What is malicious activity?
The Rehive ecosystem handles most security issues automatically but there are some types of malicious activity that clients should be aware of.
The most common attack types to be aware of can be divided into two categories:
These are attacks that use social engineering to execute on their plan. There are many ways that a social attack can be executed but the most common category is Phishing.
Social engineering attacks are specifically relevant to clients and their administration team. These attacks can exploit team members and gain access to disallowed resources, information and even actions. It is a client’s responsibility to ensure their team is educated and prepared to deal with social engineering in the execution of their role.
These are attacks that require some technical implementation to execute. Some examples of technical attacks can be found below:
Automated and botnet attacks
Authentication or authorization attacks
Software vulnerability attacks
What you can do to minimize malicious activity.
There are many ways a client can harden their business against malicious activity, particularly in relation to social engineering:
Frequent awareness campaigns and training regarding social engineering attacks such as phishing, pretexting, baiting, and waterholing.
Reducing team member permissions (on Rehive and other services) to the minimum required.
Enforcing Multi-factor authentication on team members (and end-users).
Providing guidelines on passwords such as using a password manager, using strong/random passwords and never using shared passwords.
Automated and botnet attacks
While Rehive has internal functionality to prevent and reduce the impact of automated attacks, it is always possible for some percentage of automated activity to slip through the cracks.
If you suspect you are experiencing an automated attack (or might be at risk of an automated attack) there are several things that can reduce the possible ramifications:
In the event of a credential stuffing attack, if you require your users to have multi-factor authentication enabled, the risks associated with such an attack are severely reduced. End-user security is the best solution as it can make such an attack pointless.
In the event of user registration spam, while there is normally no incentive for an attack like this, hardening your configuration to ensure that users must pass some minimal KYC (specifically to transact) is normally the best solution. Requiring email or mobile verification can also help. You can safely ignore suspicious users or deactivate them if you wish to further disincentivize continued usage of the system.
The best way to deal with automated attacks is to remove the incentives. Normally the incentives are monetary, which can be resolved via more rigid tier requirements, transaction rules, and limits.
If you are struggling with large amounts of spam, please read the “Getting help” section below.
What Rehive does to minimize malicious activity.
Rehive makes every effort within our power to ensure that we protect against malicious activity. Most of the mechanisms implemented by Rehive are intended to make malicious activity less feasible or functionality impossible via rigid internal processes or technical implementations.
From a technical side, some of the protections Rehive has in place are:
You can find additional notes on Rehive security here.
If you are experiencing any issues related to malicious users and would like to escalate to Rehive support please ensure your query matches the following conditions first:
The guidance provided in this article was applied (where relevant) and did not help.
The issue is persistent and causing service degradation and/or making it meaningfully difficult to administer the company.
You have gathered information showing the activity may be malicious in intent.
For concerns or assistance, contact our support team at firstname.lastname@example.org