It’s the start of tax season. This is the time of year when we collect our receipts and tax forms and hope for a nice big refund from the U.S. government. Unfortunately, cybercriminals are also looking for a nice big score as well. This year is going to be worse than ever, as many people
6 Social Media Safety Tips for Parents in 2021
6 Social Media Safety Tips for Parents in 2021. Learn how to keep your kids safe with social media. Protect children’s phones and electronic devices.
Security Awareness is the Key to Cybersecurity Behavior Change
Security Awareness is the Key to Cybersecurity Behavior Change
New Release: 2021 Remote Workforce Security Report
Holger Schultze wrote: The need to secure the remote workforce has never been more critical. A year into the pandemic, organizations are still grappling with how to protect their assets. The Remote Workforce Security Report reveals the status of organizations’ efforts to secure the new workforce, key challenges, and unique security threats faced by organizations,
New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously
Even though the UK has made ‘huge progress’ on cybersecurity efforts, the new Chief Executive of the National Cyber Security Centre (NCSC) Lindy Cameron believes that the current efforts are still not enough. The new security head previously worked as a Director-General for the North Ireland office. She also worked for the Department for International
A Can of Phish Bait: from Surveys to Rule Changes to Your Boss’s Boss
Employees need to continue being wary of phishing scams as they begin to return to the office, according to Roger Kay at INKY. Kay describes several phishing templates that INKY has intercepted in recent months, including one that informed recipients that they needed to fill out a compliance form related to COVID-19 risks. “Reasonably well
Spoofing Tailored to Financial Departments
Researchers at Area 1 Security have warned of a large spear phishing campaign targeting financial departments and C-suite employees with spoofed Microsoft 365 login pages. The researchers say that in some cases the attackers “specifically targeted newly-selected CEOs during critical transitionary periods.” Additionally, the attackers went after executives’ assistants. “Beyond financial departments, the attackers also
Why Should You Be Using DMARC? 3 Billion Spoofed Emails are Being Sent Everyday
In a recent report from TechRadar, email is still the most popular form of malware distribution. Billions of emails that are spoofed are being sent everyday. Even though email is still the oldest form of online communication, it is still the go-to platform for cybercriminals to attempt to infiltrate. According to the report by Vailmail,
Ransomware Attacks Are Growing More Costly and Effective by the Day
The availability of commodity bots and ransomware is making the business of ransomware accessible to just about every. And, according to new data, everyone’s getting in on the game. We love reports that provide an insightful view into what the bad guys are doing, quantifying what we’re all experiencing as an industry. A new report
The Good, the Bad, and the Ugly About Multi-Factor Authorization MFA
THE GOOD, THE BAD, AND THE UGLY ABOUT MFA
Chinese Have Likely Hacked Your Microsoft Exchange Email Server
Chinese Have Likely Hacked Your Microsoft Exchange Email Server. What if Chinese state-sponsored hackers have owned your OWA using several brand-new zero-day vulnerabilities?
On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange.
Think Your Cyber Insurance is Going to Cover that $6 Million attack in Cyber Fraud? Think Again.
The latest tale of an organization falling victim to a business email compromise cyber attack on their credit card processor highlights how very specific the scenario needs to be to see a payout. In 2018, RealPage, a Texas-based service provider for property owners and property management companies was the victim of a cyber attack that
1 in 4 Business Email Compromise Attacks Use Lookalike Domains to Trick Victims
The latest Data on BEC scams shows how the bad guys are using a mix of Gmail accounts, increases in stolen wire transfers, and a shift to payroll diversions to trick you out of your money from email attacks.
Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims
The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage. We’ve covered impersonation scams before where cybercriminals pretend to be your CEO, hospital personnel, or even the government. New data from cybersecurity vendor Agari
Vendor Email Compromise is Officially A Big (Seven-Figure) Problem
While the Solarwinds “sunburst” attack brought to light the compromising of a vendor, Vendor Email Compromise has been around for some time and now seems to be going mainstream. We first mentioned Vendor Email Compromise (VEC) back in late 2019. This method of compromising an email account at one company purposely to use it to
Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials
A new social engineering scam demonstrates how cybercriminals are both evolving their tactics while still using tried and true methods that just work to attain their goals. I’ve covered scams impersonating Office 365 I don’t know how many times. But it’s not very often you hear about a scam that uses LinkedIn as both its
88% Of Data Breaches Are Caused By Human Error
A brand new report confirms what we have been saying for many years now. About 9 out 10 data breaches are caused by your users. Researchers from Stanford University and a top cybersecurity organization found that approximately 88 percent of all data breaches are caused by an employee mistake. Human error is still very much
Most Phishing Emails Are After Credentials
Most Phishing Emails Are After Credentials 57% of phishing emails in 2020 were designed for stealing credentials, according to Cofense’s most recent Annual State of Phishing Report. Meanwhile, just 12% of phishing attacks last year were used for delivering malware. Cofense believes this is because credential phishing emails are better at bypassing email security filters
New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data
New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data The Dutch Data Protection Authority (AP) recently measured the number of reports of data theft in 2020 and the number of attacks skyrocketed. The report documented that it increased no less than 30% in 2020 compared to the year
UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency
UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency This month the UK’s National Crime Agency (NCA) arrested eight suspects who targeted famous sports stars and musicians in the US and stole from victim’s bank accounts and crypto wallets. We hadn’t heard much from the SIM-swapping side of cybercrime