---
title: "Cyber Security News Update, Week 52 of 2019 | DuoCircle"
description: "Like to play video games? Then you’re a target for a phishing scam. This week’s scam of the week, courtesy of Meta Compliance, is targeted at PlayStation users."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-52-of-2019/"
---

Quick Answer

Week 52, 2019 cyber news: PlayStation users targeted by phishing DMs posing as Elder Scrolls Online developers and threatening 15-minute account bans; UK first-time home buyers lose 94,000 to email-intercept fraud impersonating their conveyancer; PayPal phishing emails fake unusual login alerts; Microsoft cites three top 2019 phishing techniques (Google search hijacks, fake 404 login pages, MITM logo capture) and reports Office 365 inbound phishing doubling year over year to 0.6%; LightInTheBox leaves 1.6 billion records exposed; LifeLabs pays ransom after a breach affecting 15 million; RavnAir cancels Alaska flights after a cyberattack.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-52-of-2019%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cyber%20Security%20News%20Update%2C%20Week%2052%20of%202019&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-52-of-2019%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-52-of-2019%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-52-of-2019%2F&title=Cyber%20Security%20News%20Update%2C%20Week%2052%20of%202019 "Share on Reddit") [ ](mailto:?subject=Cyber%20Security%20News%20Update%2C%20Week%2052%20of%202019&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-52-of-2019%2F "Share via Email") 

![Cyber Security](https://media.mailhop.org/duocircle/images/2019/12/hosted-email-server-8532.jpg) 

Like to play video games? Then you’re a target for a **phishing scam**. This week’s scam of the week, courtesy of [Meta Compliance](https://www.metacompliance.com/blog/playstation-users-targeted-by-sophisticated-phishing-scam/), is targeted at PlayStation users.

According to the article, “PlayStation users are being warned that _scammers are disguising themselves as The Elder Scrolls Online developers in a bid to trick players into disclosing their login credentials_. The crooks are targeting PlayStation users via private messages that state their account will be banned if login credentials are not provided within 15 minutes.”

## First Time Buyers Scam

_Imagine you save for years to amass a down payment on a home and lose it to a phishing scammer_. That’s exactly [what happened](https://www.todaysconveyancer.co.uk/main-news/first-time-buyers-become-victims-phishing-scam/) to first time buyers in the UK who **lost £94,000** “when funds were cruelly stolen from them by fraudsters which they thought had safely been transferred to their solicitors.”

The “First time buyers (FTBs) lost their money through what is known as an ‘phishing attack’ after fraudsters **intercepted emails** between them and their conveyancer.” Just sad.

[![Phishing Scam](https://media.mailhop.org/duocircle/images/2019/12/smtp-server-mail-3567.jpg)](https://media.mailhop.org/duocircle/images/2019/12/smtp-server-mail-3567.jpg)

## PayPal Phishing Scam

_You’d think by now people wouldn’t trust a single email they ever received from PayPal, but it’s still being used in phishing attacks_. According to [Bleeping Computer](https://www.bleepingcomputer.com/news/security/paypal-phishing-attack-promises-to-secure-accounts-steals-everything/), “An ongoing **phishing campaign** is _targeting PayPal customers with emails camouflaged as ‘unusual activity’ alerts warning them of suspicious logins from unknown devices_ and attempting to squeeze them dry of all their credentials and financial info.”

“To make sure that the potential victims are scared straight and more than willing to click on the **link embedded** within the phishing message, the attackers say that their accounts are limited until they’re secured by confirming their identity.”

## Phishing Phrontier

What were the most cunning **phishing attacks** in 2019? Microsoft has some very definite opinions about that. According to the company, “_The three new techniques that made Microsoft’s most creative list for 2019 involved hijacking Google search results_; creating custom ‘404’ Not Found error pages that were crafted as Microsoft login phishing pages; and using a **man-in-the-middle** component that captured legitimate Microsoft logos to simulate Microsoft sign-in pages.”

“_The three techniques are part of the reason Microsoft has observed a significant rise in phishing attacks in recent years_. Earlier this month it flagged the percentage of phishing emails to Office 365 users had climbed from [0.3% to 0.6% over the past year](https://www.zdnet.com/article/microsoft-spear-phishing-email-has-doubled-in-a-year-so-heres-how-to-beat-it/), continuing the two-year trend of two-fold year-over-year increases in **inbound phishing email**.”

[![email security services](https://media.mailhop.org/duocircle/images/2019/12/email-sending-services-9053.jpg)](https://media.mailhop.org/duocircle/images/2019/12/email-sending-services-9053.jpg)

## Canadian Banks Scam

At some level, _you have to be impressed with anyone who can keep a scam going for three years_. According to an article on [SC Magazine](https://www.scmagazine.com/home/security-news/phishing/phishing-operation-picks-on-canadian-banks-since-at-least-2017/?utm%5Fsource=newsletter&utm%5Fmedium=email&utm%5Fcampaign=SCUS%5FNewswire%5F20191224&hmSubId=01xQvtS0ero1&email%5Fhash=0da939dab246e8101d6090def505f6f5&mpweb=1325-11728-1896988), that’s exactly what’s been happening to Canadian banks. “Researchers recently discovered a large-scale **phishing email operation** that has been targeting primarily customers without [email security services](/) of Canadian banking chains since at least 2017\. _The emails generally attempt to trick recipients into revealing their credentials on a phishing page that utilizes a lookalike domain and impersonates a log-in screen_.”

## Body Count

_When it comes to getting hacked, we’re always impressed when the number of victims exceeds a billion_. At that number, you’re talking about a non-insignificant portion of the entire planet. Such was the case when news broke [this week](https://www.scmagazine.com/home/security-news/data-breach/1-6-billion-lightinthebox-customer-records-left-exposed/?utm%5Fsource=newsletter&utm%5Fmedium=email&utm%5Fcampaign=SCUS%5FNewswire%5F20191224&hmSubId=01xQvtS0ero1&email%5Fhash=0da939dab246e8101d6090def505f6f5&mpweb=1325-11680-1896988) about **1.6 billion** LightInTheBox customer records being left exposed.

According to the article, “_An unsecured database operated by the online retailer LightInTheBox left 1.3TB of data containing 1.6 billion shopper records exposed for a three-month period this year_.” This was a dangerous breach to victims “exposing them to not only a cyberattack but potentially a physical confrontation as the data included enough clues to allow a malicious actor to discover their home address.”

## LifeLabs Ransomware Attack

_When you fall victim to a ransomware attack, you have to do what you have to do_, which in some cases means paying the ransom. That was the case [this week](https://www.scmagazine.com/home/security-news/ransomware/lifelabs-pays-ransom-to-regain-stolen-data-15-million-affected/?utm%5Fsource=newsletter&utm%5Fmedium=email&utm%5Fcampaign=SCUS%5FNewswire%5F20191224&hmSubId=01xQvtS0ero1&email%5Fhash=0da939dab246e8101d6090def505f6f5&mpweb=1325-11689-1896988) when the Canadian health diagnostics firm LifeLabs chose to play an undisclosed amount of **ransom to cybercriminals** to retrieve stolen customer data.

“LifeLabs president and CEO Charles Brown said the decision to pay the malicious actors was taken in in collaboration with **cybersecurity experts** familiar who handle cyberattacks and negotiations with cybercriminals. The data accessed in the attack included name, address, email, login, passwords, date of birth, health card number and lab test results.”

## RavnAir Cyber Attack

_Sometimes a cyberattack costs the victims money. Sometimes it costs them their identity_. And sometimes it’s just a pain in the neck. That’s [the story](https://www.securityweek.com/cyber-attack-forces-airline-cancel-flights-alaska) this week when a cyber-attack forced an airline to cancel flights in Alaska.

“_RavnAir canceled at least a half-dozen flights in Alaska on Saturday, at the peak of holiday travel_, following what the company described as a malicious cyber-attack on its computer network. _The cancellations affected around **260 passengers**_.”

And that’s the week that was.

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 3m  Alert: Fix SPF & DKIM Settings For Your Email Forwarding Set Up Through Microsoft o365 SMTP Server Or Your Emails May End Up In Spam  Jul 20, 2021 ](/blog/announcements/alert-fix-spf-dkim-settings-for-your-email-forwarding-set-up-through-microsoft-o365-smtp-server-or-your-emails-may-end-up-in-spam/)[  News 1m  April Spam Filtering Uptime Report  May 4, 2016 ](/blog/announcements/april-spam-filtering-uptime-report/)[  News 2m  Changes to Spam Filtering Technology  Feb 8, 2023 ](/blog/announcements/changes-to-spam-filtering-technology/)[  News 4m  Cyber Security News Update, Week 1 of 2020  Jan 3, 2020 ](/blog/announcements/cyber-security-news-update-week-1-of-2020/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 52 of 2019","description":"Like to play video games? Then you’re a target for a phishing scam. This week’s scam of the week, courtesy of Meta Compliance, is targeted at PlayStation users.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-52-of-2019/","datePublished":"2019-12-29T02:59:05.000Z","dateModified":"2025-05-26T12:40:25.000Z","dateCreated":"2019-12-29T02:59:05.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-52-of-2019/"},"articleSection":"announcements","keywords":"","wordCount":794,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2019/12/hosted-email-server-8532.jpg","caption":"Cyber Security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Cyber Security News Update, Week 52 of 2019","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-52-of-2019/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Cyber Security News Update, Week 52 of 2019","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-52-of-2019/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 52 of 2019","description":"Like to play video games? Then you’re a target for a phishing scam. This week’s scam of the week, courtesy of Meta Compliance, is targeted at PlayStation users.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-52-of-2019/","datePublished":"2019-12-29T02:59:05.000Z","dateModified":"2025-05-26T12:40:25.000Z","dateCreated":"2019-12-29T02:59:05.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-52-of-2019/"},"articleSection":"announcements","keywords":"","wordCount":794,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2019/12/hosted-email-server-8532.jpg","caption":"Cyber Security","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```
