Phishing


COVID-19 Fear Leads to Trickledown Phishing Scams

COVID-19 Fear Leads to Trickledown Phishing Scams

One of the fastest-growing security threats today is coronavirus-based phishing scams. Here, scammers use people’s fear of the virus to get them to do something they shouldn’t.

According to an article on TechRepublic, “There has been a steady increase in the number of coronavirus COVID-19-related email attacks since January, according to security firm Barracuda Networks, but researchers have observed a recent spike in this type of attack, up a whopping 667% since the end of February. Skilled attackers are good at leveraging emotions to elicit response to their phishing attempts.”

Continue reading “COVID-19 Fear Leads to Trickledown Phishing Scams” »

Coronavirus Requires Two Quarantines

Coronavirus Requires Two Quarantines

By now, everyone has heard of COVID-19, the coronavirus rapidly spreading across the globe. In response to this fast-moving coronavirus, the international medical community has come up with a pretty simple, but effective way to stop it: quarantine. In other words, isolate yourself to keep from getting infected. And it seems to be working.

As hard as it may be to believe, there may actually be something spreading even faster than COVID-19. Coronavirus-themed scams and phishing attacks. And it’s only going to get worse because more people are working from home where they have even less protection from these threats than they do at work.

Continue reading “Coronavirus Requires Two Quarantines” »

How Chatbots Became a Phishing Tool

How Chatbots Became a Phishing Tool

Whenever someone develops technology to help people, you can be sure that eventually, hackers will figure out some way to use that same technology to phish people. Such is the case now with customer service chatbots.

Customer service chatbots are software-driven instant messaging apps which are designed to convince you that you are having a conversation with a real person. They are frequently found on ecommerce websites as a first line of customer support.

Continue reading “How Chatbots Became a Phishing Tool” »

Sometimes When You go Phishing You Catch a Shark

Sometimes When You go Phishing You Catch a Shark

It’s easy to assume that someone who is rich and famous is also tech savvy, but that’s not always the case. Take for example the news this week that Shark Tank star Barbara Corcoran lost almost $400,000 in a phishing scam.

According to an article in People Magazine, “The incident unfolded last week when Barbara’s bookkeeper received an email about an invoice ‘approving the payment for a real estate renovation.'”

Continue reading “Sometimes When You go Phishing You Catch a Shark” »

Phishing Attacks Get Really Scary When They Stop Attacking People and Start Attacking Systems

Phishing Attacks Get Really Scary When They Stop Attacking People and Start Attacking Systems

When you think about phishing attacks, most people think the ultimate goal is to get the victim’s credentials and use them to possibly impersonate them or steal their money. And mostly, that’s true. We hardly ever think that the ultimate target of a phishing attack might be an inanimate object. But more and more it’s becoming the case. And it’s getting pretty frightening.

Continue reading “Phishing Attacks Get Really Scary When They Stop Attacking People and Start Attacking Systems” »

How Something Meant to Protect Your Mobile Device is Being Used to Phish You

How Something Meant to Protect Your Mobile Device is Being Used to Phish You

Since mobile devices are essentially computers, it didn’t take long to figure out they needed to be protected like computers. That’s especially true given how frequently users download apps from the app store onto their mobile devices.

One example of mobile protection is Google Play Protect. Google Play Protect is Google’s built-in malware protection for Android devices. When you download an app from the Google Playstore, Google Play Protect automatically scans your device and makes sure your apps and everything else are safe. Sounds pretty good.

Continue reading “How Something Meant to Protect Your Mobile Device is Being Used to Phish You” »

Hackers Use Recent Tragedies to Target Phishing Victims

Hackers Use Recent Tragedies to Target Phishing Victims

Hackers have no soul. They will use any means available to target victims with phishing emails, including seizing on the latest widely-known tragedies. And you have to be aware of it.

On January 26th, Kobe Bryant, an internationally-recognized sports superstar died in a helicopter crash outside Los Angeles. It didn’t take long for the heartless hackers to try and take advantage of the tragic event. According to KDBJ7 in Virginia, “BBB warns of phishing and clickbait scams following the death of Kobe Bryant. The sender claims to be from a reputable news organization capitalizing on trending news with an exclusive video, image, or document they want to share with you. These links can lead users to a malicious website once clicked.”

Continue reading “Hackers Use Recent Tragedies to Target Phishing Victims” »

The News Gets Worse for Victims of Ransomware

The News Gets Worse for Victims of Ransomware

Hackers using ransomware to extort money from victims used to have a fairly straightforward playbook: gain access to the victims data, encrypt it and promise to decrypt it for the ransom. That by itself caused all kinds of havoc.

From Laporte, Indiana to Baltimore, Maryland, companies and municipalities found themselves scrambling to figure out how to decrypt their own data, or whether or not they should pay the ransom. And as bad as things got, these victims still had one thing going for them. While they couldn’t get to their data, nobody else could either, so at least it was safe from widespread public disclosure. Not anymore.

Continue reading “The News Gets Worse for Victims of Ransomware” »

The Newest Phishing Tactic Designed to Get You to Click

The Newest Phishing Tactic Designed to Get You to Click

Phishing is a pretty straightforward scam. Get victims to click on a link they shouldn’t. In that regard, hackers never stop evolving and coming up with clever new ways to trick victims into clicking. And it seems they’ve done it again.

The trick of course is to make a malicious URL look legitimate. In that endeavor, hackers are now using the date to make phishing URLs look normal. According to an article on PCMag website, “Scammers have been incorporating the date into their malicious internet domains to help them spoof legitimate websites.”

Continue reading “The Newest Phishing Tactic Designed to Get You to Click” »

Bad News for Phishing Attacks: AI is Coming

Bad News for Phishing Attacks: AI is Coming

If you’re responsible for email security at your company, then you’re acutely aware of the role that social engineering plays in effective phishing attacks. Social engineering is not a technology hack, it’s psychology hack. It doesn’t exploit technological weakness, it exploits human weakness. You can be sure the next phishing attack launched upon your organization will have, at its roots, social engineering.

Continue reading “Bad News for Phishing Attacks: AI is Coming” »

May the Force Be With You—That Force is a Phishing Attack

May the Force Be With You—That Force is a Phishing Attack

The newest Star Wars movie due out this week, The Rise of Skywalker, could just as easily be titled The Rise of Hackers, because they’re using the release of the over-hyped movie to target fans with a phishing attack.

As reported in SC Magazine, “Star Wars: The Rise of Skywalker is just being released into theaters today but cybercriminals were already assembling fake websites and social media profiles to deliver malware to fans, instead of something useful like the Death Star’s plans.”

Continue reading “May the Force Be With You—That Force is a Phishing Attack” »

The Latest Popular Service to Serve You up Phishing Emails: Spotify

The Latest Popular Service to Serve You up Phishing Emails: Spotify

If it’s a popular consumer service, you can bet that eventually, hackers will use it in phishing attacks. First it was Netflix, then it was Instagram and then Google and now Spotify.

Almost all communication with the services you use today is via email. Hackers know it, and that’s why phishing attacks aren’t going away any time soon. This time, it’s hackers going after Spotify customers with a phishing email that warns you that your payment didn’t go through.

Continue reading “The Latest Popular Service to Serve You up Phishing Emails: Spotify” »

How Hotels Leave You Vulnerable to Phishing Attacks

How Hotels Leave You Vulnerable to Phishing Attacks

If you invest in phishing protection software, which you should, you probably think you’re safe from phishing attacks. It would be nice if that were true, but it’s not. Unfortunately, we live in a tightly-coupled financial ecosystem where vulnerability to one of us is a vulnerability to all.

I’ll bet that when you stay at a hotel, you don’t give much thought to how the hotel’s vulnerability to phishing attacks can affect you. But you should. Because we live in a tightly-coupled financial ecosystem. And because the hospitality industry is under attack from cybercriminals.

Continue reading “How Hotels Leave You Vulnerable to Phishing Attacks” »

You’ll Never Guess What Technique Cyberspies Use to Hack into Google

You’ll Never Guess What Technique Cyberspies Use to Hack into Google

Government-backed cyberspies are always looking for a way to gain access to people’s sensitive information. One of their favorite targets is their Google account, since so many people store information there. And even if they don’t, a Google account can be a critical access point to sensitive information stored elsewhere.

So, what technique do you suppose these cyberspies prefer when it comes to hacking someone’s Google account? Is it a brute force password attack? How about a SQL injection attack? Man-in-the-middle attack? Nope. None of them.

Continue reading “You’ll Never Guess What Technique Cyberspies Use to Hack into Google” »

What Happens When a Phishing Email Isn’t?

What Happens When a Phishing Email Isn’t?

Everyone’s on the lookout for phishing emails today (or if they’re not, they should be). Some people are on high alert and are really good at spotting them. Are you?

What if you received an email that you were convinced was a phishing email, with all the telltale signs, but it wasn’t? That’s exactly what happened to customers of TriNet, one of the largest outsourced human resources providers in the United States, primarily for small-to-medium-sized businesses.

Continue reading “What Happens When a Phishing Email Isn’t?” »

Healthcare Organizations Still Reluctant to Protect Themselves from Phishing Attacks

Healthcare Organizations Still Reluctant to Protect Themselves from Phishing Attacks

What’s the old saying? Fool me once, shame on you. Fool me twice, shame on me. Apparently the shame is on the healthcare industry.

Despite numerous successful phishing attacks on healthcare organizations affecting almost 40 million people, the industry is still not sufficiently motivated to protect itself. From Security Boulevard, “to date in 2019 there have been 326 Hacking/IT Incidents affecting some 39,050,355 individuals. Of these incidents, 208 of them have been via email phishing attacks.”

Continue reading “Healthcare Organizations Still Reluctant to Protect Themselves from Phishing Attacks” »

Closing on a Home Loan? You’re a Prime Target for Getting Phished

Closing on a Home Loan? You’re a Prime Target for Getting Phished

At the end of the day, most phishing emails are based on the same thing: a plausible financial transaction. An email shows up, it involves a financial transaction you’re been expecting, you don’t give it another thought, you get phished.

The latest phishing scam is an email targeting homeowners seeking to secure a loan to purchase their home. According to Komo News, “It’s from someone using the name Larry Conrad with First American Title in Phoenix, Arizona. The greeting doesn’t address you by name but only says Hello—that’s your first clue. It says the loan has been cleared to close and the preliminary closing documents are attached.”

Continue reading “Closing on a Home Loan? You’re a Prime Target for Getting Phished” »

The Multiplying Effect of Vendor Email Compromise

The Multiplying Effect of Vendor Email Compromise

By now, most people know about the potential threat from business email compromise or BEC. With BEC, someone in a company gets their email taken over by a hacker and the hacker uses the trust implied in that email to exploit others in the company.

Formerly dubbed as Man-in-the-Email scams, BEC attackers rely heavily on social engineering tactics to trick unsuspecting employees and executives. Often, they impersonate the CEO or any executive authorized to do wire transfers.” As bad as BEC is, at least it threatens just a single company—the one with the compromised email.

Continue reading “The Multiplying Effect of Vendor Email Compromise” »

Phishers Sure are Cold-hearted

Phishers Sure are Cold-hearted

When you tell me that phishers go after large enterprises, I get it. There’s a lot of valuable data there. When you tell that they go after banks, cause that’s where the money is, I understand. But, when you tell me they’re going after relief agencies, I call them cold-hearted.

That’s the news making headlines from researchers at Lookout Security. According to a blog post there, they have “detected a mobile-aware phishing campaign targeting non-governmental organizations around the world, including a variety of United Nations humanitarian organizations, such as UNICEF.”

Continue reading “Phishers Sure are Cold-hearted” »

Ransomware Statistics Present A Grim Scenario About The Vulnerabilities Of The Users

Ransomware Statistics Present A Grim Scenario About The Vulnerabilities Of The Users

Given the proliferation of the internet and e-mails as the preferred means of communication, ransomware attacks are on an upward spree. Malware attacks 2017 show that nearly 40% of all e-mail spam contains ransomware. It brings forth the question, what exactly is ransomware?

It is a malware attack that cripples the victim’s files with unbreakable encryption. The cyber attacker then demands money, usually in the form of cryptocurrency (such as Bitcoins) to unlock the data. Hackers can spread ransomware through malicious e-mail attachments, infected external storage devices, infected software apps, and compromised websites. Some attacks also use remote desktop protocol and other approaches which do not rely on any user interaction.

Continue reading “Ransomware Statistics Present A Grim Scenario About The Vulnerabilities Of The Users” »

Please Enter Your Business Email Below to Continue

232325

Get Free Access to Phishing Protection Best Practices

  • Learn why hosted solutions like Office 365 are vulnerable to phishing.
  • Discover why you must protect both your employees AND your customers.
  • Read why checking reputation databases once a day is a waste of time.
  • Learn what real-time website scanning should look for.
  • Get strategies for saving time and money on email protection.

Sign Up Below... and Get Instant Access to the Report