The only thing most people know about two-factor authentication (2FA) is that it’s supposed to make online activity safer, and for the most part, it does. But, as you’ll see, it doesn’t do anything to protect you from a phishing attack if the phishing attack is really good.
Continue reading “How the Latest Scam Shows Two-factor Authentication Doesn’t Prevent Phishing” »
Think you’re getting paid back for that data breach? Think again because it’s a scam. According to Kim Komando, “Scammers appear to have set up a website claiming to be run by the ‘US Trading Commission’ that promises financial compensation for the leakage of personal data.” There’s only one problem with this. There’s no such thing as the US Trading Commission. “Instead, this highly detailed fraudulent website preys upon hapless data breach victims.”
Continue reading “Cyber Security News Update – Week 4 of 2020” »
The real trick to any phishing scam is getting the victim to let their guard down. Every technique imaginable has been tried. But maybe the most effective one is the one that’s now being used in more phishing attacks: conversation hijacking.
Continue reading “You May Think You Know Who You’re Communicating With via Email but You Don’t” »
(San Diego, CA – January 16, 2020)
DuoCircle is pleased to announce that it recently received its AICPA Service Organization Control 2 (SOC 2) Type 1 Report. This report provides detailed information regarding DuoCircle’s policies and controls relevant to security, availability, and confidentiality of data. DuoCircle meets the SOC 2 standards for Security and Availability Trust Services Principles with zero exceptions listed.
Continue reading “For Immediate Release: DuoCircle Completes SOC 2 Compliance & Certification” »
If it’s in the news, it will probably be used in a scam shortly thereafter, and such was the case this week. According to an article on Bleeping Computer, “An attacker is attempting to take advantage of the recent warnings about possible Iranian cyberattacks by using it as a theme for a phishing attack that tries to collect Microsoft login credentials.”
Continue reading “Cyber Security News Update – Week 3 of 2020” »
If you want bona fide proof that someone is smart, what would you look for? A medical degree? A PhD? How about a Nobel Prize? Yes. If someone has won a Nobel Prize, it’s pretty safe to assume they’re smart. But, smart enough to avoid getting phished? Maybe not, because that’s exactly what happened recently.
According to Yahoo News, “Nobel laureate Paul Krugman said he likely fell for a phishing scam.” Yep, that Paul Krugman. “The Distinguished Professor of Economics at the Graduate Center of the City University of New York, and a columnist for The New York Times.” He knows economics. Email security not so much.
There were pre-holiday phishing attacks and holiday phishing attacks. So, it should come as no surprise that there are post-holiday phishing attacks. According to KLFY.com, phishing emails are targeting shoppers with post-holiday offers.
“Here’s how the scam works: You receive an unsolicited email or text message that appears to be from a major retailer claiming you have a new reward. Experts have seen scammers use the names of Amazon, Kohls, and Costco… but any company can be spoofed. You open the message, and it looks real. It includes a company logo, colors, and a link to claim the reward points or gift from your recent holiday shopping.” You’ve been warned.
Continue reading “Cyber Security News Update – Week 2 of 2020” »
Most spam is annoying, but harmless. Unless of course it’s the basis of a sextortion scam. If you’re not familiar, sextortion is a form of sexual exploitation that employs non-physical forms of coercion to extort money or sexual favors from the victim. For instance, if someone threatens that they can blame you for child pornography and will do so unless you pay them a ransom, that’s a form of sextortion.
Continue reading “The New Trick to Bypass Your Spam Filter” »
(San Diego, CA – January 8, 2020)
DuoCircle is a cloud-based email security solutions company and DuoCircle is offering a Free MX Backup Services account to help ease some of the business impact that the fires have had on Australia.
Hackers are at it again using PayPal to dupe unsuspecting users into stealing their data. According to The Payers, “researchers have spotted an ongoing phishing campaign targeting PayPal customers, where hackers are trying to gain access to customers’ credentials to the payment service.”
The article went on to say, “Targeted customers receive emails camouflaged as ‘unusual activity’ alerts warning them of suspicious logins from unknown devices, with the hidden purpose of stealing all their credentials and financial info. To make sure that the potential victims are willing to click on the link embedded within the phishing message, the attackers say that their accounts are limited until they are secured by confirming their identity.”
Continue reading “Cyber Security News Update – Week 1 of 2020” »