Here’s a quick, one-question quiz:
If you got phished, you most likely:
- Opened a malicious email attachment
- Clicked on a malicious link in an email
Well, according to Proofpoint’s Q3 2019 Threat Report, if you got phished, there’s an 88% chance it’s because you clicked on a malicious link. So, the correct answer is #1. And that’s just one of the findings in the latest quarterly report.
Continue reading “When it Comes to Phishing Tactics, We Know What Hackers Prefer” »
Phishing attacks are endless, escalating in numbers, frequency, and intensity with phishers launching hundreds of thousands of attacks every day. You may be wondering why authorities can’t keep check of this nefarious activity. Well, what makes it so challenging to prevent these attacks is the fact that the attackers are tech-savvy people who are professionals in what they do, and they keep on improving their techniques and modus operandi. However, one can adopt anti-spam measures and phishing protection strategies to protect oneself to a great extent, if not entirely, from these cyber threats.
Continue reading “Can You Count On Your Employees For Phishing Protection?” »
By now you probably know what comes before a data breach: a phishing attack. Phishing is the attack vector the bad guys use most often to steal the credentials which lead to the data breach. Did you ever ask yourself what comes after a data breach? Well, if you’re a small business, the answer is not good.
From Stay Safe Online, “A new survey released by the National Cyber Security Alliance (NCSA) today found that an overwhelming majority of small businesses believe that they are a target of cybercriminals, highlighting the growing awareness among small businesses about the threat of a cyberattack.”
Continue reading “The Terrible Price Small Businesses Pay for a Data Breach” »
Say what you will about hackers, but they do their homework. They don’t just send out phishing emails willy nilly. The send them out and measure their effectiveness, including what day of the week is the most effective to send them on.
According to an article on NationalCybersecurity.com, research “has revealed more malicious emails are delivered on Monday mornings than any other day.” As if Mondays weren’t bad enough already. “More than 30 per cent of all cyber-attack emails sent by opportunistic hackers and scammers go out on the first day of the week, declining steadily with each passing weekday.”
Continue reading “You’ll Never Guess Which Day of the Week is #1 for Phishing” »
When it comes to getting hit by ransomware, it doesn’t get much worse than the city of Baltimore. When the city got hit by ransomware earlier this year, apparently it had neither anti-phishing software protecting its email accounts nor cyberinsurance in the event that it did. And because the city has refused to pay the ransom ($76,000), it has spent in excess of $18 million restoring systems to date.
Continue reading “The Cost of Anti-phishing Software Compared to Cyberinsurance” »
Most phishing attacks are pretty straight forward. They try to get the login credentials to your bank account, wipe you out and go on vacation. I’m not really sure about the vacation part, but the rest is pretty typical.
What else is typical is that the way to get your credentials is to send you an email with a link to a bogus website that captures your information and looks convincing enough so that you’ll provide it. Phishing attacks mostly come by email, but not always.
Continue reading “Not All Phishing Attacks Come by Email” »
Phishing attempts are up 400% from January to July 2019, according to a new Webroot report. That’s not a shocking statistic. Afterall, phishing is a very profitable business and profitable businesses tend to reinvest in their business. The more successful phishing becomes, the more phishing attacks you’d expect to see.
Continue reading “Updated Phishing Statistics That Will Shock You” »
Not if you believe the latest headlines. According to an article in Wired magazine, it’s not just the Russians anymore who are trying to affect the upcoming U.S. elections. Apparently, the Iranians are now trying to get in on the action too.
Continue reading “Can We Trust the U.S. Elections Anymore?” »
It’s a dubious honor. Apparently the people in Australia are really bad when it comes to phishing attacks. How bad? “Over half of office workers have been victims of a phishing attack.” Half!
“Australians are among the most frequently targeted by hackers and cybercriminals, and the numbers back that up. Over 50 per cent of the office workforce have been victims of a hacking attack of some kind, according to recent research on the matter. The global-scale study was performed by online security firm Webroot, a company based in the United States of America.”
Continue reading “When it Comes to Being Victims of Phishing Attacks this Country is #1” »
Could you spot a phishing email if one made it into your inbox? I’ll bet you think you could. Most people do, but they’re wrong.
According to a Webroot survey, “While a majority (79%) of people say they are able to distinguish a phishing message from a genuine one, nearly half (49%) also admit to having clicked on a link from an unknown sender while at work. Further, nearly half (48%) of respondents said their personal or financial data had been compromised by a phishing message.”
Continue reading “You’re Not as Good at Spotting Phishing Emails as You Think You Are” »
If given a choice between violating Amazon’s policies and getting phished, I’d much rather tick off Amazon. But hackers think that you think differently, which is the motivation for their latest phishing scam.
From Hoax Slayer, “According to an email, which purports to be from Amazon, your account will be locked because of violated policies. Supposedly, you are required to click a link to login and verify your account. The email features the Amazon logo and seemingly legitimate footer information in an effort to make it seem genuine. However, the email is fraudulent and the claim that your account has been locked is false.”
Continue reading “You Didn’t Violate Amazon’s Policies But You Did Get Phished” »
The wars of the future won’t be fought with bombs and planes they’ll be fought with 1s and 0s. And while the U.S. is worried about North Korea getting nuclear weapons, it should be more worried about their cyberattacks.
The latest salvo from North Korea is a spear-phishing attack targeting U.S. firms “with an interest in nuclear deterrence, North Korea’s nuclear submarine program and North Korean economic sanctions.” Apparently this is an ongoing malware campaign aimed at U.S. companies.
Continue reading “North Korea Attacks United States…with Spear Phishing” »
If you haven’t been paying attention, cities are getting killed by ransomware. The number of cities that have fallen victim to ransomware just 2019 is too long to list. And once a city does get hit by ransomware, the question that always comes up is, should the city pay the ransom? It’s not an easy question to answer.
One the one hand, paying the ransom is no guarantee that the city will get their systems back. On the other hand, not paying the ransom leaves the city with the unknown financial burden of restoring their systems.
Continue reading “Ransomware: Taxpayers are Worried About the Wrong Thing” »
The number of cyberattacks and security breaches increases every year. Year by year, the percentage surges upwards. According to Gemalto, there was a 164 percent increase in cyberattack frequency between 2016 and 2017. Projections between 2017 and 2018 already show a trend towards even greater growth.
Continue reading “8 Ways You Can Protect Your Company from Phishing Attacks Starting Now” »
Mobile phishing is not a new phenomenon. Almost anyone old enough to remember using pre-smartphone mobile devices also remembers getting suspicious texts and calls from early scammers. Often, these scam artists used some variant of the now-campy Nigerian Prince scheme to trick victims.
But times have changed. Today’s mobile phishing attacks are sophisticated, high-tech, and largely automated. Mobile phones have taken on a more important role in users’ lives than ever before, and the world’s hackers have access to more data than the previous generations could dream of. Without mobile phishing protection, users are vulnerable.
Continue reading “Mobile Hacking on the Rise Alongside New Phishing Tactics” »
Phishing scams are more common than you might think. In fact, a person receives an average of six malicious emails per day, threatening the security of their computer and their systems.
Between 2013 and 2016, American businesses faced a staggering $500 billion in losses due to phishing scams. This led to an extensive FBI investigation of over 22,000 reported phishing scams.
Continue reading “Advanced threat defense to protect your business from phishing scams” »
What is a lateral phishing attack? A lateral phishing attack occurs when “one or more compromised employee accounts in an organization are used to target other employees in the same organization. Lateral phishing is similar to business email compromise (BEC), but while the latter is usually about getting victims to carry out fraudulent wire transfers, the main goal of the former is usually credential theft.” I suppose it means the attack occurs laterally across the org chart.
Continue reading “The Lateral Phishing Attack is the New Trojan Horse” »
If you follow the news at all, you know that phishing attacks, cyber breaches and ransomware are everywhere. It’s practically an epidemic. But, not all victims are created equal.
It’s one thing if a bank or a big corporation or even a government entity gets hit with a cyber-attack. They either have, or can find the resources to recover from such an event. Many even have some form of insurance to bail them out. But lately, hackers have pulled out all the stops and have started targeting some of the most vulnerable in society.
Continue reading “Hackers Now Going After the Most Vulnerable in Society” »
Phishing is so widespread today, you can feel the effects of a phishing attack even if you’re not the one who got phished. The latest example of this is detailed in a report on Bleeping Computer: “Phishing Attacks Target US Utilities with Remote Access Trojan.”
Continue reading “How Somebody Else Getting Phished Could Leave You in the Dark” »
About a year ago, information security company Shred-it released a report saying “Employee negligence is the main cause of data breaches.” I have no doubt that’s true. The part I disagree with is the solution.
The solution that’s being promoted for the “employee” problem is phishing awareness training. And not just training, but MORE training. There’s only one problem with this way of thinking: it won’t eliminate data breaches.
Continue reading “The Misguided Solution to the Phishing Problem” »