The latest Threat Intelligence Report is out. Its findings are based on an analysis of 195 billion emails analyzed from January through June 2020. Of that large number, an astonishing 47% were flagged as malicious or spam.
It won’t come as a shock to learn that there were two main themes in the threatening emails this spring. According to HelpNetSecurity, “Two main trends ran throughout the analysis: the desire for attacker’s monetary gain and continued reliance on COVID-19-related campaigns, especially within certain vertical industries.” From the report, “One of the most significant observations of this research is that threat actors are launching opportunistic and malware-based campaigns across multiple verticals at volumes never seen before.”
Continue reading “What we Know from the Latest Email Threat Research” »
The Simple Mail Transfer Protocol (SMTP) server is a communication protocol or the technology behind email communication. In other words, SMTP is the protocol that allows you to send and receive emails. Every SMTP server has a unique address and needs to be set up in the mail client that you are using. If you are using SMTP host Gmail for example, then the SMTP address is smtp.gmail.com. If you want to find the address of the SMTP server you are currently using, you can easily find it in your email client settings.
Continue reading “Everything You Need To Know About SMTP Server And Why Do You Need One” »
After 89 years, the Washington Redskins are losing their team name. But, that’s not the only thing that got lost this week. So, too, did people’s money who tried to purchase the suddenly-hard-to-find merchandise.
According to Scamicide, “the termination of the old name and the refusal of major retailers such as Amazon, Walmart and Target to sell Redskins jerseys, caps and other merchandise carrying the old name and logo has created a demand by many people seeking to purchase the soon to be rare merchandise with the old name and logo. While there are legitimate sellers of these items, scammers have also sprung into action and have set up websites offering the merchandise at bargain prices. Of course, these bargain prices are no bargain because after you order the merchandise online, the merchandise never comes.” Maybe you should wait to buy a new jersey.
Continue reading “Cyber Security News Update – Week 32 of 2020” »
It’s 2020, which means it’s time for another Presidential election in the U.S. The big question is, who will win? But an even bigger question is, will we be able to trust the outcome? There are evil forces out there who’d love nothing better than to manipulate the outcome of the election for their own purposes. And what way are they most likely to do that? Through phishing, of course.
Continue reading “Will we be Able to Trust the Outcome of U.S. Elections Ever Again?” »
SMTP (Simple Mail Transfer Protocol) is a primary communication protocol to transfer emails between servers. An SMTP mail server uses a relay service to communicate with another SMTP server. Mostly, SMTP email servers are ideal for outgoing email updates, newsletters, and website notifications. SMTP relay service is a means to make these frequent email communications much more efficient with a web application, WordPress website, and a custom domain address. Email communication efficiency significantly impacts an organization’s day-to-day functions.
Continue reading “Learn How To Configure SMTP Relay Service G Suite & Set Up Custom Domain Address For G-Suite Gateway” »
Amazon Prime users beware. There’s a scam out there and it’s direct right at you. According to Tech Radar, “The scammers target victims via an automated telephone call claiming that they have opened an Amazon Prime account and that they should ‘press one’ to cancel the transaction. However, doing so will connect the call to a fraudster posing as an Amazon customer service representative.
Continue reading “Cyber Security News Update – Week 31 of 2020” »
If you take an email security awareness training class, you’ll learn a dozen ways to spot phishing email. There are a lot of clues. Maybe the email contains poor spelling or grammar. Or maybe it contains an offer that’s just too good to be true. All of those are giveaways. But there is one clue that’s a more reliable predictor of a phishing email than any other one: the “from” address. If you truly know who the email is from, you’ll know whether or not it’s legitimate.
Continue reading “The Number One Clue to a Phishing Email (and what to do about it)” »
It’s always good when you can get a heads up on scams coming at you. This one courtesy of TechRepublic. According to an article there, here are the phishing email subject lines you need to be on the lookout for:
- Password Check Required Immediately
- Vacation Policy Update
- Branch/Corporate Reopening Schedule
- COVID-19 Awareness
- Coronavirus Stimulus Checks
- List of Rescheduled Meetings Due to COVID-19
- Confidential Information on COVID-19
- COVID-19 – Now airborne, Increased community transmission
- Fedex Tracking
- Your meeting attendees are waiting!
Thanks to TechRepublic for that.
Continue reading “Cyber Security News Update – Week 30 of 2020” »
There are a lot of companies that depend on their employees to stop phishing attacks. In effect, their employees are their last line of defense. Seeing as how the cost of phishing attacks is now in the tens of billions of dollars per year (nobody knows the exact amount since victims are so reluctant to come forward), it seems like the employees stopping phishing attacks thing isn’t working too well. And now we know why.
Continue reading “The One Stat That Lets You Know You Need Help Stopping Phishing Attacks” »
Your computer and smartphone aren’t the only ways you can get scammed. You can also get scammed at the gas pump. This week the FTC issued a warning about credit card skimmers at gas pumps.
“Recently, the Federal Trade Commission (FTC) issued a warning about the dangers presented by skimmers on gas pumps. Skimmers are small electronic devices that are easily installed by an identity thief on gas pumps, ATMs and other card reading devices. The skimmer steals all of the information from old style magnetic strip credit card or debit cards which then enables the identity thief to use that information to access the victim’s bank account when the skimmer is used on a debit card. If a credit card is used, the identity thief can use the stolen information to access the victim’s credit card account. Each skimmer can hold information on as many as 2,400 cards.” Pay attention at the pump.
Continue reading “Cyber Security News Update – Week 29 of 2020” »
Most phishing attacks are pretty straight forward. You receive an email that convinces you to log into some website you’re familiar with. But, it’s just a convincing looking replica of the website and what you’re really doing is entering your credentials into a bogus site. Once you do that, the bad guys have your credentials, and depending on which ones, they can create a whole lot of havoc for you.
Continue reading “How Hackers can Phish You Without Stealing Your Credentials” »
If someone offers you free DNSSEC, just know, it’s a scam. This according to Bleeping Computer. “A very clever phishing campaign targets bloggers and website owners with emails pretending to be from their hosting provider who wants to upgrade their domain to use secure DNS (DNSSEC).”
“As it’s possible to determine who is hosting a domain for a website via the WHOIS records, IP addresses, and HTTP headers, the email scam is highly targeted and impersonates the specific hosting company used by a website.” If it seems too good to be true…
Continue reading “Cyber Security News Update – Week 28 of 2020” »
Everyone uses Gmail. After all, it’s free. And what’s even better is that it comes with free spam filtering. Of course, the old adage you get what you pay for still applies, and that was never more apparent than this week when Gmail’s spam filtering broke down and stopped working.
It was apparent almost instantly. From Newsgram, “Gmail users around the world were complaining about spam messages flooding their inbox over the weekend as the Google service was apparently suffering from a widespread problem with its email filters. Several Gmail users took to Twitter and other social media platforms like reddit to convey they were being bombarded with spam messages.”
Continue reading “When it Comes to Spam Filtering You Pretty Much Get What You Pay for” »
The FTC is coming down hard this week on those who didn’t protect victims but should have. The first case is the claim against Kohl’s for failure to provide information to identify theft victims fast enough so they could limit the damage.
From Scamicide, “Kohl’s Department Stores failed to provide information to victims of identity theft at Kohl’s when requested by many people. In response, the Federal Trade Commission brought legal action against Kohl’s. Kohl’s agreed to pay a $220,000 penalty to the FTC.” Way to go FTC. Continue reading “Cyber Security News Update – Week 27 of 2020” »
For the longest time, the number one delivery mechanism for ransomware was a phishing email. As much as 91% of ransomware was delivered that way. And then things changed.
According to an article on ZDNet, “in recent years, attackers have successfully pivoted to using remote ports, insecure public-facing servers and other vulnerabilities in enterprise networks to encrypt entire networks – often demanding hundreds of thousands of dollars in payment to release the data again.”
Continue reading “After a Hiatus Phishing Emails Once Again Being Used to Deliver Ransomware” »
It’s difficult to try and quantify how COVID-19 has impacted business. New ways of doing business, like work from home (WFH), have emerged to affect every aspect of daily business life. COVID-19 and WFH combined have had a ripple effect on other aspects of business like bring-you-own-device (BYOD) and the adoption of cloud services as a standard part of business. And through all these recent changes, one thing is clear: people still use email predominantly to communicate with each other.
Continue reading “What You Need to Know About How COVID-19 has Impacted Email Hosting” »
This week’s scam target? Sneakers. The trap? Free sneakers.
From Hype Beast, “According to welivesecurity, messages are being sent that claim adidas is giving away 2,500 pairs of sneakers to honor its 69th anniversary. The process begins from a suspicious link on WhatsApp to a site that gathers your geolocation and IP address, that eventually leads to an archaic four-question survey that qualifies the individual for the free shoes. Of course, no shoes will ever be delivered to round out the scheme.” If it sounds too good to be true…
Continue reading “Cyber Security News Update – Week 26 of 2020” »
What’s more dangerous than a phishing attack that uses a social engineering tactic to get you to click? How about a phishing attack that uses a combination of TWO social engineering tactics to get you to click? And that’s exactly what was detected this week according to InfoSecurity Magazine.
In this case, the two social engineering tactics are phishers hiding COVID-19 malware in both CVs (curriculum vitae or resumes) AND medical leave forms. According to the article, “Cyber-criminals are taking advantage of the evolving jobs market and employee health situation under COVID-19 to disguise malware in various emailed documents. The phishing campaigns spotted center around spoofed CVs and medical leave forms.”
Continue reading “The Always Dangerous Combination Phishing Attack” »
Not as many people use Discover credit card as those who use Visa and MasterCard. Maybe that’s why it makes our scam of the week.
From Scamicide, “a new phishing email presently being sent to unsuspecting people that appears to come from Discover. A telltale sign that this is a phishing email is that the email address of the sender was one that has nothing to do with Discover and was most likely part of a botnet of computers infected by scammers and then used to send out the phishing email in a way that is not readily traceable back to the scammer.” Those clever little scammers.
Continue reading “Cyber Security News Update – Week 25 of 2020” »
Everyone will acknowledge that spam emails are a constant nuisance. Spam remains a regular interruption in our daily lives, where we have to spend time to open and delete those emails. Though not always, they also pose severe threats to our systems and can cripple our networks. Spamming in today’s digital era is a billion-dollar industry where companies even go so far as to use this as a professional technique to promote their services.
Continue reading “Anti-Spam Filters and How They Work” »