social engineering Archives - Page 19 of 29

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.

Happy Independence Day

This is the day we celebrate our liberation from the King of England and the British Empire. The United States was founded through civil disobedience and even warfare against a government that some considered oppressive and unfair. Consider this: if the British crown had won, the “founding fathers” would have been considered terrorists, and hanged. Your terrorists are ...

Continue Reading →

4
JUL

0

Share

Apple, cybersecurity, law and policy, malware, News and politics, social engineering, Weekend Update

COVID-19

Shouldn’t It Be Called Anti-Social Engineering?

Just as there is nothing “social” about social distancing, there is nothing social about social engineering. We could easily call it anti-social engineering, since this is practiced by cyber-criminals and sociopaths to separate us from our personal information or our money. A more common term would be scam or con.

These bad actors are masters at playing on our emotions. When I teach a cybersecurity awareness course, I advise people to ...

Continue Reading →

1
JUL

0

Share

Computers and Internet, cybersecurity, social engineering

Friday Phish Fry

Phishing Email Alerts

Catch of the Day: Wells Fargo Identity Theft Phish – A trifecta – bank account, personal information, and a credit card. On the Dark Web this is called a Fullz.

Chef’s Special: Phishing attacks impersonate QuickBooks invoices ahead of July 15 tax deadline

Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources ...

Continue Reading →

26
JUN

2

Share

email, Friday Phish Fry, passwords, Phishing, social engineering

Guest Post – Internet Safety for Kids (A Parent’s Guide) Part 2

Where can online dangers for our children occur? Keeping our kids safe and secure on the Internet has always been a challenge, but the difficulty has only increased because of the pandemic and our new normal of Safe At Home, Work From Home, and remote schooling. Our kids are online more than ever. As parents, we need to be aware of the ...

Continue Reading →

17
JUN

0

Share

Computers and Internet, cybersecurity, smartphones, social engineering

children online

Friday Phish Fry

Phishing Email Alerts

Catch of the Day: This is NOT a phish, it is legit

Chef’s Special: This IS a phish, EFT payment advice

Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.

I would be delighted to accept suspicious phishing examples from you. Please forward your email to Continue Reading →

5
JUN

0

Share

email, Friday Phish Fry, Phishing, social engineering

hurricane

Friday Phish Fry

Catch of the Day – Donald Trump and Mike Pence phishing emails. Beware these official-looking “government” emails.

Chef’s Special – LogMeIn credential harvesting phish.

Phishing Email Alerts

Examples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.

I would be delighted to accept suspicious phishing examples from you. Please forward your email ...

Continue Reading →

22
MAY

0

Share

account hijacking, email, Friday Phish Fry, Phishing, privacy, social engineering

COVID, COVID-19

Zoom’s Crash Course in Cybersecurity

The video conferencing application Zoom has had it’s share of security related problems lately. Any time they name a cyber-attack after you (Zoom bombing) it’s bound to be a bad thing. Zoom bombing, if you haven’t heard, is the video conference equivalent of photo bombing. Some miscreant sneaks into your meeting and takes over the screen to share some NSFW imagery or hate speech or cat videos. Zoom meeting videos have ...

Continue Reading →

29
APR

0

Share

account hijacking, authentication, Computers and Internet, cybersecurity, encryption, insider threat, social engineering, Software vulnerability

video conference, Zoom

How Secure is Your Tech Support Company?

Is your computer technology Managed Service Provider (MSP) the weakest link in your supply chain security program? Are they the easiest point of entry for an attacker? Your contracted tech support provider holds keys to your computer network that are coveted by cyber-attackers. MSPs are commonly targeted by cyber-criminal groups and other bad actors because MSPs ...

Continue Reading →

1
APR

0

Share

account hijacking, authentication, cybersecurity, insider threat, multi-factor authentication, Phishing, social engineering

managed service provider, MSP, supply chain security, third party vendor security

The Danger of Sub-Domain Hijacking

Here is a frightening twist on your typical domain name spoofing. Attackers have found ways to reuse legitimate sub-domains of well know business entities such as Microsoft and other companies to seed phishing email links with authentic sub-domains.

What is a sub-domain?

Anyone person or business that has a registered domain name can create any sub-domain they would like on the main domain that ...

Continue Reading →

25
MAR

1

Share

account hijacking, cybersecurity, Phishing, social engineering

Fake SpyHunter Phish Example

I got this email, which is most certainly a phishing email, touting the legitimate anti-malware product SpyHunter. The image of the email is below.

Part of safely working from home is to be aware of these types of approaches, and alerting your IT staff to these before you click to open them. Do not belief emails appearing to come from recognized authorities, like the CDC, or event your own company or ...

Continue Reading →

23
MAR

0

Share

Phishing, social engineering