Email Account Hijacking – Part 3 Extending the Exploit

On Monday and Wednesday we looked at email account hijacking, how it happens, and what can happen after the account is controlled by an attacker.  Today we will see how an attacker could use the beachhead they established in your email account to extend their intrusion.

They have already proven that you are susceptible to phishing and other social engineering exploits.  So sending the victim other phishing emails that allow more access ...

Continue Reading →
0

What Can I Do With A Hijacked Email Account? Part 2

On Monday we opened this discussion about hijacked email accounts, and showed some examples of the phishing tricks that attackers use to get you to reveal your email password.  Today we will explore the many useful and profitable exploits that a compromised email account offers a cyber-criminal or other attacker.

I consider email account compromise to be one of the most personally harmful cyber-exploits.  When another person has access to your ...

Continue Reading →
0

What Can I Do With A Hijacked Email Account? Part 1

Let’s say I just hijacked your email account.  What can I do with it?

First thing, a hijacker would not announce his or her presence in your account.  Staying undetected is important so you do not change your password.  Depending on what the attacker is doing with your email account, there is a significant probability that you would not know your account was compromised for several days, weeks, or even years!

In ...

Continue Reading →
0

Smartphones Need Security Too

When a smartphone is stolen, it is a disaster.  You have just given the keys to your online life, your email, social media accounts, and credit cards you have synced with an app.  If you have the new smart locks on your home or office, you also gave them literal keys, the ability to open those locks.  If you have live camera ...

Continue Reading →
0

The War for Your Inbox

I recently gave a presentation titled “Email Security – Resist That Click” on May 23 2017 at the Phipps Theatre in Hudson WI.  This event was sponsored by First State Bank and Trust of Bayport MN.  I was also asked to present this topic at the MnCCC Conference (Minnesota Counties Computer Consortium) in Alexandria MN on Wednesday June 7, 2017.  This presentation was titled “The War for Tour Inbox.”

First State Bank and Trust had my presentation video recorded, and it ...

Continue Reading →
0

Report and Recover from Identity Theft with New FTC Service

Identity theft is a crime that can take years to recover from.  One of the early problems for an identity theft victim has been the requirement to file a police report.  Many police departments do not devote much effort to identity theft, so sometimes getting the police to actually create a report and provide you with a report number can difficult.  If ...

Continue Reading →
0

How Do You Know If Your Identity Was Stolen?

Identity theft can be devastating, and painfully hard to resolve.  It can have negative effects on your credit rating.  It could result in you being arrested for an open warrant on charges for a crime committed by the person who is using your identity.  Identity theft occurs in different ways.  Sometimes is is part of an online scam that may start with ...

Continue Reading →
0

The Google Docs Hoax: What Have We Learned?

It has been a couple of weeks since the Google Docs hoax spread across the Internet like wildfire.  What have we learned about this exploit?

Originally this appeared to be a phishing campaign, but phishing emails are spoofed clever replicas.  These emails were the genuine article, and were sent from Google mail servers, from the hijacked Google accounts of people you were likely to know.  This made the exploit difficult to ...

Continue Reading →
0

FBI: Lottery Scammer Pleads Guilty

Back in December we wrote about FBI Operation Hard Copy in order to warn our readers about telemarketing lottery scams and how they work.  Recently, the FBI reported that one of the people arrested in that operation had plead guilty to one count of wire fraud.

According to the FBI:

Ronald John Mendleski, 72, of Bokeelia, Florida, pleaded guilty to one count of wire fraud before U. S. Magistrate ...

Continue Reading →
0

Russian Bot-Herder and Spammer Pinched By FBI

Russian cyber-criminals are hard to arrest, because there is no extradition treaty between the US and Russia.  The Russian government allows them to prosper as long as they do not attack anything in Russia.  The Russian government also contracts with these criminal groups when they need some state sponsored hacking done, a la Grizzly Steppe.   In Russia, these guys are considered to be just very successful business men. They have ...

Continue Reading →
1
Page 10 of 15 «...89101112...»