Phishing Awareness


How to Stop Spam From Ending Up in Google Calendar

How to Stop Spam From Ending Up in Google Calendar

A lot of people use a web-based calendar to track all of their comings and goings. It makes sense. A web-based calendar is a smart way to make sure you have access to your calendar no matter where you are. And one of the most popular calendars in use today is Google Calendar. But, I’ll bet you didn’t realize that Google Calendar can be a giant repository for spam.

Continue reading “How to Stop Spam From Ending Up in Google Calendar” »

The Privacy Tool Used to Phish You

The Privacy Tool Used to Phish You

With email security, it’s a never ending cycle of attacks and counterattacks. Whenever the bad guys come up with some clever new way to scam people, the good guys eventually figure out a way to combat it. If only that were the end of the story.

Unfortunately, it really is a never ending cycle. So, whenever the good guys come up with a counter move, the bad guys immediately jump on it and figure out some way to use that counter move in their next scam. Such is the case with two factor authentication (2FA).

Continue reading “The Privacy Tool Used to Phish You” »

When is a 404 Error Page not an Error Page? When it’s a Phishing Page!

When is a 404 Error Page not an Error Page? When it’s a Phishing Page!

If you’ve been on the Internet, then you’ve run into a 404 error page. According to Lifewire, “a 404 error is an HTTP status code that means that the page you were trying to reach on a website couldn’t be found on their server. To be clear, the 404 error indicates that while the server itself is reachable, the specific page showing the error is not.” The server’s there but the page isn’t.

Continue reading “When is a 404 Error Page not an Error Page? When it’s a Phishing Page!” »

Seriously—Now a Phishing Attack Can Make You Deaf

Seriously—Now a Phishing Attack Can Make You Deaf

There used to be a time when the worst thing that could happen to you from a phishing attack was a financial loss. Maybe the hackers stole your credentials, got a credit card in your name and went on a shopping spree. Or, maybe they used ransomware to encrypt your hard drive and insisted on some Bitcoins before you could get your data back. At least there was no threat of bodily harm. Until now.

Continue reading “Seriously—Now a Phishing Attack Can Make You Deaf” »

What to do If You’re Hit by Ransomware – Part 2

What to do If You’re Hit by Ransomware – Part 2

As we mentioned in Part 1, when it comes to dealing with ransomware, you basically have three choices: pay it, don’t pay it or avoid it in the first place by deploying anti-phishing software.

Naturally, here at Phish Protection we think you should be proactive and use our inexpensive and easy-to-deploy cloud-based phishing protection with Advanced Threat Defense to avoid it in the first place. But, what if it’s too late? What if you’ve already been hit by ransomware?

Continue reading “What to do If You’re Hit by Ransomware – Part 2” »

Protection From Phishing: A Growing Threat In Today’s Information Age

Protection From Phishing: A Growing Threat In Today’s Information Age

The rapid transformation of the cyberspace and digital technologies in recent times have necessitated changes in an enterprise’s digital architecture. Adversaries these days make use of highly sophisticated techniques and advanced digital platforms to attack enterprises and individuals. One of these techniques employed by cybercriminals is ‘Phishing.’

Phishing is a type of online fraud, which makes use of deceptive e-mails, website, or pop-up ads. It involves a technique known as social engineering which consists of throwing a bait towards the intended victim (usual employees of an organization) and luring them to reveal his private information or user credentials. This information can further be used to compromise the financial assets and data of the organization.

Continue reading “Protection From Phishing: A Growing Threat In Today’s Information Age” »

What to do If You’re Hit by Ransomware

What to do If You’re Hit by Ransomware

There’s much debate going on today about what to do if your organization gets hit by ransomware. There’s really only two choices: pay it or don’t. And which side you come down on says a lot about your big picture perspective.

Recently, U.S. Mayors, at their yearly conference, which represents over 1,400 mayors from U.S. cities with over 30,000 people, adopted a resolution not to give in to ransomware demands. Of course the mayors “admitted that ransomware attacks can result in the loss of millions of dollars and months of work to repair damage, but highlighted that paying the attackers only ‘encourages continued attacks on other government systems, as perpetrators financially benefit.'”

Continue reading “What to do If You’re Hit by Ransomware” »

Phishing Attacks Depend Heavily on New Top Level Domains

Phishing Attacks Depend Heavily on New Top Level Domains

When the Internet first began, there were just a handful of top-level domains in use. Top-level domains (TLD) are the letters that come after the “dot” in the URL. Examples include .com, .org and .net.

One of the most-used phishing tactics is domain name spoofing. Domain name spoofing occurs when an attacker uses a domain, that at first glance, looks legitimate, but isn’t because the attacker substituted one or two letters in the domain.

Continue reading “Phishing Attacks Depend Heavily on New Top Level Domains” »

A Really Dumb Way to Protect Yourself from Phishing Attacks

A Really Dumb Way to Protect Yourself from Phishing Attacks

I have to admit, what I’m about to share with you will save you a few bucks.

There are a lot of ways to protect yourself from phishing attacks. There’s awareness training, endpoint security and real-time, cloud-based link scanning, to name a few. The problem with all of these is that they cost money. Not a lot of money, but money nonetheless.

Continue reading “A Really Dumb Way to Protect Yourself from Phishing Attacks” »

This Fall Season, Beware of Phishing Attacks

This Fall Season, Beware of Phishing Attacks

As the holiday season approaches and shoppers plan to spend more on online purchases buying toys, gifts, clothes, etc. for the loved ones, the Cyber criminals become more active during this time of the season trying to lure the online buyers into stealing their banking and credit card information. According to various reports published, October month is dangerous for organizations as attackers come out of their cave in search of prey. Email addresses, phone numbers, account numbers, and login credentials, are all akin to gold for the hackers. It has been proven by the reports that phishing is the top attack vector in multi-vector attacks.

Continue reading “This Fall Season, Beware of Phishing Attacks” »

Biggest Phishing Attack Risk: It Can’t Happen to Me

Biggest Phishing Attack Risk: It Can’t Happen to Me

Some people just refuse to put the seatbelt on when they get in their car. An act that takes about two seconds. It’s a lot of protection—perhaps lifesaving—for a little bit of time and effort. And it’s not like they’re unaware of seatbelts or the protection they provide. I guess they just assume that when it comes to getting into a wreck, it can’t happen to them.

Continue reading “Biggest Phishing Attack Risk: It Can’t Happen to Me” »

How Using Anti-Phishing Email Templates to Train Your Employees Can Help Avoid Phishing Attacks

How Using Anti-Phishing Email Templates to Train Your Employees Can Help Avoid Phishing Attacks

Phishing is among the most common types of cyber-attacks that take place these days and is preferred by cyber-criminals for stealing sensitive and confidential user data. Such data may include valuable personal information such as login credentials, credit card details etc. which can cause severe personal or financial damage if it falls in the wrong hands.

Continue reading “How Using Anti-Phishing Email Templates to Train Your Employees Can Help Avoid Phishing Attacks” »

Latest Phishing Vulnerability Confirms Awareness Training is Insufficient

Latest Phishing Vulnerability Confirms Awareness Training is Insufficient

Phishing prevention that primarily depends on awareness training is doomed to fail. That’s the implication of the latest research conducted at Ruhr University Bochum and Münster University of Applied Sciences

A team of researchers discovered several vulnerabilities in two technologies used for email authentication and verification: OpenPGP and S/MIME. The vulnerabilities could allow attackers to spoof signatures on over a dozen popular email clients including Microsoft Outlook and Apple Mail. Continue reading “Latest Phishing Vulnerability Confirms Awareness Training is Insufficient” »

Inception the Movie is Now an Undetectable Phishing Method

Inception the Movie is Now an Undetectable Phishing Method

Cyber expert James Fisher discovered a new phishing method he calls the “inception bar.” He named it after the movie Inception, and just like the movie, the phishing method traps you in a fake reality. You can see an example of how it works on his website.

He discovered the exploit in Chrome for mobile, confirming what we already know: mobile is the number one threat target going forward.

Continue reading “Inception the Movie is Now an Undetectable Phishing Method” »

When it Comes to Getting Phished, Game of Thrones is no Fantasy

When it Comes to Getting Phished, Game of Thrones is no Fantasy

Phish protection technology is needed more than ever for fans of the wildly popular TV show Game of Thrones. Scammers are out there with official-looking websites trying to steal everything from personal information to credit card numbers. According to Checkpoint Research, “The fraudulent websites exploit the popularity of the brand to display ads, Continue reading “When it Comes to Getting Phished, Game of Thrones is no Fantasy” »

Instagram More Popular Than Facebook: Guess Where the Hackers are?

Instagram More Popular Than Facebook: Guess Where the Hackers are?

Willie Sutton had a famous response when asked why he robbed banks: “Because that’s where the money is.” Hackers seem to be following Willie’s advice. When it comes to phishing attacks, hackers go where the people are. And as Instagram catches up in popularity to Facebook, it’s become the go-to destination for hackers looking to exploit victims via phishing attacks.

Continue reading “Instagram More Popular Than Facebook: Guess Where the Hackers are?” »

The Only Thing Worse Than Clicking on a Malicious Link in a Phishing Email

The Only Thing Worse Than Clicking on a Malicious Link in a Phishing Email

You might think that the worst thing you can do with a phishing email is to click on the malicious link embedded within. You’d be wrong. There’s something worse, much worse. What’s that? How about forwarding the email to other employees, lots of them?

A recent article on security website SC Magazine details all the bad things employees do with suspicious emails. As things turn out it’s not uncommon for employees to forward Continue reading “The Only Thing Worse Than Clicking on a Malicious Link in a Phishing Email” »

Phishing Protection for SMBs: The Good News and Bad News

Phishing Protection for SMBs: The Good News and Bad News

If you run a small or midsize business (SMB) and you’re concerned with phishing protection, there was a lot to read in the news last week. Let’s get the bad news out of the way.

According to an article on Security Week website, Karl Racine, attorney general for the District of Columbia introduced a new bill, the Security Breach Protection Amendment Act of 2019. The bill expands the types of information companies are held accountable for.

Continue reading “Phishing Protection for SMBs: The Good News and Bad News” »

Is this the Most Successful Business Email Compromise of All Time?

Is this the Most Successful Business Email Compromise of All Time?

The bad news for Evaldas Rimasauskas of Lithuania is he’s facing up to 30 years in prison for scamming Facebook and Google out of $122 million. The good news is that he only has to pay restitution of about $50million. It’s not clear what’s happened to the other $73m, according to an article on BoingBoing. So, when he gets out, he’s going to be a very rich man.

Continue reading “Is this the Most Successful Business Email Compromise of All Time?” »

When it Comes to Phishing Attacks Today it’s all About Mobile

When it Comes to Phishing Attacks Today it’s all About Mobile

If you get hit with a phishing attack today, most likely it will be your mobile device. That’s because mobile is where hackers are spending their creative energy.

According to an article on Hacker News this week, a new phishing attack was uncovered that is “based on the idea that a malicious web page could mimic [the] look and feel of the browser window to trick even the most vigilant users into giving away their login credentials to attackers.”

Continue reading “When it Comes to Phishing Attacks Today it’s all About Mobile” »