Catch of the Day – Donald Trump and Mike Pence phishing emails. Beware these official-looking “government” emails.
Chef’s Special – LogMeIn credential harvesting phish.
Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
I would be delighted to accept suspicious phishing examples from you. Please forward your email to ...
Continue Reading →
The video conferencing application Zoom has had it’s share of security related problems lately. Any time they name a cyber-attack after you (Zoom bombing) it’s bound to be a bad thing. Zoom bombing, if you haven’t heard, is the video conference equivalent of photo bombing. Some miscreant sneaks into your meeting and takes over the screen to share some NSFW imagery or hate speech or cat videos.  Zoom meeting videos have also ...
Is your computer technology Managed Service Provider (MSP) the weakest link in your supply chain security program? Are they the easiest point of entry for an attacker? Your contracted tech support provider holds keys to your computer network that are coveted by cyber-attackers. MSPs are commonly targeted by cyber-criminal groups and other bad actors because MSPs have ...
Here is a frightening twist on your typical domain name spoofing. Attackers have found ways to reuse legitimate sub-domains of well know business entities such as Microsoft and other companies to seed phishing email links with authentic sub-domains.
Anyone person or business that has a registered domain name can create any sub-domain they would like on the main domain that they ...
Continue Reading →
I got this email, which is most certainly a phishing email, touting the legitimate anti-malware product SpyHunter. The image of the email is below.
Part of safely working from home is to be aware of these types of approaches, and alerting your IT staff to these before you click to open them. Do not belief emails appearing to come from recognized authorities, like the CDC, or event your own company or IT ...
Continue Reading →
A quick Saturday digest of cybersecurity news articles from other sources.Sounds like cyber-war! Is it the Russians? Hackers are crawling all over the US Department of Defense’s websites – and DoD officials are quite happy about the whole thing. It’s pen-testing, baby.
Black Hills Information Security, and owner John Strand are ...
Continue Reading →
The heart of a good scam is pretending to be someone you are not. This form of social engineering is known as the impostor scam or impersonation scam. Impostors can take different forms, and may show up on a phone call, or as an email from a trusted friend or family member, business associate, customer or coworker. Often they ...
When a scammer gets your money, it is usually gone for good. There are many ways that scammers use to receive payments from their victims, and often they will use methods that are unusual, such as gift cards, bitcoin, or other currency substitutes.
Today I will describe the different payment methods, and what advantages they offer the scammer. What a ...
Continue Reading →Have you fallen for an online or telephone scam? How much money did you lose? I’ve personally known of two cases where the amount lost was $500 and $16,000, but scammers often get more.
If you are above the age of 55, you most certainly have been targeted by telephone callers and cyber-scammers, and received emails, text messages, Facebook messages, ...
Continue Reading →
Last month I read the book Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers, by Andy Greenberg, senior writer for Wired magazine. If you want to understand how cyber-war has changed the face of military operations in the 21st century, this book explains everything. This book has put the threat of ...