If you subscribe to the notion that hackers go where the users are, it’s not surprising that Microsoft Remains the #1 Impersonated Brand in Phishing Attacks. Others making up the top five include PayPal, Netflix, Facebook and Bank of America, which confirms the theory.
There’s a lot of spam out there. More than 14.5 billion spam messages are sent each day by some estimates. To the extent that anyone thinks about it, they probably envision that spam coming from a bunch of spammers in some third-world countries, but that’s rarely the case.
It’s why awareness training will never be good enough. And it’s why the best phishing protection technology may always fall a little short. The truth is, some of the best and brightest minds around are using their smarts to come up with more clever and more undetectable phishing exploits. It’s a technological arms race, and maybe the best you can ever hope for is a tie.
A remote vulnerability has been discovered in the EXIM email server that allows an attacker to run commands as root.
https://www.zdnet.com/article/new-rce-vulnerability-impacts-nearly-half-of-the-internets-email-servers/
If your mail server is running EXIM our email gateway can offer you complete protection from this exploit and can keep your users safe. The service is cloud-deployed and fully managed and can scale from a single domain to hosting providers needing filtering for tens of thousands of domains.
Phishing attacks are everywhere, and so is advice for how to prevent them. None of the advice offered is wrong, it’s just woefully incomplete.
A recent article on the Security Week website, Business Email Compromise Still Reigns, discusses the FBI’s annual Internet Crime Complaints Center (IC3) report and why business email compromise (BEC)—a type a phishing attack—is so prevalent.
It’s not surprising that hackers use W-2 phishing scams during tax season. Taking advantage of topical and popular subjects is at the heart of social engineering. But, the W-2 scams don’t usually target taxpayers.
According to the article on CSO Online, “The W-2 scam tries to take advantage of folks in accounting, controller and HR roles by presenting urgent
Imagine your company just fell victim to a ransomware attack. What would you do? One group of doctors decided to retire rather than pay the ransom. The officials in Jackson County, Georgia decided to pay the $400,000 ransom. The city of Chicago paid more than $1 million. So, what would you do?
If you ever find yourself the victim of a phishing attack and ransomware, you’ll only have a few options to try and deal with your circumstances.
Today, successful ransomware attacks involve stolen or encrypting the victim’s data. And to get it back, you have to pay the ransom. Of course, paying the ransom is no guarantee that you’ll get your data back, but it’s certainly higher than not paying it.
Earlier today our mail servers prevented some email from reaching some customers. The messages that were impacted had .co.uk in their domain name. Other messages were unaffected.
That’s more than 30% of people on the planet with internet access. In one month! All of that during April 2019, bringing the annual total to 5.64 billion. I wonder what will happen in May.
An article on IT Governance Blog details all of the cyber-attacks, ransomware, data breaches and financial information that was compromised during the most recent month. There’s over 70 in the list including 25 healthcare providers and 19 schools and government agencies. I doubt the list is complete.
(more…)