To protect yourself from phishing implies having a good knowledge of the kind of attacks launched by adversaries daily. Here’s the list of the top cyberspace news from the past week to help you enhance your phishing prevention measures
Anonymous Hacks Atlanta Police Dept Website
The Anonymous hacker group, which announced its comeback after the cruel killing of George Floyd by a Minneapolis police officer, has now taken upon its shoulders for bringing down the Atlanta police department website. They confessed this via a tweet where they condemned the Atlanta police department for the fatal shooting of Rayshard Brooks.
Cybersecurity is one of the most lucrative industries for both cyber experts and adversaries, often more so for the latter. Phishing prevention tips and practice become most effective when learned and applied with a similar attack in mind. Hence, we bring these top headlines from the cyber world:
300,000 Nintendo Accounts Compromised
The Japanese video game company Nintendo had notified on 24th April 2020 of a data breach that compromised about 160,000 of its user accounts. But in a recent post, the company revealed that over 140,000 more accounts had been exploited, comprising the total number of compromised accounts to 300,000.
The cyberspace withstands serious threats every instant. These cyber-attacks are manageable with the right phishing prevention measures. However, along with an appropriate anti-phishing service, one must also have a profound knowledge of recent cyberattacks to have a better idea about what really is going on out there. Therefore we bring you the latest security headlines as nothing can be as informative as firsthand accounts of cyber attack survivors.
Govements across the world have declared cybersecurity to be a necessity and not an option. Phishing prevention is no longer a choice; it’s a need, and the following news headlines show exactly why protection against phishing is vital for an organization:
Hackers Leak 2.9 Crore Indian Records
Security firm Cyble recently reported that hackers have put up the details of 2.9 crore Indian job-seekers on the dark market for free. These records include the email addresses, phone numbers, home addresses, qualification and work experience of victims apart from several other details.
Ensuring protection against phishing becomes strenuous when over a billion phishing attacks get launched every year. The following headlines from cybersecurity indicate that preparedness alone can ensure phishing protection to a significant extent.
Easyjet Customers To Stay On Guard
In a recent hack, the British airline EasyJet had the email addresses and travel details of 9 million customers compromised. 2,208 customers among them had their credit card details stolen as well. While it’s evident that the 9 million customers are on the radar of attackers, EasyJet is trying its best to adopt phishing prevention best practices.
Every second, 44 cyber attacks are being launched across the world. This terrorizing threat concerns all internet users, and hence keeping abreast of the latest happenings in cybersecurity is imperative for phishing prevention. Following are the top headlines from the past week
Ransomware Hits Magellan Health Inc.
The Fortune 500 Company Magellan Health Inc. detected a ransomware attack on one of its servers recently that compromised personal details of employees. The compromised data includes names, employee IDs, addresses, and W-2 or 1099 tax form details.
Ensuring protection against phishing is the greatest challenge to digital security. The attacks only seem to be rising, and the following headlines are a hint to the unavoidable need for stringent security measures in organizations:
HSA Removes Fake COVID Care Products
E-commerce websites in Singapore have been listing bizarre products on platforms such as Lazada, Carousell, Shopee, and Facebook. These products include test kits, herbs, traditional medicines, health supplements and hand sanitizers. Over 1,700 such products with misleading claims have been identified in the last three months. To enhance anti-phishing protection, the Health Sciences Authority (HSA) is strictly monitoring local e-commerce platforms. The HSA has sent out over 1,600 warning letters to the sellers of fake Covid19 products.
Ensuring protection from phishing attacks has become the most significant cybersecurity challenge in the twenty-first century. The ratio of attacks and preventive measures never seems to reach equilibrium. Hence, keeping abreast of the latest cyber news plays a vital role in the war against adversaries. The following headlines from the cyber world echo of the rising importance of investments in cybersecurity
Phishing prevention cannot be assured with a single security measure, especially in recent times, when hundreds of cyberattacks take place every day. The following headlines from the past week in cybersecurity prove precisely why you need to strengthen your organization’s anti-phishing solutions.
NCSC Develops Email Reporting Service
The UK’s National Cyber Security Centre launched a Cyber Aware Campaign called Suspicious Email Reporting Service on 22nd April, in which over 5,000 suspect emails were reported within a day.
Here are the most recent developments in phishing prevention across the globe. The attacks from the past week shall perhaps enable you to rectify all loose ends in your online networks.
Hacker Impersonates White House Home Page
In another COVID 19 cyber attack, the adversaries have sent out emails to American citizens from a “Valentina Robinson” impersonating the White House. The email comes with grammatical and spelling errors (“carantine” for quarantine and “pamdemic” for pandemic) and instructs users to download an attached document containing new guidelines related to the epidemic.
Yet another week has gone by with cyberattacks causing the world much trouble. Following are some of the most recent security news updates
Email.it Customer Data Selling Online
The Email.it datacenter underwent a cyberattack two years back the repercussions of which have surfaced recently. The hackers had demanded a ransom, which the company refused to pay. They took a more reasonable way and adopted phishing prevention measures. Email.it also informed the Italian Postal Police (CNAIPIC) about the breach. But now, the hackers are selling data belonging to over 600,000 Email.it users on the dark web.
Cybersecurity in these tough times is essential to ensure phishing prevention and to keep the money in your bank accounts safe to survive the global economic fall that’s ahead of us. The following headlines from the past week in cybersecurity shall help you strengthen your security measures:
FIN7’s Gift Card Trap
The FBI has recently found the threat actor group FIN7 guilty of luring victims with fake gift cards to steal their personal information. This time, they are sending out emails informing victims that the retail chain ‘Best Buy’ is extending a $50 gift card to its loyal customers. To increase credibility, they also included a USB drive claiming to list the items purchasable through the gift card.
Cybersecurity has never been a dormant field. With the global pandemic affecting nations, cyber-attacks are only rising. While phishing prevention solutions are not 100% effective, they withstand these attacks to a great extent. The following headlines from the past week shall help you judge whether you can still go without good anti-phishing software.
It is of utmost importance for you to stay abreast of the latest hacking plots if you want to keep your devices safe from the latest attacks happening around the world. The following headlines serve this purpose of providing phishing prevention tips:
Nefilim Ransomware Proves A Threat
Newly discovered ransomware Nefilim that uses a combination of AES-128 and RSA-2048 algorithms is causing much havoc by threatening to release stolen data. Spreading through exposed remote Desktop Services, Nefilim removes the Ransomware-as-a-Service (RaaS) component and depends on emails for payments rather than a Tor payment site.
The cyber-world remains dynamic because of the many attacks that are launched on companies and individuals every day. The following news headlines from the past week in cybersecurity shall help you better plan your phishing prevention strategy:
Phishing Scam Targets Linkedin Accounts
The Security Incident Investigation and Response Department of Heimdal have discovered a new phishing scam that targets LinkedIn accounts. In this attack, a malicious link embedded in a Microsoft Word document is shared via OneDrive. If a victim falls for the trick and clicks on the OneDrive link, then he gets redirected to the fraudulent OneDrive page. This page asks you to log in to your Microsoft account even if you already are logged in. Another page appears after the victim enters his details in the credential-stealing form, which is an error page.
To protect yourself from phishing attacks of this sort, you must incorporate specialized anti-phishing solutions such as DNS and HTTPS filtering. Although no cases have been reported so far, people are still advised to remain vigilant and prepared.
Security Threat To NIH’s Record System
The Health and Human Services’ Office of Inspector General audit revealed that the phishing protection measures of the National Institutes of Health (NIH) are not adequate to safeguard its electronic health records system from prospective phishing attacks. Weaknesses in its access controls, contingency planning, and IT maintenance were pointed out. The NIH had not updated its servers and software in addition to not deactivating outdated user accounts.
The Akamai Content Delivery Network (CDN) recently conducted research where it found over 2.4 million people to be victims of some 1,221 phishing domains using Akamai’s network. Security researcher Or Katz from Akamai said that these phishing attacks targeted these many people in just four months only. A rise in attacks was seen during the festive season. The research further revealed that attackers mostly target media and e-commerce.
The research findings highlight the bleak anti-phishing protection measures that are in place and suggest that phishing is not moving out of the picture any time soon.
Fake Tech Support Company Owner Penalized
A technical support call-centre company called Tech Support was formed by an Indian college drop-out Amit Chauhan and his friend Sumit Kumar in January 2019. To date, they have successfully conned over 40,000 victims out of over Rs. 60 crores (8 million USD).
Their scam was discovered by a British victim Jim Browning in a YouTube video where Jim mentioned how Tech Support claimed to resolve technical glitches by sending malicious pop-ups. The two cons from Gurugram (New Delhi in northern India) are now penalized under India’s IT Act.
Beware Of Sextortion Emails With A Friend’s Reference
Researchers from IBM X-Force Threat Intelligence recently discovered the newest tactic of Raccoon attackers. They are sending out emails to victims with nude extortion pictures of a friend’s girlfriend. This is, however, a trick to make people curious enough to click on the attachment and grant permissions.
Once permissions are granted, the malware payload gets automatically downloaded and installs the Raccoon info stealer. As per the updates from IBM X-Force Threat Intelligence researchers, the affected domain has been brought down. But people should still subscribe to email phishing protection services to ensure their safety.
Week-Long Cyber Attacks On Factum Magazine
The Factum Magazine had to endure a week-long cyber attack for investigating on the lack of transparency of El Salvador’s government. The government had launched a phishing campaign on the magazine via a computer engineer from the University of Oriente, El Salvador.
Reportedly, the attacks on the magazine were part of a more significant attack to discredit the media. Anti-phishing measures by Qurium’s forensics investigation located the attacker to be from the Universidad de Oriente (UNIVO). The university, too, cooperated to particular extentrity beyond which it chose to remain silent.
Cyber Attack Hits ENTSO-E
The European Network of Transmission System Operators for Electricity (ENTSO-E), which regulates Europe’s electricity markets underwent a cyber attack recently. However, the attack did not affect any critical control systems and only brought down the IT systems.
ENTSO-E is now taking measures to ensure protection from phishing to reduce losses from this attack and stop such attacks from targeting them in the future.
Ransomware Hits Fort Worth ISD
A ransomware attack hit the Fort Worth Independent School District last week. As they recover from the attack, utmost care is being taken to ensure that the most effective phishing protection service is used. Hopefully, things shall function normally from next Monday, but there are chances of that getting delayed. They are asking teachers not to rely on computers for some time and go back to the old school ways of imparting lessons.
Spokesperson Clint Bond said that he, too, has been affected by the attack along with other district teachers and staff. The attack also brought down the district website. But the district shall not succumb before attackers and do not plan to pay any ransom. No personal or financial information on employees of students has been compromised in the attack.
New Phishing Tactic Uses HIV Fear
After the COVID-19 trick, attackers are now using HIV test results to make people open malicious email attachments that ultimately install malware on users’ devices. The adversaries have sent out over 200 emails to employees of big pharmaceutical, health care, and insurance companies in North America with fake HIV test results. These emails may not necessarily convince the victim that it’s an actual report but triggers his curiosity, which is all that is needed to fall for the trap.
This scheme was first discovered by security firm Proofpoint who has already begun blocking all such fake emails sent to its client. But their anti-phishing tools cannot possibly save all users targeted by the attackers. Hence being cautious at a personal level is the only effective defense mechanism.
Secret Sharing App Leaks Data
The secret-sharing app Whisper has left a database unprotected online since its inception in 2012. This database without passwords can be opened by anyone and reveals the private information of users such as their nicknames, stated ages, ethnicities, genders, hometowns, group memberships, and location details.
This database was found and reported by independent researchers Matthew Porter and Dan Ehrlich. It leaked information belonging to around 900 million users. To prevent phishing attacks, Whisper restricted access, and plugged the authentication security gap.
Here are the weekly news headlines from the cyber world that will leave you astounding and compel you to rethink your phishing attack prevention measures:
Cathay Pacific Pays Hefty Fine
Hong Kong’s flag carrier Cathay Pacific was recently fined $640,000 by the UK’s data privacy watchdog. This comes after the airline’s inability to protect customers’ personal data from a 2018 security breach. This breach had exposed the details of over 9.4 million customers, 111,578 of whom were residents of the UK.
The digital world struggles to ensure phishing prevention at every step. While some attacks get withstood, most attacks are successful and rob organizations of their time, resources, and money. Following headlines describe such attacks from the past week:
Cybersecurity has become an issue of concern in recent years. Every day thousands of attacks are launched on companies and organizations that cannot always be stopped via phishing prevention measures. Here’s a list of the major attacks that took place this week:
In past years, the frequency of successful cyber attacks has increased significantly. As such, it isn’t surprising that every day countless institutions get targeted by the adversaries. Here are the top cyber headlines from the previous week that might compel you to reconsider your phishing prevention measures.