In a study of Lookout users, more than half clicked mobile phishing URLs that bypassed existing security controls. Since 2011, Lookout has observed this mobile phishing URL click rate increase 85 percent year-over-year. “Mobile devices have eroded the corporate perimeter, limiting the effectiveness of traditional network security solutions like firewalls and secure web gateways,” said […]
Daniel R. Stoller at Bloomberg Law had an excellent observation about the risks of phishing related to general crime policies. Here is a short excerpt and the whole article is warmly recommended: “The Travelers Cos. will argue May 2 that cash payments made in connection with a phishing attack aren’t covered under a general crime insurance policy.” The […]
There is yet another email scam you need to watch out for. New European data privacy regulation is going into effect May 25th. It’s called General Data Protection Regulation (GDPR) and bad guys are using it as bait, claiming you’re not compliant and you are violating this new regulation. Just one example are phishing attacks […]
The Spiceworks staff wrote: “Years after CryptoLocker raised its ugly head — setting off an unfortunate security trend — ransomware continues to be a rather painful thorn in the side of IT professionals and organizations around the world.” In 2017, we saw entire companies and government agencies shut down for days thanks to WannaCry and […]
There is a new scam where hackers send you a text that asks you about a password reset on your Gmail account. Here is how this scam works. The victim receives a text asking whether they’ve requested a password reset for their Gmail account – and, if not, to reply with the word ‘STOP’. Employees […]
HHS’ Healthcare Cybersecurity and Communications Integration Center released a report March 30th on SamSam, an ongoing ransomware campaign that has targeted the healthcare and government sectors since 2016. There have already been at least eight SamSam attacks on healthcare and government organizations since the beginning of 2018, including attacks on two Indiana-based hospitals and EHR […]
This particular phish spoofs a campus-wide security alert for a community college (confidential information blocked out) in Florida. Given that it appears to be tailored to a particular educational institution and its students and employees, it’s a good bet that other educational institutions could see similarly targeted phishing attacks. What makes this particular attack so infuriating is […]
Cybercrooks who stole federal payments by hacking contractor accounts on a GSA website used sophisticated spear phishing techniques to steal login credentials and then diverted payments to bank accounts they controlled, an executive of a contractor targeted in the scam told FedScoop. It’s unclear how much the scammers have netted through their scheme, which is being […]
BREAKING NEWS: Under Armour’s health- and fitness-tracking app, MyFitnessPal, has been hit by a data breach. Roughly 150 million MyFitnessPal users are affected, Under Armour says. Under Armour says an “unauthorized party” gained information like usernames and email addresses, but not payment details. “Under Armour is working with leading data security firms to assist in […]
Over the past few months, there has been an increase of attacks that follow this 5-step pattern and are very hard to beat; A known vendor or customer falls victim to a phishing attack. Their email credentials are compromised, and the “bad guy” gets access to their email account. They start by changing the […]