Phishing Protection


If You Received an Email from the Supreme Court Would You be Suspicious?

If You Received an Email from the Supreme Court Would You be Suspicious?

I hope to never receive an email from the United States Supreme Court. It couldn’t possibly be good news. I would be very suspicious. But there is one small group of people who, if they received such an email, might not be suspicious: C-suite executives. And that’s exactly what some hackers thought as they targeted such individuals with a zero-day credential phishing attack impersonating the Supreme Court.

Continue reading “If You Received an Email from the Supreme Court Would You be Suspicious?” »

As the World Moves to Virtual Live Entertainment Hackers Look to Take Advantage

As the World Moves to Virtual Live Entertainment Hackers Look to Take Advantage

One of the ways the world has responded to the COVID-19 pandemic is to take a lot of the entertainment we used to enjoy live and in person and move it online into the world of virtual entertainment. The entertainment is still live, but now instead of watching musicians in a bar or theater, you get to watch them live streamed on your smart TV or mobile phone. The hackers know this, and they are aiming to do something about it.

Continue reading “As the World Moves to Virtual Live Entertainment Hackers Look to Take Advantage” »

It Was Only a Matter of Time Before the Lockdown Lead to Delivery-based Phishing Scams

It Was Only a Matter of Time Before the Lockdown Lead to Delivery-based Phishing Scams

The COVID-19 worldwide lockdown has had many side effects, not the least of which is that people are doing even more online shopping now. Weekly online purchases now include staples like food and cleaning products. Amazon’s sales since the pandemic arrived is up 35%. And what’s the one thing all these online sales have in common? A delivery service has to bring them to your door.

Continue reading “It Was Only a Matter of Time Before the Lockdown Lead to Delivery-based Phishing Scams” »

Warning: Fast Food and Free Beer are Being Used to Phish You

Warning: Fast Food and Free Beer are Being Used to Phish You

Hackers are always trying to come up with ever more enticing lures to phish you. Sometimes the lure is the promise of riches, while other times it’s a job opportunity or tax refund. Hackers may have outdone themselves this time with separate phishing attacks centered around fast food and free beer as a direct result of the COVID-19 pandemic.

Continue reading “Warning: Fast Food and Free Beer are Being Used to Phish You” »

The Biggest Beneficiaries of COVID-19 are also the Biggest Phishing Targets

The Biggest Beneficiaries of COVID-19 are also the Biggest Phishing Targets

Even when something as horrible as COVID-19 happens, there are some companies that benefit. One of the beneficiaries of the virus is Zoom Video, the video conferencing company that has seen a huge demand increase for their product.

Another, less obvious company, that has seen an increased demand for their service is Netflix. Recent stats display that as the COVID-19 crisis gripped nations throughout the world, Google searches for Netflix jumped to 142%. And sure enough, just as the demand goes up, so too do the number of phishing attacks targeting the company’s customers (and potential customers).

Continue reading “The Biggest Beneficiaries of COVID-19 are also the Biggest Phishing Targets” »

A New Way Hackers Take Advantage of Web Pages to Phish You

A New Way Hackers Take Advantage of Web Pages to Phish You

You have to hand it to those hackers. If there’s a way to trick you with a phishing email, they’ll figure it out. One of the best ways hackers try to trick you with a phishing email is to take advantage of the way web pages are rendered.

Web pages use HTML (hypertext markup language) and CSS (cascading style sheets) to display web pages on your computer and your mobile phone. These technologies are well-understood and have been around for a long time. One of the things that makes these technologies so powerful is how flexible they are.

Continue reading “A New Way Hackers Take Advantage of Web Pages to Phish You” »

The Strange Irony of COVID-19’s Effect on Certain Phishing Attacks

The Strange Irony of COVID-19’s Effect on Certain Phishing Attacks

While the pandemic known as COVID-19 is causing a dramatic increase in coronavirus-themed phishing attacks, it’s strangely having the opposite effect on other phishing attacks.

When it comes to phishing attacks, hackers tend to “specialize” in a certain type of phishing attack. And as things turn out, some of these “specialists” are really feeling the pinch from COVID-19. A lot of people are struggling in this economy, and apparently some of them are bad guys.

Continue reading “The Strange Irony of COVID-19’s Effect on Certain Phishing Attacks” »

Now We Know Why the Healthcare Industry is so Vulnerable to Ransomware

Now We Know Why the Healthcare Industry is so Vulnerable to Ransomware

If you’ve been paying any attention, you’ve seen that the healthcare industry is under a constant threat from phishing attacks that lead to ransomware. Every week it seems there’s another healthcare organization hit with a data breach or ransomware. The question is, why? And now we know the answer.

The short answer is, healthcare organizations are an easy target for hackers because their cyber defenses stink. So, the real question is, why do healthcare organizations cyber defenses stink? The short answer here is, it’s just not a priority for them. And apparently, the hackers know it.

Continue reading “Now We Know Why the Healthcare Industry is so Vulnerable to Ransomware” »

Two New Advanced Phishing Threats You Need to Know About

Two New Advanced Phishing Threats You Need to Know About

You have to hand it to those hackers, they’re always innovating. This week comes news of two new phishing exploits designed to do one thing: convince you it’s NOT a phishing email.

First, from Threat Post, comes a clever exploit that uses YouTube redirect links, which are whitelisted by many security defense mechanisms, to evade detection. From the article, “If certain malicious URLs are blocked by web browser phishing filters, attackers commonly use a redirector URL to bypass these filters and redirect the victim to their phishing landing page. URL redirects have been used in previous campaigns, including malicious redirect code affecting Joomla and WordPress websites and HTML redirectors being used by Evil Corp. Now, a new campaign is using legitimate YouTube redirect links.”

Continue reading “Two New Advanced Phishing Threats You Need to Know About” »

Latest Research Confirms the Ineffectiveness of Security Awareness Training

Latest Research Confirms the Ineffectiveness of Security Awareness Training

Security Awareness training companies love to point out how important employee training is in keeping organizations safe from ransomware and malware. And to be sure, training employees to spot phishing emails is better than not doing it. But, the ubiquity of security awareness training advertising has led to two large problems.

Continue reading “Latest Research Confirms the Ineffectiveness of Security Awareness Training” »

No Matter How You Sign in These Attackers Have You Phished

No Matter How You Sign in These Attackers Have You Phished

Do you ever use an online service that gives you multiple ways to sign in? For example, there’s the online storage service Dropbox which lets you login with your Google credentials, Yahoo credentials, Office 365 credentials and others. Seems very convenient, because you don’t have to remember as many login credentials. Well guess what? Attackers know that and they’re now using it to phish you.

Continue reading “No Matter How You Sign in These Attackers Have You Phished” »

The Phishing Numbers from 2019 are in and They Don’t Look Too Good

The Phishing Numbers from 2019 are in and They Don’t Look Too Good

Now that we’re in 2020, the phishing numbers from 2019 are starting to trickle in. Numbers which attempt to quantify the state of phishing, such as how many emails were malicious and how many were effective. And so far, things look pretty bleak.

For starters, what percentage of people do you think can spot all of the phishing scams out there? It’s important to spot them all because it only takes one click to bring down an entire organization. The answer? 5% according to a survey from Security.org.

Continue reading “The Phishing Numbers from 2019 are in and They Don’t Look Too Good” »

How the Latest Scam Shows Two-factor Authentication Doesn’t Prevent Phishing

How the Latest Scam Shows Two-factor Authentication Doesn’t Prevent Phishing

The only thing most people know about two-factor authentication (2FA) is that it’s supposed to make online activity safer, and for the most part, it does. But, as you’ll see, it doesn’t do anything to protect you from a phishing attack if the phishing attack is really good.

Continue reading “How the Latest Scam Shows Two-factor Authentication Doesn’t Prevent Phishing” »

Even the Smartest Among Us Get Phished

Even the Smartest Among Us Get Phished

If you want bona fide proof that someone is smart, what would you look for? A medical degree? A PhD? How about a Nobel Prize? Yes. If someone has won a Nobel Prize, it’s pretty safe to assume they’re smart. But, smart enough to avoid getting phished? Maybe not, because that’s exactly what happened recently.

According to Yahoo News, “Nobel laureate Paul Krugman said he likely fell for a phishing scam.” Yep, that Paul Krugman. “The Distinguished Professor of Economics at the Graduate Center of the City University of New York, and a columnist for The New York Times.” He knows economics. Email security not so much.

Continue reading “Even the Smartest Among Us Get Phished” »

The Unseen Ripple Effect of a Phishing Attack

The Unseen Ripple Effect of a Phishing Attack

Nobody wants to get phished. And if you think about getting phished, you probably envision a worst case scenario. Maybe you see your credit rating taking a hit or perhaps even getting your bank account drained. All very bad outcomes. But, these are just consequences you see from a potential phishing attack. What can be much worse is the unseen ripple effect of a phishing attack.

Continue reading “The Unseen Ripple Effect of a Phishing Attack” »

American Express Phishing Scam – Don’t Leave Home With it

American Express Phishing Scam – Don’t Leave Home With it

If you fall for the latest phishing attack aimed at American Express cardholders, you may not have a home left to leave. According to Strategic Revenue, “This AMEX Email Phishing Scam Wants You Homeless & Poor, With A Zero FICO Score.” Yikes.

This latest phishing scam is hitting hundreds of thousands of inboxes just in time for Christmas. According to the article, “You receive an email which appears to be from American Express, but it isn’t, it’s from some unscrupulous hacker hiding somewhere behind a computer who is looking to steal your identity.”

Continue reading “American Express Phishing Scam – Don’t Leave Home With it” »

Pin It on Pinterest