Unhappy Valentines Day – Romance Fraud

This Valentine’s Day, be careful of who you let into your heart.  Unfortunately for every love-lorn single there is a fake Romeo or dating site scammer waiting to separate them from their money.  According to the FBI, the amount of money losses to victims of romance fraud makes it the second most lucrative cyber crime, generating $211 million for the perpetrators. Only business email ...

Continue Reading →
0

Too Legit – The DocuSign No Malware Phishing Exploit

You or your CFO receive an email offering business capital at attractive interest rates.  The company that sent you the offer has provided an application for the loan using the legitimate document presentation platform, DocuSign.  Everything looks legit, and it is.  No fake web pages or near-miss web addresses.  But this is the latest in “no malware” phishing scams.

Filling out the form will give ...

Continue Reading →
0

Common Phishing Subject Lines

Phishing is still the number one tactic used by malicious actors to collect passwords and other information.  Phishing works because the attacker is able to create an email that is believable and looks realistic.  The best ones appear to come from a customer, supplier, coworker or other trusted source, and the content makes sense for your business or personal life.  The most successful way to prevent phishing from ruining your day ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


Tech Trends in 2019

Information on trends in technology for drones, security robots, artificial intelligence, security smart homes, and securing IoT.


Feds can’t force you to unlock your phone with finger or face, says judge

The landmark decision asserts the same 4th and 5th amendment legal protection for biometrics that we’re given for passcodes.


Continue Reading →
0

It’s Not Just Phishing – Other Ways Email Is Exploited – Part 2

On Monday we investigated five ways that your email account can be used to initiate an cyber-attack against you.  Today we finish up this article with another five email attack vectors.

  • Clickjacking – In traditional click-jacking, a malicious email link actually direct you to a malicious or impostor site.  A new version places something that looks like a dirt spot or hair on the web page and when the user tries to ...
Continue Reading →
0

It’s Not Just Phishing – Other Ways Email Is Exploited – Part 1

Phishing gets all the press when it comes to email account exploits. This is because phishing is the attack vector for over 90% of all cyber-attacks.  But there are other ways that bad actors, cyber-criminals, and state-sponsored cyber-warriors use email that don’t involve phishing at all, and the outcomes of these exploits can be as bad or even worse than phishing.  Today and Wednesday we will take a look at these ...

Continue Reading →
0

Collections 1-5 – Is This The Biggest Data Breach Ever?

Troy Hunt, of HaveIBeenPwned fame, on January 17 reported what may be the biggest data breach ever.  Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows.  That’s right, 2.6 billion rows.   773 million records, from over 12,000 files, with a total size surpassing 87 gigabytes.  That’s a lot of personally identifiable information ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


WordPress Sites Compromised via Zero-Day Vulnerabilities in Total Donations Plugin

It is our recommendation that site owners using Total Donations delete–not just deactivate–the vulnerable plugin as soon as possible to secure their sites. The following article details the issues present in Total Donations, as well as the active attacks against the plugin. We’ll also take a look at ...

Continue Reading →
0
Page 4 of 152 «...23456...»