Too Legit – The DocuSign No Malware Phishing Exploit

You or your CFO receive an email offering business capital at attractive interest rates.  The company that sent you the offer has provided an application for the loan using the legitimate document presentation platform, DocuSign.  Everything looks legit, and it is.  No fake web pages or near-miss web addresses.  But this is the latest in “no malware” phishing scams.

Filling out the form will give ...

Continue Reading →
0

Common Phishing Subject Lines

Phishing is still the number one tactic used by malicious actors to collect passwords and other information.  Phishing works because the attacker is able to create an email that is believable and looks realistic.  The best ones appear to come from a customer, supplier, coworker or other trusted source, and the content makes sense for your business or personal life.  The most successful way to prevent phishing from ruining your day ...

Continue Reading →
1

It’s Not Just Phishing – Other Ways Email Is Exploited – Part 1

Phishing gets all the press when it comes to email account exploits. This is because phishing is the attack vector for over 90% of all cyber-attacks.  But there are other ways that bad actors, cyber-criminals, and state-sponsored cyber-warriors use email that don’t involve phishing at all, and the outcomes of these exploits can be as bad or even worse than phishing.  Today and Wednesday we will take a look at these ...

Continue Reading →
0

Watch Out For Social Security Scammers

Your phone may be ringing soon with a fraudulent call from the “Social Security Administration” about problems with your social security number.  The Federal Trade Commission is warning consumers about this fraud.  A transcript of a typical call is below.

“…law enforcement agencies to suspend your Social Security number on an immediate basis, as we have received suspicious trails of information in your name. ...

Continue Reading →
1

The Old is New Again – Return of the Trojan Horse

Trojan horse, backdoor, and spyware exploits are back with a vengeance, according to a recent report by cybersecurity firm Malwarebytes.  These exploits may seem like old and out-of-date attack vectors, but these tools have been updated and revamped, and are appearing at an alarming rate.  Last year, Trojan horse deployments increased by 132%, backdoors increased by 173%, and spyware exploits increased 142%.

Crypto-ransomware and crypto-jacking exploits have been the hot and sexy ...

Continue Reading →
1

Phishing – Not Just For Email Anymore

You know those surveys, games, and “like and copy” messages that your Facebook “friends” share with you?  Would you be surprised to learn that many of these “fun with friends”  activities are just cover for a new form of phishing exploit?  In the last few years phishing attacks have evolved from a primarily email-based attack into attacks using other vectors including surveys, games, gifts and prizes, and social networks.

Continue Reading →

0

Data Privacy Day

Next Monday Jan 28 is Data Privacy Day.  According to StaySafeOnline.org, “Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the Jan. 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Data Privacy Day is observed annually on Jan. 28.

The ...

Continue Reading →
0

Securing Your Social Network Accounts

One of the worst things that can happen to you online is when someone hijacks one of your social network accounts.  When unauthorized bad-actors get your Facebook or Twitter password, they can use your account to impersonate you, and to send all sorts of friend requests, share requests, spam, and posts with click-bait links that can lead your friends to web pages that will steal their information or silently download and ...

Continue Reading →
0

Your Location is For Sale

I have written before about how our smartphones are ratting out our location, using GPS and even just cell tower location information.  The New York Times recently published a story that followed a woman throughout her day and discovered that her location was collected over 8000 in a single day.  From the location database they purchased from a location data broker, they were ...

Continue Reading →
0

EMV Cards Not Preventing Card Data Theft

The implementation of EMV (Europay, Master Card, Visa) or “chip” cards have not reduced the instances of credit card theft in the US.  The reason:  WE ARE DOING IT WRONG!!  I have been writing about the late implementation of EVM for years, and complaining about the “chip and sign” method we are using in the United States, vs. the much more secure “chip and PIN” method used in Europe, where they ...

Continue Reading →
0
Page 3 of 50 12345...»