Phishing is still the number one tactic used by malicious actors to collect passwords and other information. Phishing works because the attacker is able to create an email that is believable and looks realistic. The best ones appear to come from a customer, supplier, coworker or other trusted source, and the content makes sense for your business or personal life. The most successful way to prevent phishing from ruining your day ...
On Monday we investigated five ways that your email account can be used to initiate an cyber-attack against you. Today we finish up this article with another five email attack vectors.
Phishing gets all the press when it comes to email account exploits. This is because phishing is the attack vector for over 90% of all cyber-attacks. But there are other ways that bad actors, cyber-criminals, and state-sponsored cyber-warriors use email that don’t involve phishing at all, and the outcomes of these exploits can be as bad or even worse than phishing. Today and Wednesday we will take a look at ...
Troy Hunt, of HaveIBeenPwned fame, on January 17 reported what may be the biggest data breach ever. Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. That’s right, 2.6 billion rows. 773 million records, from over 12,000 files, with a total size surpassing 87 gigabytes. That’s a lot of personally identifiable ...
Your phone may be ringing soon with a fraudulent call from the “Social Security Administration” about problems with your social security number. The Federal Trade Commission is warning consumers about this fraud. A transcript of a typical call is below.
“…law enforcement agencies to suspend your Social Security number on an immediate basis, as we have received suspicious trails of information in your ...
Continue Reading →
Trojan horse, backdoor, and spyware exploits are back with a vengeance, according to a recent report by cybersecurity firm Malwarebytes. These exploits may seem like old and out-of-date attack vectors, but these tools have been updated and revamped, and are appearing at an alarming rate. Last year, Trojan horse deployments increased by 132%, backdoors increased by 173%, and spyware exploits increased 142%.
Crypto-ransomware and crypto-jacking exploits have been the hot and ...
Continue Reading →You know those surveys, games, and “like and copy” messages that your Facebook “friends” share with you? Would you be surprised to learn that many of these “fun with friends” activities are just cover for a new form of phishing exploit? In the last few years phishing attacks have evolved from a primarily email-based attack into attacks using other vectors including surveys, games, gifts and prizes, and social networks.
Next Monday Jan 28 is Data Privacy Day. According to StaySafeOnline.org, “Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the Jan. 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Data Privacy Day is observed annually on Jan. ...
Ever feel like there should be a 12-step program for your cybersecurity career? “Hello, I’m Bob and I’m a recovering cybersecurity professional.” Doing the same old “defense in depth” stuff and still the barbarians get onto your network and wreak havoc. Remember the definition of insanity? “Doing the same thing and expecting different results.” As with any 12-step program, the first step ...
Every year about this time, cyber-criminal groups start to ramp up for the annual income tax fraud season. If you would prefer to receive your own tax refund, as opposed to letting some scam artist get it instead, the basic solution is to file your returns as early as possible. Here are some things to be watching for.
