Phishing Protection


How the Latest Scam Shows Two-factor Authentication Doesn’t Prevent Phishing

How the Latest Scam Shows Two-factor Authentication Doesn’t Prevent Phishing

The only thing most people know about two-factor authentication (2FA) is that it’s supposed to make online activity safer, and for the most part, it does. But, as you’ll see, it doesn’t do anything to protect you from a phishing attack if the phishing attack is really good.

Continue reading “How the Latest Scam Shows Two-factor Authentication Doesn’t Prevent Phishing” »

Even the Smartest Among Us Get Phished

Even the Smartest Among Us Get Phished

If you want bona fide proof that someone is smart, what would you look for? A medical degree? A PhD? How about a Nobel Prize? Yes. If someone has won a Nobel Prize, it’s pretty safe to assume they’re smart. But, smart enough to avoid getting phished? Maybe not, because that’s exactly what happened recently.

According to Yahoo News, “Nobel laureate Paul Krugman said he likely fell for a phishing scam.” Yep, that Paul Krugman. “The Distinguished Professor of Economics at the Graduate Center of the City University of New York, and a columnist for The New York Times.” He knows economics. Email security not so much.

Continue reading “Even the Smartest Among Us Get Phished” »

The Unseen Ripple Effect of a Phishing Attack

The Unseen Ripple Effect of a Phishing Attack

Nobody wants to get phished. And if you think about getting phished, you probably envision a worst case scenario. Maybe you see your credit rating taking a hit or perhaps even getting your bank account drained. All very bad outcomes. But, these are just consequences you see from a potential phishing attack. What can be much worse is the unseen ripple effect of a phishing attack.

Continue reading “The Unseen Ripple Effect of a Phishing Attack” »

American Express Phishing Scam – Don’t Leave Home With it

American Express Phishing Scam – Don’t Leave Home With it

If you fall for the latest phishing attack aimed at American Express cardholders, you may not have a home left to leave. According to Strategic Revenue, “This AMEX Email Phishing Scam Wants You Homeless & Poor, With A Zero FICO Score.” Yikes.

This latest phishing scam is hitting hundreds of thousands of inboxes just in time for Christmas. According to the article, “You receive an email which appears to be from American Express, but it isn’t, it’s from some unscrupulous hacker hiding somewhere behind a computer who is looking to steal your identity.”

Continue reading “American Express Phishing Scam – Don’t Leave Home With it” »

Two New Phishing Exploits Threaten Microsoft Users

Two New Phishing Exploits Threaten Microsoft Users

Microsoft is a big target for hackers, and it seems that they have recently come up with two new and novel phishing attack methods to go after the company’s customers. And the thing that makes these phishing tactics so scary, is that they bypass traditional security measures.

The first of these phishing attacks, reported by Latest Hacking News, uses a local login form to bypass security. The attack starts with “an email notifying users about a ‘copy of payment notification’.” The email doesn’t say much, but does contain an HTML attachment.

Continue reading “Two New Phishing Exploits Threaten Microsoft Users” »

Will Being Greedy Make You Vulnerable to Phishing Attacks?

Will Being Greedy Make You Vulnerable to Phishing Attacks?

If you don’t already know, phishing attacks are not a technology exploit, they are a human exploit. Phishing technology itself is usually not that clever. A fake email, a fake website, and you have all the makings of a phishing attack.

The real trick to successful phishing attacks is the way they exploit human weaknesses. And there’s no greater human weakness than greed. People have been known to make some really dumb decisions when they let greed get the better of them. Hackers know it, and they use it in social engineering, which is a precursor to most phishing attacks.

Continue reading “Will Being Greedy Make You Vulnerable to Phishing Attacks?” »

Before You Get a Phishing Email You May Get This

Before You Get a Phishing Email You May Get This

Hackers are always looking for ways to make their phishing attacks more effective. Afterall, phishing scams are big business. The last thing a hacker wants to do is to go through all that trouble of social engineering, putting up a fake website and crafting a clever phishing email only to send that email to a dead account. One without a live person on the other end opening the email.

Continue reading “Before You Get a Phishing Email You May Get This” »

Hey Wait! IRS Phishing Scam Emails Aren’t Supposed to Happen Until Tax Season

Hey Wait! IRS Phishing Scam Emails Aren’t Supposed to Happen Until Tax Season

People are getting wise to IRS phishing scams which happen during tax season. So, what do hackers do? Send out the same phishing emails out of season to catch unsuspecting victims off guard.

According to an article on ARS Technica, “Tax return scammers usually strike early in the year, when they can turn the personal information of victims into fraudulent tax refund claims. But members of Akamai’s threat research team found a recent surge in off-season phishing attacks masquerading as notices from the Internal Revenue Service, targeting over 100,000 individuals.”

Continue reading “Hey Wait! IRS Phishing Scam Emails Aren’t Supposed to Happen Until Tax Season” »

They Should Call Black Friday Phish Friday

They Should Call Black Friday Phish Friday

It’s the most wonderful time of the year…for hackers. And while all indications are that hackers are actually getting started early this year with phishing emails, you can expect Black Friday and Cyber Monday to be the main events.

According to Global Security Mag, “Black Friday and Cyber Monday marks the traditional start to the holiday shopping season. Yet, with 39% of shoppers starting before then, cybercriminals have kicked off the season early too.” Their research indicates a 400% increase in pre-holiday phishing activity specifically targeted at “well-known online shopping sites.”

Continue reading “They Should Call Black Friday Phish Friday” »

Data Breach at Registrar Could Make Phishing Emails Even Harder to Detect

Data Breach at Registrar Could Make Phishing Emails Even Harder to Detect

At its core, phishing is a pretty simple exploit. Send a malicious email, but make it look like it comes from some person or some company you know and trust.

One of the most frequently-used phishing tactics is domain name spoofing. Domain name spoofing occurs when an attacker appears to use a company’s domain to impersonate a company or one of its employees. This can be done by sending an email with a false domain name that looks like the correct domain name, or including a link in an email to what appears to be a trusted domain.

Continue reading “Data Breach at Registrar Could Make Phishing Emails Even Harder to Detect” »

When it Comes to Phishing Tactics, We Know What Hackers Prefer

When it Comes to Phishing Tactics, We Know What Hackers Prefer

Here’s a quick, one-question quiz:

If you got phished, you most likely:

  1. Opened a malicious email attachment
  2. Clicked on a malicious link in an email

Well, according to Proofpoint’s Q3 2019 Threat Report, if you got phished, there’s an 88% chance it’s because you clicked on a malicious link. So, the correct answer is #1. And that’s just one of the findings in the latest quarterly report.

Continue reading “When it Comes to Phishing Tactics, We Know What Hackers Prefer” »

Can You Count On Your Employees For Phishing Protection?

Can You Count On Your Employees For Phishing Protection?

Phishing attacks are endless, escalating in numbers, frequency, and intensity with phishers launching hundreds of thousands of attacks every day. You may be wondering why authorities can’t keep check of this nefarious activity. Well, what makes it so challenging to prevent these attacks is the fact that the attackers are tech-savvy people who are professionals in what they do, and they keep on improving their techniques and modus operandi. However, one can adopt anti-spam measures and phishing protection strategies to protect oneself to a great extent, if not entirely, from these cyber threats.

Continue reading “Can You Count On Your Employees For Phishing Protection?” »

The Terrible Price Small Businesses Pay for a Data Breach

The Terrible Price Small Businesses Pay for a Data Breach

By now you probably know what comes before a data breach: a phishing attack. Phishing is the attack vector the bad guys use most often to steal the credentials which lead to the data breach. Did you ever ask yourself what comes after a data breach? Well, if you’re a small business, the answer is not good.

From Stay Safe Online, “A new survey released by the National Cyber Security Alliance (NCSA) today found that an overwhelming majority of small businesses believe that they are a target of cybercriminals, highlighting the growing awareness among small businesses about the threat of a cyberattack.”

Continue reading “The Terrible Price Small Businesses Pay for a Data Breach” »

You’ll Never Guess Which Day of the Week is #1 for Phishing

You’ll Never Guess Which Day of the Week is #1 for Phishing

Say what you will about hackers, but they do their homework. They don’t just send out phishing emails willy nilly. The send them out and measure their effectiveness, including what day of the week is the most effective to send them on.

According to an article on NationalCybersecurity.com, research “has revealed more malicious emails are delivered on Monday mornings than any other day.” As if Mondays weren’t bad enough already. “More than 30 per cent of all cyber-attack emails sent by opportunistic hackers and scammers go out on the first day of the week, declining steadily with each passing weekday.”

Continue reading “You’ll Never Guess Which Day of the Week is #1 for Phishing” »

The Cost of Anti-phishing Software Compared to Cyberinsurance

The Cost of Anti-phishing Software Compared to Cyberinsurance

When it comes to getting hit by ransomware, it doesn’t get much worse than the city of Baltimore. When the city got hit by ransomware earlier this year, apparently it had neither anti-phishing software protecting its email accounts nor cyberinsurance in the event that it did. And because the city has refused to pay the ransom ($76,000), it has spent in excess of $18 million restoring systems to date.

Continue reading “The Cost of Anti-phishing Software Compared to Cyberinsurance” »

Not All Phishing Attacks Come by Email

Not All Phishing Attacks Come by Email

Most phishing attacks are pretty straight forward. They try to get the login credentials to your bank account, wipe you out and go on vacation. I’m not really sure about the vacation part, but the rest is pretty typical.

What else is typical is that the way to get your credentials is to send you an email with a link to a bogus website that captures your information and looks convincing enough so that you’ll provide it. Phishing attacks mostly come by email, but not always.

Continue reading “Not All Phishing Attacks Come by Email” »

When it Comes to Being Victims of Phishing Attacks this Country is #1

When it Comes to Being Victims of Phishing Attacks this Country is #1

It’s a dubious honor. Apparently the people in Australia are really bad when it comes to phishing attacks. How bad? “Over half of office workers have been victims of a phishing attack.” Half!

Australians are among the most frequently targeted by hackers and cybercriminals, and the numbers back that up. Over 50 per cent of the office workforce have been victims of a hacking attack of some kind, according to recent research on the matter. The global-scale study was performed by online security firm Webroot, a company based in the United States of America.”

Continue reading “When it Comes to Being Victims of Phishing Attacks this Country is #1” »

Pin It on Pinterest