phishing

Home/Tag: phishing

Massive Phishing Scam From a Surprising Source

By now you’ve likely heard about the nation-wide phishing scam that struck through what many consider a surprising source, Google Docs. What everyone down to the user level needs to keep in mind is that no avenue of attack is ever expected, but none should be surprising. If there is a way, any way, hackers and scammers can get you to let them in, they will exploit it. Awareness that any communication is a potential source of attack, and making [...]

Your Email is the Treasure Hackers Want to Plunder

Personal Data Protection Education is the Best Defense Series 2 of 6 Email is the preferred method of hackers to steal data and extort money. Layer 8 Security wants our community to be safe with their personal information by playing it smart. Please pass this information along to co-workers, family and neighbors. These recommendations will benefit not only yourself but also your workplace. Email C-level executives are often targets of spear phishing attacks. One such scheme attempts to steal money [...]

2017-06-22T20:19:37-04:00By |Tags: , , , , , |

The BEC – Not Your Grandfather’s Phishing Scheme

The BEC - Not Your Grandfather’s Phishing Scheme The FBI has reported cyber criminals are using new tactics to steal millions from US companies. The schemes target companies that do business overseas, and use wire transfer of funds on a regular basis. The schemes is called a Business Email Compromise. As the name implies legitimate business emails are compromised through social engineering or direct cyber attack. This information is then used to make fraudulent wire transfers to banks, usually in [...]

2017-06-22T20:19:37-04:00By |Tags: , , , , , |

New Prevention Tactics for Avoiding Malware

In an effort to combat the epidemic of ransomware attacks, the FBI identified key steps to help prevent a breach. There are over 4000 ransomware attacks per day, and the number is expected to increase. Individuals and businesses need to protect themselves against this insidious intrusion. Ransomware is a form of malware designed to extort money from businesses and individuals. It encrypts data on a home computer or business network, and in some cases seeks out connected backups to encrypt [...]

ISP Phishing Scam

The BBC is reporting cyber criminals are targeting users with a fake pop-up window designed to look like a legitimate message from the user’s ISP. The message states there is malware on the user’s system and please call the toll free number provided. It’s a scam. But as phishing campaigns go this one is particularly nasty. Criminals are using the credibility of real ISPs to attack consumers. http://www.bbc.com/news/technology-36084989 The attacks so far have occurred in the US, Canada, and Great [...]

Speeding Ticket Spear Phishing

There is a new email scam that hits close to home: fake speeding tickets! The Spear Phishing email appears to be a speeding ticket. Several people in Tredyffrin Township, Pennsylvania received the emails which appeared to be from a local police department. The email contained accurate driving information: date and time, speed, license number, street address. Even more frightening, the drivers were actually speeding on the date and time listed in the email. The email demands payment through an attached [...]

Police Pay Ransom

Looks like CNN’s prediction that 2016 will be ‘The Year of the Ransomware’ is coming true, and in spectacular fashion. Cyber criminals are targeting the most unlikely of victims: local U.S. police departments!  (http://www.nbcnews.com/news/us-news/ransomware-hackers-blackmail-u-s-police-departments-n561746)   The attacks are based out of Eastern Europe. Since 2013 departments in seven states have reported attacks. NBC News reports that five Maine police departments were locked out of their records management systems last year. Departments in Alabama and New Hampshire were also breached, but [...]

Gone Phishing

      CNN has declared 2016 ‘Year of the Ransomware.’ In a recent report from Ponemon, 90% of US companies surveyed have been breached at least once. (http://www.computerworld.com/article/2509366/security0/90--of-companies-say-they-ve-been-hacked--survey.html) Criminal Phishing and Spear Phishing campaigns continue to be successful. They extort millions of dollars from government agencies, companies and non-profit organizations. Businesses need to know how vulnerable they are; and to define a metric, use internal Phishing campaigns to determine risk.   Companies are not disclosing specific internal phishing campaign [...]

China Is Cutting the Legs Out from Under American Businesses (but please don’t stop them?)

Businesses and their executives everywhere should be aware of this story run by 60 Minutes on Jan 17, and the blog Jeff Lipson wrote about here. The fact that China is stealing U.S. companies’ intellectual property is not news. The fact that President Obama worked with the Western District of Pennsylvania to indict five Chinese officers of theft of intellectual property is not news. So, what is the real news bite here? Some companies and Americans want to fight back and stop [...]

Protecting Philadelphia Companies from Chinese Hacking – Part 1

Last night, 60 Minutes ran a segment on China’s massive theft of intellectual property from US businesses.  http://www.cbsnews.com/news/60-minutes-great-brain-robbery-china-cyber-espionage/ The episode highlighted that the Chinese government is using its military and intelligence services to give its companies an edge over US business, by stealing our trade secrets.   My Team and I spent a number of years working at US Cyber Command and the National Security Agency. We saw first hand just how prolific this theft was.  I’ve spoken numerous times [...]