It’s why awareness training will never be good enough. And it’s why the best phishing protection technology may always fall a little short. The truth is, some of the best and brightest minds around are using their smarts to come up with more clever and more undetectable phishing exploits. It’s a technological arms race, and maybe the best you can ever hope for is a tie.
Phishing attacks are everywhere, and so is advice for how to prevent them. None of the advice offered is wrong, it’s just woefully incomplete.
A recent article on the Security Week website, Business Email Compromise Still Reigns, discusses the FBI’s annual Internet Crime Complaints Center (IC3) report and why business email compromise (BEC)—a type a phishing attack—is so prevalent.
It’s not surprising that hackers use W-2 phishing scams during tax season. Taking advantage of topical and popular subjects is at the heart of social engineering. But, the W-2 scams don’t usually target taxpayers.
According to the article on CSO Online, “The W-2 scam tries to take advantage of folks in accounting, controller and HR roles by presenting urgent
Imagine your company just fell victim to a ransomware attack. What would you do? One group of doctors decided to retire rather than pay the ransom. The officials in Jackson County, Georgia decided to pay the $400,000 ransom. The city of Chicago paid more than $1 million. So, what would you do?
If you ever find yourself the victim of a phishing attack and ransomware, you’ll only have a few options to try and deal with your circumstances.
Today, successful ransomware attacks involve stolen or encrypting the victim’s data. And to get it back, you have to pay the ransom. Of course, paying the ransom is no guarantee that you’ll get your data back, but it’s certainly higher than not paying it.
That’s more than 30% of people on the planet with internet access. In one month! All of that during April 2019, bringing the annual total to 5.64 billion. I wonder what will happen in May.
An article on IT Governance Blog details all of the cyber-attacks, ransomware, data breaches and financial information that was compromised during the most recent month. There’s over 70 in the list including 25 healthcare providers and 19 schools and government agencies. I doubt the list is complete.
Continue reading “Seriously? Over 1 Billion Records Leaked in One Month” »
The last season of Game of Thrones (GoT) is finally on air, and everyone seems to be excited about it! GoT is one of the most successful shows ever to be shown on TV. However, the massive popularity of the show has lead to cybercriminals exploiting people’s love for it by tricking individuals into various online scams, and many people have lost their hard earned money by fraudulent emails in circulation nowadays.
If you haven’t heard lately, when it comes to getting phished, municipalities and local governments aren’t doing too well. And it’s costing them a lot of money.
According to a recent article on SC Magazine website, four different municipalities were hit with ransomware attacks during the week of April 15, 2019. The article said, “Augusta, Maine; Imperial County, Calif.; Stuart, Fla.; and Greenville, N.C. were all in different stages of recovering from ransomware attacks over the last seven days.”
Phishing protection is big business. There are many providers out there using advanced technologies to protect companies of all sizes. And these technologies are needed, because as research has shown, phishing protection education alone will not protect your company.
It’s a common folklore that the greatest cyber-attacks in history are pulled off by genius hackers using clever hacking techniques to exploit a zero-day vulnerability on some obscure back-room database server. The reality is very different.
Phishing attacks are becoming more prevalent across almost all industries worldwide. But some industries are targeted more frequently than others.
Email fraud remains one of the most common ways cybercriminals gain unauthorized access to their victims’ IT systems. Now, however, cybercriminals are beginning to expand their attacks to include more sophisticated tactics that rely on email, social media, and even victims’ mobile devices. You need more than email security to protect yourself against phishing.
There are a lot of benefits to using Microsoft Office 365. It contains business tools with which you’re already familiar. It’s easy to set up and offers anytime, anywhere access.
You’ll see many of these features and benefits promoted on the Office 365 website. Won’t you want to see there among the list though is that using Office 365 makes you extremely vulnerable to a phishing attack. Why is that?
There was a time when hackers and email scammers used spear phishing to trick their victims into sending money. By the time someone figured what had happened, the money was gone forever. But, people are starting to get wise to that tactic. So, what do the hackers do? They evolve…all the way to blackmail.
In the world of cybersecurity, it’s a well-known fact that 93% of data breaches trace their original attack vectors back to phishing. In the overwhelming majority of cases, hackers use phishing to get their foot in the door of the network they’re targeting.
When Good Websites Turn Bad
The whole idea behind phishing awareness training is to keep you off of malicious websites. But what if the web site you want to visit, a known good website, is actually malicious? It’s more likely than you may think.
The best cybercriminals tend to be innovative and intelligent. They constantly update their strategies and tactics to account for new developments in the cybersecurity landscape and always manage to find new vulnerabilities to exploit.
If You Think Phishing Is Only Your Employer’s Problem Think Again
If you work for a company, you probably think about phishing attacks in a distant sort of way. In other words, phishing may be a problem, but it’s not your problem, really. It’s your employers’. Right? Wrong.
Russia and its hackers have been popular in the news for the past several years. Whether to allegedly influence foreign elections or steal intellectual property its sphere of influence is worldwide.
But first a bit of history.
How did we get to this point in time? Countries have always been involved with clandestine activities to undermine or even overthrow neighboring governments. They have used deception and sometimes even force to accomplish their goals. So it was only a matter of time before technology was embraced as a tool to this end. And so began the partnership between hacker and government.
What is spear phishing?
Spear phishing is when you receive an email from someone or some company you trust. It looks legitimate. It may even have the names and extension number of coworkers. It looks authentic, so you don’t give it a second thought. But you should, because it’s from an attacker, and they’re trying to steal your valuable information. Do you have reliable email phishing prevention security?
2018 was a good or bad year for phishing depending on which side of the law you were on! Phishing is defined in many places on the internet, but I like the Cambridge Dictionary definition the best: “an attempt to trick someone into giving information over the internet or by email that would allow someone else to take money from them, for example by taking money out of their bank account”.