The FBI has joined the IRS in warning that W2 tax form phishing is on the rise. The US tax filing deadline is now less than a month-and-a-half away, and tax-themed phishing is trending up. Compromised or spoofed emails alleging to be from a company executive are received by the human resources department. Those emails request W2 information. The […]
“Training employees to spot phishing emails, messages and phone calls can’t be done just once or once a year if the organization wants to see click rates decrease,” said Zeljka Zorz at Help Net Security. Zeljka had a great summary of Wombat’s latest State of the Phish report: For one thing, employees come and go (and change […]
Cyber criminals are trying to benefit from the Florida Parkland school shootings. They are sending out phishing campaigns with topics and hashtags like Parkland, guncontrolnow, Florida, guncontrol, and Nikolas Cruz that try to trick you into clicking on a variety of links about blood drives, charitable donations, “inside” information or “exclusive” videos. Anything you receive […]
According to researchers at McAfee, a new malware campaign is targeting organizations associated with the upcoming 2018 Winter Olympics in Pyeongchang, South Korea. The attack is being delivered via phishing emails disguised as alerts from country’s National Counter-Terrorism Center, with malicious Word documents attached. Once opened, the Word document encourages readers to enable content. If they do, […]
This Scam of the Week covers a new Direct Deposit phishing scam that is affecting employers nationwide without regard to their payroll portals or payroll service providers. Here is the scenario: An employee receives from a company email account e-mail that mimics a familiar and trusted company service or resource, such as an e-signature request or a […]
This Scam of the Week covers a phishing campaign that hijacked the Netflix brand. This phish tries to trick you into handing over your login details, your credit card data, and your photo ID. Here is how the lure looks: (Note the simple trick, right there in the subject line, of not spelling out the brand-theft […]
You may be aware of the warnings and advisories that were recently discovered that practically all computer systems worldwide have a hardware bug called “Meltdown and Spectre”. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a […]
Companies You’ve Never Heard of are Exposing Your Personal Data Earlier this week, an analyst from the security firm Upguard shared that Alteryx had not properly protected detailed information it had collected on 123 million U.S. households. This data leak was discovered by a researcher, and not (we hope) by a criminal. But the leak […]
A new “urgent alert” has been issued by the U.S. Internal Revenue Service, that internet criminals have combined CEO Fraud and W-2 phishing to target a much wider range of organizations than ever before CEO Fraud — e-mail attacks spoofing the boss and social engineering a high-risk employee into wiring funds to a bank account […]
Phishers Target PayPal Users With Fake “Failed Transaction” Emails Scammers are pushing out fake PayPal emails that use the premise of an unverified transaction to phish for customers’ personal and financial information. With the end-of-the-year holidays quickly approaching and many users worrying whether the gifts they bought online will be delivered in time for the […]