---
title: "Cyber Security News Update, Week 32 of 2019 | DuoCircle"
description: "We’re always impressed when fraudsters come up with new and clever ways to execute phishing scams and this week didn’t disappoint us."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2019/"
---

Quick Answer

Cybersecurity headlines for the week of August 10, 2019\. Korean Air warned customers of phishing scams using fake e-tickets after receiving multiple complaints. Follow-on phishing tied to the $700 million Equifax settlement asked victims to confirm details to claim the $125 cash payment or free credit monitoring. Accenture's iDefense flagged the MegaCortex ransomware campaign targeting enterprises through compromised domain controllers. The body count covers a string of fresh data breaches reported in the week. The City of Naples, Florida, lost about $700,000 to a BEC-style attack in which fraudsters posed as a contractor and rerouted a wire payment.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-32-of-2019%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cyber%20Security%20News%20Update%2C%20Week%2032%20of%202019&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-32-of-2019%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-32-of-2019%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-32-of-2019%2F&title=Cyber%20Security%20News%20Update%2C%20Week%2032%20of%202019 "Share on Reddit") [ ](mailto:?subject=Cyber%20Security%20News%20Update%2C%20Week%2032%20of%202019&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-32-of-2019%2F "Share via Email") 

![DuoCircle blog post image](https://media.mailhop.org/duocircle/images/2019/08/SMTP-email-4777.jpg) 

We’re always impressed when fraudsters come up with new and clever ways to execute phishing scams and this week didn’t disappoint us. This week we get word of a phishing scam disguised as fake e-tickets for Korean Airlines.

According to the article, “South Korean flag carrier Korean Air (KE) has warned customers against **phishing scams** using fake e-tickets. Seungwon Chung, KE Global Communications deputy general manager, confirmed with the Philippine News Agency (PNA) on Monday that the carrier has received \[a\] few complaints regarding this recently.”

When it comes to phishing attacks, did you ever notice how _one attack almost always leads immediately to a follow-on attack_? Most people by now are aware of the [data breach](https://www.consumer.ftc.gov/blog/2017/09/equifax-data-breach-what-do) at credit agency Equifax. As part of the [$700 million settlement](https://www.cnbc.com/2019/07/25/how-to-claim-your-compensation-from-the-equifax-data-breach-settlement.html), Equifax has [agreed](https://www.equifaxbreachsettlement.com/) to a cash payment of up to $125 or free credit monitoring for victims. Well, it didn’t take long for criminals to cease that information to use in another attack.

According to an [article](https://blog.knowbe4.com/scam-of-the-week-equifax-settlement-phishing) on security awareness firm KnowBe4’s website, “Internet lowlifes are now targeting victims of the Equifax data breach with **phishing attacks** and are spoofing Equifax’s settlement page.” That’s pretty low.

In an effort to summarize the carnage, [Dark Reading](https://www.darkreading.com/attacks-breaches/8-head-turning-ransomware-attacks-to-hit-city-governments/d/d-id/1335424?%5Fmc=NL%5FDR%5FEDT%5FDR%5Fweekly%5F20190808&cid=NL%5FDR%5FEDT%5FDR%5Fweekly%5F20190808&elq%5Fmid=92335&elq%5Fcid=28171904) this week gave us “8 Head-Turning **Ransomware Attacks** to Hit City Governments.” They are:

1. Georgia/Atlanta courts
2. Riviera Beach, Florida
3. Lake City, Florida
4. Baltimore, Maryland
5. Louisiana
6. Greenville, North Carolina
7. Johannesburg, South Africa
8. West Haven, Connecticut

I wonder who will be on the list next week.

[![Phishing](https://media.mailhop.org/duocircle/images/2019/08/SMTP-email-4778.jpg)](https://media.mailhop.org/duocircle/images/2019/08/SMTP-email-4778.jpg)

## Phishing Phrontier

_Hackers keep pushing the state-of-the-art when it comes to phishing._ It shouldn’t come as a surprise though. Afterall, what else have they got to do? And the big emphasis continues to be on mobile.

The latest details come from the 2019 [Mobile Threat Landscape Report](https://www.crowdstrike.com/resources/reports/mobile-threat-report-2019/) produced by Crowdstrike. The report identifies six categories of mobile malware. They include the following:

1. Remote access tools
2. Spouseware/stalkerware
3. Banking trojans
4. Mobile ransomware
5. Cryptomining malware
6. Advertising click fraud

Perhaps the most important finding in the report is that “The current maturity level of mobile security solutions lags behind that of traditional platforms, leading to longer potential attacker dwell times on compromised mobile devices.” In other words, _your mobile device is more vulnerable than your desktop_.

## MegaCortex

Do you know what’s better than manually launching a ransomware attack? Automating it so it launches itself. And that’s precisely what attackers have done with ransomware called **_MegaCortex_**.

According to a [Cyber Advisory](https://www.accenture.com/%5Facnmedia/pdf-106/accenture-technical-analysis-megacortex.pdf#zoom=50) by Accenture Security, “The authors of MegaCortex v2 have redesigned the ransomware to self-execute and **removed the password requirement** for installation.”

From an [article](https://www.darkreading.com/attacks-breaches/ransomware-used-in-multimillion-dollar-attacks-gets-more-automated/d/d-id/1335446?%5Fmc=NL%5FDR%5FEDT%5FDR%5Fweekly%5F20190808&cid=NL%5FDR%5FEDT%5FDR%5Fweekly%5F20190808&elq%5Fmid=92335&elq%5Fcid=28171904) on Dark Reading website, “Security researchers first spotted MegaCortex earlier this year targeting enterprise organizations in the US, Canada, and Europe. During one stretch in May, researchers at Sophos counted 47 targeted attack attempts to install MegaCortex in a 48-hour period. Organizations that have been hit by the malware without a proper [email security service](/) have faced ransom demands ranging from a relatively modest $20,000 to a stunning $5.8 million.” _With the automation of MegaCortex, cybercriminals have unwittingly invented a new form of passive income._

## Body Count

Cities, municipalities and counties are under constant attack from scammers and the body count continued to rise this week as “Cybercriminals managed to divert $2.5 million in a business email compromise (BEC) scam targeting Cabarrus County, North Carolina,” according to an [article](https://www.securityweek.com/scammers-grab-25-million-north-carolina-county-bec-scam) on Security Week. [BEC](https://www.fbi.gov/news/stories/business-e-mail-compromise-on-the-rise) “targets employees with access to company finances and tricks them into making wire transfers to bank accounts thought to belong to trusted partners, except the money ends up in accounts controlled by the criminals.”

According to the article, “The attack started when employees of Cabarrus County Schools and Cabarrus County Government received emails pretending to be from the general contractor for construction of West Cabarrus High.”

[![cyberattack](https://media.mailhop.org/duocircle/images/2019/08/SMTP-email-4776.jpg)](https://media.mailhop.org/duocircle/images/2019/08/SMTP-email-4776.jpg)

## Attack on City of Naples

In a slightly less costly cyber-attack, “Scammers trick\[ed the\] City of Naples out of $700,000 in spear phishing cyber-attack,” according to the [Naples Daily News](https://www.naplesnews.com/story/news/local/2019/08/02/scammers-trick-naples-out-700-000-spear-phishing-cyber-attack/1902321001/).

“The funds were paid to a fake bank account the attacker provided while posing as a representative from the Wright Construction Group, which was doing infrastructure work on Eighth Street South in downtown Naples.” Do you see a theme here? Fake construction invoices.

Under the category of “we got off easy,” comes news from the [Kane County Chronicle](https://www.shawlocal.com/2019/07/26/batavia-company-defrauded-of-more-than-27k-in-spear-phishing-scam/ao05szg/) that a “Batavia company \[was\] defrauded of more than $27k in spear phishing scam.”

“According to police reports, electronic communication equipment was ordered via email from a known customer. The company shipped it to Ohio and learned later that the order was fraudulently placed because the known customer did not place it.”

And that’s the week that was.

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 3m  Alert: Fix SPF & DKIM Settings For Your Email Forwarding Set Up Through Microsoft o365 SMTP Server Or Your Emails May End Up In Spam  Jul 20, 2021 ](/blog/announcements/alert-fix-spf-dkim-settings-for-your-email-forwarding-set-up-through-microsoft-o365-smtp-server-or-your-emails-may-end-up-in-spam/)[  News 1m  April Spam Filtering Uptime Report  May 4, 2016 ](/blog/announcements/april-spam-filtering-uptime-report/)[  News 2m  Changes to Spam Filtering Technology  Feb 8, 2023 ](/blog/announcements/changes-to-spam-filtering-technology/)[  News 4m  Cyber Security News Update, Week 1 of 2020  Jan 3, 2020 ](/blog/announcements/cyber-security-news-update-week-1-of-2020/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 32 of 2019","description":"We’re always impressed when fraudsters come up with new and clever ways to execute phishing scams and this week didn’t disappoint us.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2019/","datePublished":"2019-08-10T19:57:48.000Z","dateModified":"2025-05-20T14:49:07.000Z","dateCreated":"2019-08-10T19:57:48.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2019/"},"articleSection":"announcements","keywords":"","wordCount":771,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2019/08/SMTP-email-4777.jpg","caption":"DuoCircle blog post image","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Cyber Security News Update, Week 32 of 2019","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2019/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Cyber Security News Update, Week 32 of 2019","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2019/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 32 of 2019","description":"We’re always impressed when fraudsters come up with new and clever ways to execute phishing scams and this week didn’t disappoint us.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2019/","datePublished":"2019-08-10T19:57:48.000Z","dateModified":"2025-05-20T14:49:07.000Z","dateCreated":"2019-08-10T19:57:48.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-32-of-2019/"},"articleSection":"announcements","keywords":"","wordCount":771,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2019/08/SMTP-email-4777.jpg","caption":"DuoCircle blog post image","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```
