員工對電郵威脅的認識，建立安全屏障。據SOC的統計，發現不少客戶在進行第二次的釣魚意識演習後，員工的安全意識提高了至少51%。

Quishing釣魚手法仍肆虐冒充財務部發放年終獎金

根據Green Radar SOC 提供的釣魚電郵可見，黑客善於掌握大衆情緒和心理，乘當時話題之勢出擊。年近歲晚，有近38%的釣魚電郵假借財務部之名發出，黑客瞄準特定群體，製作出具說服力的電郵內容獲利。電郵內附帶載有釣魚網站的QR Code圖片，利誘收件人掃瞄開啟並連結至假網站，帳戶便落入黑客手中。由於QR Code屬圖像檔案，不是所有的保安系統都能偵測。不過，現時市面上已有技術可應對這類攻擊，如Green Radar的grMail AI技術已能夠準確識別電郵的惡意連結、附件和QR Code。

（黑客製作附有QR Code的釣魚電郵例子）

Green Radar 產品營銷執行副總裁李祟基先生表示：「網絡犯罪活動越來越精密，針對商業機構的技倆也越趨成熟，要讓公司有足夠的防禦能力來抵擋電郵攻擊，除了選用卓越的電郵保安服務供應商之外，員工對網絡安全意識的演習也不可或缺。」對於grMail產品獲選為電郵安全服務商領導者，李祟基補充：「Frost & Sullivan的報告是對Green Radar在技術研發方面的重要認可，我們矢志為企業客戶提供最合適及全面的電郵保護方案，不斷優化grMail的技術水平以提升本地威脅情報、監控及攔截能力。」

如欲了解更多電郵威脅最新情報，歡迎點擊下載 2022 Q4 GERTI：Green Radar 2022 Q4 GRETI Press Release_CN

(2nd February 2023, Hong Kong）Green Radar (Hong Kong) Limited (“Green Radar” or “Company”) has released the Green Radar Email Threat Index (“GRETI” or “Index”) for the fourth quarter of 2022. The index for this quarter is 64.3 (the index released in October was 68.1), suggesting that the risk of email threats has moderately decreased. The overall the risk level remains “High” despite the moderation of phishing and Business Email Compromise (BEC) attacks, due to the continuous evasive and high volume of evasive attacks monitored. This report revealed that hackers sent out mass emails at the end of the year, took advantage of the public’s anticipation of annual bonuses and attempted phishing by impersonating companies’ financial departments. The FSI(“financial service industry”) sector continues to be a prime target for phishing attack campaigns. Meanwhile, grMail, the premier product that Green Radar offers to protect organizations against email threats, was recognised by market research company Frost & Sullivan in January 2023 as a leader in email security in Hong Kong and Singapore, reflecting the technological and sophistication of the product in these two operating regions.

DHL reclaims the top spot of the most impersonated brand listing, while Apple debuts its presence with a fifth place

According to the GRETI Q4 report, commercial email scam attacks have decreased compared to the previous quarter. Green Radar Email Security Operations Centre (SOC) statistics showed that the top three most impersonated brands are DHL, Microsoft and LinkedIn. Besides, although HSBC could not reach the top 5, SOC intercepted numerous related phishing emails. Prevalent contents mimicked “Inactive Account Alert”, lured users to click the link and “re-activate” the account, hence attempted to steal their personal information and credentials. According to the Green Radar SOC data, more than 1,000 phishing attacks with hyperlinks were triggered daily, implying that corporates are easily exposed to hackers’ attacks without ample protection from email security solution providers, leading to unforeseen losses.

HEUR:Exploit.MSOffice.CVE-2018-0802 rose from the third place to the top among malwares. HEUR: Exploit.MSOffice remained at the second place. HEUR: Exploit.MSOffice.Badur made its way to the top three from the fifth place, showing that such malware is popular among hackers and more attention is needed.

Internal Awareness training is effective against the phishing crisis

It is essential to understand your company’s internal threats and provide employees with a proper phishing awareness assessment, hackers are known to target the weakest point in a business, and employees are a potential threat. As mentioned before, there were more than 1,000 phishing attacks daily. Every attack represents a risk of data leakage, ransomware and fraud to enterprises. Inadvertent disclosure of data by employees due to accident or negligence, such as bypassing IT security controls and related security settings while working remotely, would allow hackers to access sensitive and confidential information without authorisation.

Therefore, improving employees’ security awareness can equip them as the frontline of defence against cyber attacks. Green Radar’s grAssessment (Phishing Awareness Training) can tailor solutions for corporates, increase employees’ awareness of email threats and fortify the security barrier. According to the statistics of SOC, it is found that after the second phishing awareness training was conducted, employees’ security awareness increased by at least 51%.

Quishing techniques still running rampant, ‘issuing’ year-end bonuses impersonating finance departments

According to phishing emails provided by Green Radar SOC, hackers were adept at manipulating the public’s emotions and leveraging the hot topics in town. By the end of the year, nearly 38% of phishing emails were sent under the guise of the finance departments. Hackers target specific groups and craft persuasive email content for profit.

The email contained a QR Code photo of a phishing website, which lured the recipient to scan and open the link to the fake website. The account would be in the wrong hands if users fall into the trap. QR Code is an image file, which can easily bypass the security systems. Fortunately, there are existing technologies on the market to deal with this type of attack such as grMail’s AI technology, one of the solutions provided by Green Radar, it can precisely identify malicious links, attachments, and QR Codes in emails.

Mr. Francis Lee, Executive VP, Product Marketing at Green Radar, commented, “Cybercrime is getting more advanced, and its tactics against businesses are getting more sophisticated. For the company to have an adequate defence to withstand email attacks, besides choosing an excellent email security service provider, cybersecurity awareness exercises for employees are also indispensable.” Regarding grMail being acknowledged as the leader of email security service provider, he added, ”Frost & Sullivan’s report is an important recognition of Green Radar’s technology research and development. We are dedicated to providing corporate customers with the most tailored and comprehensive email protection solutions, continuously advancing the technology of grMail to enhance local threat intelligence, detection and interception capabilities.”

For more email threat updates, please click to download 2022 Q4 GERTI: Green Radar 2022 Q4 GRETI Press Release_ENG