Russian cyber-criminals are hard to arrest, because there is no extradition treaty between the US and Russia. The Russian government allows them to prosper as long as they do not attack anything in Russia. The Russian government also contracts with these criminal groups when they need some state sponsored hacking done, a la Grizzly Steppe. In Russia, these guys are considered to be just very successful business men. They have achieved ...
Yes, I have. A “breach” is an computer security incident where a website’s data has been illegally accessed by cyber-attackers and released publicly.
I know that my main email account has been compromised in the past, and used for sending Spam, because my hosting provider disabled my email account and hosting account until I had an opportunity to change my password.
I know that all my websites are under continuous automated password guessing attack, ...
Continue Reading →
We heard about a new twist all the Income Tax refund scam that is popular with cyber-criminals this time of year. A March 27th email from the Minnesota Society of CPAs, warns about a scam that is appearing on the east coast, but could spread anywhere in the US.
Continue Reading →“…the email scam claims a tax preparer has been victimized [or breached] and asks users to open a ...
Social networks are a tremendous source of personal information leakage. Actually, more like a waterfall. As we learned in the last post, attackers use social networks to perform reconnaissance against their chosen targets. Since few of us are going to delete all our social network accounts and move of the grid, we have to find a way to live ...
Certain personal records are a gold mine for cyber-criminals and identity thieves. Highly targeted personal information include your medical records, tax information, social security number, driver’s license, and even odd bits such as utility bills, and retail or airline loyalty rewards points. Any of this information can be sold on the Dark Web, or used directly to get free ...
Almost all cyber-crime is about making money for the crooks. Often this involves stealing valuable information that can be sold. But many criminal gangs are going straight for the cash, and often this involves bank and financial account fraud or financial account access.
Below we have a list of strategies you can use to protect your financial resources.
Believe it or not, two out of three people in the United States have had their personal information stolen by cyber-criminals. The likelihood is that this has already happened to you, and if not, it will happen eventually. And if it has happened, it will probably happen again. Why is this?
Even if you never click on a phishing email, ...
Continue Reading →
2017 is promising to be another difficult year for cyber-defenders who are protecting company and government networks from attack. Here are what I think will be the top attack vectors this year.
Business Email Compromise
CEOs and other C suite officers will increasingly be targeted for email account hijacking. This is an easy exploit to run because high ranking employees and officers often ...
Continue Reading →
I will start out by admitting that I hate Domain Privacy. But I just read a story in Naked Security on February 9th that is causing me to reevaluate my opinion. It turns out that the new White House press secretary, Sean Spicer, has a personal website at www.seanspicer.com. The website has been turned into a private site, but the WHOIS ...
I read an interesting article on Naked Security the other day about how Hamas had used Facebook and social engineering tactics to trick Israeli soldiers into installing surveillance malware. The malware allowed Hamas to track the soldiers using the phone’s GPS, and to turn on the microphone and video to actually listen in and and watch their targets. Hamas undoubtedly picked up the ...