Top Phishing Emails

Phishing continues to be the number one method that over 90% of cybersecurity incidents and breaches happen.  Cybersecurity Awareness Training and Phishing Simulation company KnowBe4 recently posted an article on their blog about the Top-Clicked Phishing Email Subjects.  Sharing this information with your staff is one way to limit the impact of these email exploits.

Here are the top subject lines used in emails by actual cyber-attackers.

Most Common ...

Continue Reading →
0

Hack Turns iPhones and Android phones into Ultimate Surveillance Tool

If you visited certain websites with your iPhone (or Android or Windows device**) over the last two years, it is possible that your iPhone downloaded and installed malware that allowed attackers to intercept and record everything you did and everywhere you went with your iPhone.  This includes real-time location information, all your emails and messaging (including encrypted versions such ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


FBI Releases Article on Think Before You Post Campaign

Original release date: September 5, 2019

The Federal Bureau of Investigation (FBI) has released an article on their Think Before You Post campaign, designed to educate students on the use of social media and how to avoid making poor choices when posting, texting, or emailing thoughts or grievances that ...

Continue Reading →
0

Beware of Scammers Exploiting Recent Events

It seems that every new event brings out a crop of scammers ready to exploit the gullible.  Several recent scams are using the Equifax breach settlement, and the recent mass shootings in El Paso and Dayton to extract money from or deliver malware to their victims.

First, from KnowBe4, we have the details of several scams taking advantage of people attempting to get the $125 settlement payment they may be owed as a result of the Equifax ...

Continue Reading →
0

Don’t Get Emotional!

Social engineers have many tricks up their sleeves, and we have covered many of them in previous articles.  The biggest trick is phishing emails, of course, coupled with replica landing pages on hijacked websites.  Other methods include phone calls, such as fake tech support calls.  There are texting hoaxes, called smishing.  There are fake, cloned, or hijacked Facebook, LinkedIn, Twitter, and Instagram account ...

Continue Reading →
0

New Phishing Scams Look So Real

There has been a stream of email alerts arriving at my inbox lately that warned of a variety of new phishing approaches that are using well-known brands (OneDrive and Office 365, FedEx and UPS), trusted sources (Department of Homeland Security, Gmail, Yahoo Mail), secure services (TLS certificates and HTTPS web sites) and curiosity (you received an encrypted message) to trick recipients into clicking a link that leads to a fake replica ...

Continue Reading →
0

Guest Post – Mobile App Security Threats and Secure Best Practices Part 2

A guest post by KC Karnes

Mobile App Security Exploit Examples: Painful Real-life Lessons

The climate around mobile app security is heating up.

Mobile app vulnerabilities are exploited every day, resulting in expensive data breaches and loss of public trust.

In this section, we will try to learn from the failures of other companies and highlight how real the threats outlined above can be.

Timehop Fails To Trust Two-Factor Authentication

Starting in December of 2017, TimeHop was ...

Continue Reading →
0

Guest Post – Mobile App Security Threats and Secure Best Practices Part 1

A guest post by KC Karnes

Is your mobile app secure?

It shouldn’t come as a surprise that mobile apps are targeted by hackers, given the rapid adoption and increased usage globally. By some estimates, one out of every 36 mobile devices has high-risk apps installed.1

An even more sobering mobile app security statistic for businesses to hear: 71% of fraud transactions came from mobile apps and mobile browsers in the ...

Continue Reading →
0
Page 1 of 9 12345...»