Cybersecurity has never been a dormant field. With the global pandemic affecting nations, cyber-attacks are only rising. While phishing prevention solutions are not 100% effective, they withstand these attacks to a great extent. The following headlines from the past week shall help you judge whether you can still go without good anti-phishing software.
It is of utmost importance for you to stay abreast of the latest hacking plots if you want to keep your devices safe from the latest attacks happening around the world. The following headlines serve this purpose of providing phishing prevention tips:
Nefilim Ransomware Proves A Threat
Newly discovered ransomware Nefilim that uses a combination of AES-128 and RSA-2048 algorithms is causing much havoc by threatening to release stolen data. Spreading through exposed remote Desktop Services, Nefilim removes the Ransomware-as-a-Service (RaaS) component and depends on emails for payments rather than a Tor payment site.
The cyber-world remains dynamic because of the many attacks that are launched on companies and individuals every day. The following news headlines from the past week in cybersecurity shall help you better plan your phishing prevention strategy:
Phishing Scam Targets Linkedin Accounts
The Security Incident Investigation and Response Department of Heimdal have discovered a new phishing scam that targets LinkedIn accounts. In this attack, a malicious link embedded in a Microsoft Word document is shared via OneDrive. If a victim falls for the trick and clicks on the OneDrive link, then he gets redirected to the fraudulent OneDrive page. This page asks you to log in to your Microsoft account even if you already are logged in. Another page appears after the victim enters his details in the credential-stealing form, which is an error page.
To protect yourself from phishing attacks of this sort, you must incorporate specialized anti-phishing solutions such as DNS and HTTPS filtering. Although no cases have been reported so far, people are still advised to remain vigilant and prepared.
Security Threat To NIH’s Record System
The Health and Human Services’ Office of Inspector General audit revealed that the phishing protection measures of the National Institutes of Health (NIH) are not adequate to safeguard its electronic health records system from prospective phishing attacks. Weaknesses in its access controls, contingency planning, and IT maintenance were pointed out. The NIH had not updated its servers and software in addition to not deactivating outdated user accounts.
However, they are now working to ensure protection against phishing by following NIST guidelines.
Serious Hints At Phishing: Akamai CDN
The Akamai Content Delivery Network (CDN) recently conducted research where it found over 2.4 million people to be victims of some 1,221 phishing domains using Akamai’s network. Security researcher Or Katz from Akamai said that these phishing attacks targeted these many people in just four months only. A rise in attacks was seen during the festive season. The research further revealed that attackers mostly target media and e-commerce.
The research findings highlight the bleak anti-phishing protection measures that are in place and suggest that phishing is not moving out of the picture any time soon.
Fake Tech Support Company Owner Penalized
A technical support call-centre company called Tech Support was formed by an Indian college drop-out Amit Chauhan and his friend Sumit Kumar in January 2019. To date, they have successfully conned over 40,000 victims out of over Rs. 60 crores (8 million USD).
Their scam was discovered by a British victim Jim Browning in a YouTube video where Jim mentioned how Tech Support claimed to resolve technical glitches by sending malicious pop-ups. The two cons from Gurugram (New Delhi in northern India) are now penalized under India’s IT Act.
Beware Of Sextortion Emails With A Friend’s Reference
Researchers from IBM X-Force Threat Intelligence recently discovered the newest tactic of Raccoon attackers. They are sending out emails to victims with nude extortion pictures of a friend’s girlfriend. This is, however, a trick to make people curious enough to click on the attachment and grant permissions.
Once permissions are granted, the malware payload gets automatically downloaded and installs the Raccoon info stealer. As per the updates from IBM X-Force Threat Intelligence researchers, the affected domain has been brought down. But people should still subscribe to email phishing protection services to ensure their safety.
Week-Long Cyber Attacks On Factum Magazine
The Factum Magazine had to endure a week-long cyber attack for investigating on the lack of transparency of El Salvador’s government. The government had launched a phishing campaign on the magazine via a computer engineer from the University of Oriente, El Salvador.
Reportedly, the attacks on the magazine were part of a more significant attack to discredit the media. Anti-phishing measures by Qurium’s forensics investigation located the attacker to be from the Universidad de Oriente (UNIVO). The university, too, cooperated to particular extentrity beyond which it chose to remain silent.
Cyber Attack Hits ENTSO-E
The European Network of Transmission System Operators for Electricity (ENTSO-E), which regulates Europe’s electricity markets underwent a cyber attack recently. However, the attack did not affect any critical control systems and only brought down the IT systems.
ENTSO-E is now taking measures to ensure protection from phishing to reduce losses from this attack and stop such attacks from targeting them in the future.
Ransomware Hits Fort Worth ISD
A ransomware attack hit the Fort Worth Independent School District last week. As they recover from the attack, utmost care is being taken to ensure that the most effective phishing protection service is used. Hopefully, things shall function normally from next Monday, but there are chances of that getting delayed. They are asking teachers not to rely on computers for some time and go back to the old school ways of imparting lessons.
Spokesperson Clint Bond said that he, too, has been affected by the attack along with other district teachers and staff. The attack also brought down the district website. But the district shall not succumb before attackers and do not plan to pay any ransom. No personal or financial information on employees of students has been compromised in the attack.
New Phishing Tactic Uses HIV Fear
After the COVID-19 trick, attackers are now using HIV test results to make people open malicious email attachments that ultimately install malware on users’ devices. The adversaries have sent out over 200 emails to employees of big pharmaceutical, health care, and insurance companies in North America with fake HIV test results. These emails may not necessarily convince the victim that it’s an actual report but triggers his curiosity, which is all that is needed to fall for the trap.
This scheme was first discovered by security firm Proofpoint who has already begun blocking all such fake emails sent to its client. But their anti-phishing tools cannot possibly save all users targeted by the attackers. Hence being cautious at a personal level is the only effective defense mechanism.
Secret Sharing App Leaks Data
The secret-sharing app Whisper has left a database unprotected online since its inception in 2012. This database without passwords can be opened by anyone and reveals the private information of users such as their nicknames, stated ages, ethnicities, genders, hometowns, group memberships, and location details.
This database was found and reported by independent researchers Matthew Porter and Dan Ehrlich. It leaked information belonging to around 900 million users. To prevent phishing attacks, Whisper restricted access, and plugged the authentication security gap.
Here are the weekly news headlines from the cyber world that will leave you astounding and compel you to rethink your phishing attack prevention measures:
Cathay Pacific Pays Hefty Fine
Hong Kong’s flag carrier Cathay Pacific was recently fined $640,000 by the UK’s data privacy watchdog. This comes after the airline’s inability to protect customers’ personal data from a 2018 security breach. This breach had exposed the details of over 9.4 million customers, 111,578 of whom were residents of the UK.
The digital world struggles to ensure phishing prevention at every step. While some attacks get withstood, most attacks are successful and rob organizations of their time, resources, and money. Following headlines describe such attacks from the past week:
Cybersecurity has become an issue of concern in recent years. Every day thousands of attacks are launched on companies and organizations that cannot always be stopped via phishing prevention measures. Here’s a list of the major attacks that took place this week:
In past years, the frequency of successful cyber attacks has increased significantly. As such, it isn’t surprising that every day countless institutions get targeted by the adversaries. Here are the top cyber headlines from the previous week that might compel you to reconsider your phishing prevention measures.
The struggle to prevent phishing attacks is constant, but here are the top headlines from cybersecurity that shall brief you about the significant events from the past week:
With 1.5 million new phishing sites coming up every day, phishing prevention is not an objective that is going to be a success anytime soon. Besides, the war against cybercriminals is not just about phishing. The adversaries launch various destructive cyber attacks each day, and there is no escape from these. You might be the next target of the attackers, and therefore exhibiting preparedness is very important. Here we have a compilation of the top news headlines from the past week in cybersecurity that shall help you enhance your knowledge on the subject:
More than half of the emails you receive in a day are spam emails. The majority of the data breaches are channeled through phishing attacks. The frequency of cybercrimes is increasing, and they have become all the more sophisticated. Ensuring cyber protection has never been more challenging than in the present, and the worst part is that this isn’t the end! As we try to establish protection against phishing, let us look at some of the major attacks that took place in the past week, so that we can better analyze current trends of cyberattacks.
The war between attackers and phishing prevention services is a perennial one. None of the parties ever seem to be willing to settle for less, and hence the cyber-world is full of dynamism and vibrancy. Another week has passed, and with that, we have a hundred updates added to the list of activities in the cyber world. But to save you the hard work, here we have compiled the top headlines from the world of digital security.
It seldom happens that the dynamic world around us witnesses a day without any activities. Particularly, in the world of cybersecurity, it is almost impossible for nothing significant to happen in a day. But how to keep abreast of all these anti-phishing solutions we must adopt against adversaries on a daily basis? As mind-boggling as this might seem, we are here to simplify things for you. The following is a list of the latest headlines from the world of cybersecurity, handpicked by our team to fit your interests.
The cyber-world is the epitome of vibrancy and change. Some new technological advancement or out of the box hacking scheme always makes it to the headlines. Just when we think that innovations are at the pinnacle of uniqueness, there appears another critically thought and unique technological development. Keeping abreast of these many updates isn’t humanly possible, and yet it is essential. Awareness of the technological boons and the progress of the cyberbullies are extremely important, not just for your general knowledge but also to utilize the knowledge in case you happen to be a victim of a cyber attack someday. To help a cyber geek update his knowledge on the most recent news bulletins from cybersecurity by absorbing the underlying phishing prevention tips, here are the top security news headlines from this past week:
Please find below details for the PhishProtection.com Scholarships program.
PhishProtection offers phishing prevention solutions for SMB, enterprise and universities at phishprotection.com
We are a service of DuoCircle LLC, an email security company designed from the ground up to provide all the features that an enterprise would expect but priced for small and medium businesses.
More than 90% of all cyber crimes start with a phishing attack
Ready to Protect Your Organization From the Most Dangerous Email Threats?
Ransomware, data breaches and CEO fraud have one thing in common. They are all preceded by one of your employees clicking on a link in an email they shouldn’t have.
You can train your employees all you want, some of them will still fall for the most sophisticated phishing attacks. And all it takes is one click. You’re going to need some help.
Get that help from PhishProtection.com
- Keeps most phishing emails out of inboxes so employees can’t click on anything
- Provides real-time link click protection for the emails that get through
- Protects against domain name spoofing AND display name spoofing
- Blocks and quarantines malicious attachments too
We have a very security-focused approach to message handling and ensuring the deliverability, security, privacy of every message and every customer is our mission.
Our customers stick with us because we have the most commonly requested features for business to help them secure their email communications from Malware, Ransomware and Phishing.
Our no-nonsense approach keeps our customers happy and our team driven to excellence.
The scholarship is in its second year and Brad Slavin, DuoCircles’ CEO said that “We are committed to the ideal that every student deserves as chance to excel and with the DuoCircle scholarship program we aim to make a difference.”
Eligible applicants are high school seniors with signed acceptance letters to a college or university situated anywhere in the world.
There is, however, no restriction on major/minor. All can apply.
The applicant will need a GPA of 3.5 weighted or higher.
PhishProtection.com is offering $1000 scholarship.
How to Apply
We’re looking for a 1500-word essay or 2-minute video on why email is so important.
- What is the motivation for phishing and how can we address the underlying causes?
- What will change in the next 10 years as it relates to messaging and email?
- How would you teach the older generations how to spot an online scam or phishing attempt?
- How would you explain to a 10 year old the concept of privacy and not over sharing on the Internet?
- Current year grades and transcript
- Extracurricular activities
- Current letter of acceptance or letter of enrollment from an accredited University, Trade School or Community College.
- One letter of recommendation
- Facebook / Instagram / Twitter links
- Name and contact details
Once you are ready with the details, please send an mail to: firstname.lastname@example.org
Applications for the 2020, PhishProtection Scholarships program will be accepted between November 25, 2019 through to midnight of November 30, 2020.
The Winner will be announced on December 7, 2020.