If you subscribe to the notion that hackers go where the users are, it’s not surprising that Microsoft Remains the #1 Impersonated Brand in Phishing Attacks. Others making up the top five include PayPal, Netflix, Facebook and Bank of America, which confirms the theory.
Continue reading “If You Want to Get Phished Use Microsoft” »
There’s a lot of spam out there. More than 14.5 billion spam messages are sent each day by some estimates. To the extent that anyone thinks about it, they probably envision that spam coming from a bunch of spammers in some third-world countries, but that’s rarely the case.
Continue reading “Outbound Spam Filtering – Microsoft Finally Gets On Board” »
It’s why awareness training will never be good enough. And it’s why the best phishing protection technology may always fall a little short. The truth is, some of the best and brightest minds around are using their smarts to come up with more clever and more undetectable phishing exploits. It’s a technological arms race, and maybe the best you can ever hope for is a tie.
A remote vulnerability has been discovered in the EXIM email server that allows an attacker to run commands as root.
https://www.zdnet.com/article/new-rce-vulnerability-impacts-nearly-half-of-the-internets-email-servers/
If your mail server is running EXIM our email gateway can offer you complete protection from this exploit and can keep your users safe. The service is cloud-deployed and fully managed and can scale from a single domain to hosting providers needing filtering for tens of thousands of domains.
Phishing attacks are everywhere, and so is advice for how to prevent them. None of the advice offered is wrong, it’s just woefully incomplete.
A recent article on the Security Week website, Business Email Compromise Still Reigns, discusses the FBI’s annual Internet Crime Complaints Center (IC3) report and why business email compromise (BEC)—a type a phishing attack—is so prevalent.
Continue reading “Why Most Phishing Prevention Advice Falls Short” »
It’s not surprising that hackers use W-2 phishing scams during tax season. Taking advantage of topical and popular subjects is at the heart of social engineering. But, the W-2 scams don’t usually target taxpayers.
According to the article on CSO Online, “The W-2 scam tries to take advantage of folks in accounting, controller and HR roles by presenting urgent
Continue reading “Just When You Thought Taxpayer Phishing Season Was Over” »
Imagine your company just fell victim to a ransomware attack. What would you do? One group of doctors decided to retire rather than pay the ransom. The officials in Jackson County, Georgia decided to pay the $400,000 ransom. The city of Chicago paid more than $1 million. So, what would you do?
Continue reading “One More Reason to Avoid a Ransomware Attack” »
If you ever find yourself the victim of a phishing attack and ransomware, you’ll only have a few options to try and deal with your circumstances.
Today, successful ransomware attacks involve stolen or encrypting the victim’s data. And to get it back, you have to pay the ransom. Of course, paying the ransom is no guarantee that you’ll get your data back, but it’s certainly higher than not paying it.
Continue reading “How One Successful Phishing Attack Lead to Forced Early Retirement” »
Earlier today our mail servers prevented some email from reaching some customers. The messages that were impacted had .co.uk in their domain name. Other messages were unaffected.
That’s more than 30% of people on the planet with internet access. In one month! All of that during April 2019, bringing the annual total to 5.64 billion. I wonder what will happen in May.
An article on IT Governance Blog details all of the cyber-attacks, ransomware, data breaches and financial information that was compromised during the most recent month. There’s over 70 in the list including 25 healthcare providers and 19 schools and government agencies. I doubt the list is complete.
Continue reading “Seriously? Over 1 Billion Records Leaked in One Month” »
The last season of Game of Thrones (GoT) is finally on air, and everyone seems to be excited about it! GoT is one of the most successful shows ever to be shown on TV. However, the massive popularity of the show has lead to cybercriminals exploiting people’s love for it by tricking individuals into various online scams, and many people have lost their hard earned money by fraudulent emails in circulation nowadays.
Continue reading “Game of Thrones Phishing Scams: What Do You Need To Know?” »
(San Diego, CA – April 24, 2019)
DuoCircle LLC is an integrated, cloud-based email solutions company. DuoCircle has purchased Commando.io, a service that helps IT companies simplify server management. Commando.io is a web-based platform for running commands on servers via SSH.
Continue reading “DuoCircle Purchases Service that Simplifies Server Management” »
If you haven’t heard lately, when it comes to getting phished, municipalities and local governments aren’t doing too well. And it’s costing them a lot of money.
According to a recent article on SC Magazine website, four different municipalities were hit with ransomware attacks during the week of April 15, 2019. The article said, “Augusta, Maine; Imperial County, Calif.; Stuart, Fla.; and Greenville, N.C. were all in different stages of recovering from ransomware attacks over the last seven days.”
Continue reading “Phishing Prevention Technology: Why Aren’t Municipalities Onboard?” »
SMTP service (i.e., email) today is a commodity. So much so, that many businesses pay some other business to “host” their SMTP service for them. This enables the business to send and receive email without having to buy, set up or manage an SMTP server. And judging by how prices have come down over time, it’s fair to assume that there are a lot of hosted SMTP service providers.
Phishing protection is big business. There are many providers out there using advanced technologies to protect companies of all sizes. And these technologies are needed, because as research has shown, phishing protection education alone will not protect your company.
Continue reading “If You Can’t Trust Your Phishing Protection Company, Who Can You Trust?” »
We regularly help businesses migrate from one Office 365 to another Office 365 tenant. A verycommon use case involves the transition between (or within) email providers or splitting out business units or the migration of tenants between organizations. Microsoft warns that a new Office 365 tenant may be inaccessible for as long as 24 hours during the migration, which means there is a chance for email to be lost. Microsoft’s guide to migrating email accounts between Office365 tenants includes the following instruction:
Servers go down. And when they do it can negatively impact your business, from lost productivity to lost customers. You don’t want that to happen. Monitoring email is not as simple as checking to see if the port responds, you have to validate that the entire mail flow is functioning. So, how do you find out that your email server is down and not accepting emails or just taking too long to respond? More importantly, how long does it take for you to discover it? Minutes? Hours?
We live in a software-as-a-service (SaaS) world. It’s great being able to pay a monthly fee and have some other companies handle your organization’s services for you. There are all kinds of companies that provide SaaS services.
Continue reading “The One Big Drawback of Using SaaS Providers and What to do About it” »
It’s a common folklore that the greatest cyber-attacks in history are pulled off by genius hackers using clever hacking techniques to exploit a zero-day vulnerability on some obscure back-room database server. The reality is very different.
DuoCircle LLC is an integrated, cloud-based email solutions company. DuoCircle has launched AutoSPF, a service that helps companies avoid going over their DNS lookup limit by automatically flattening their SPF record. Going over the DNS lookup limited can keep emails from being delivered.
Continue reading “DuoCircle Launches Service that Automatically Flattens SPF Records” »