Protect Your VPN Credentials
Recently, cyber criminals created fake SonicWall download pages designed to steal VPN credentials from unsuspecting users. Here’s what happened, and how you can protect your business.
What Happened?
- Threat actors set up websites that looked like SonicWall’s official download page
- Users that searched “SonicWall VPN download” on Google clicked these fake pages
- When they tried to download software or enter login info, their credentials were harvested
Users thought they were updating their VPN client but instead gave hackers a direct path into their company network.
Why Is This Dangerous?
If attackers get your VPN credentials, they can:
- Access your internal network remotely
- Install malware or ransomware
- Steal confidential data
- Disrupt your business operations
How to Stay Safe
Always go directly to the vendor’s official website for downloads
- Use saved bookmarks for trusted sites
- Type the official URL into your browser address bar
- Confirm with IT if you’re unsure of where to download the necessary application
Avoid downloading from Google search results
- Attackers use ads and SEO tricks to push fake pages to the top
Verify website security
- Don’t enter credentials on suspicious sites
- Look for HTTPS and correct domain spelling
- Hover over download links and buttons to see a preview of the website address that they are leading you to
Report suspicious sites immediately
- Help your IT team block threats and protect others
Summary
Whether you are searching for a software download like Adobe Reader or SonicWall NetExtender, downloading guitar tabs, or downloading a PDF calendar, it’s important to make sure that the link you are clicking on is valid. It’s also important to remember that searching for free versions of things that are often paid is a risky move – this is a popular way for threat actors to hook unsuspecting victims.
Always go directly to the source when you need to download an application or file, and take care to double-check the website address and the preview links that appear when you hover.