spear-phishing

Home/Tag: spear-phishing

Providing Cybersecurity Training to Ultra High Net Worth Executives

On December 6th, Kevin Hyde, Managing Director of Layer 8 Security was the guest lecturer at UBS Financial Services Inc.’s ultra high net worth individual meeting on cybersecurity. Kevin provided practical security training to using scenarios executives can imagine themselves in as they encounter their work and personal lives. The training detailed the nature of the current threat landscape, ways in which attackers gather information on targets, and the different methods used to exploit this information. Executives were also given [...]

Your Email is the Treasure Hackers Want to Plunder

Personal Data Protection Education is the Best Defense Series 2 of 6 Email is the preferred method of hackers to steal data and extort money. Layer 8 Security wants our community to be safe with their personal information by playing it smart. Please pass this information along to co-workers, family and neighbors. These recommendations will benefit not only yourself but also your workplace. Email C-level executives are often targets of spear phishing attacks. One such scheme attempts to steal money [...]

2017-06-22T20:19:37-04:00By |Tags: , , , , , |

New Prevention Tactics for Avoiding Malware

In an effort to combat the epidemic of ransomware attacks, the FBI identified key steps to help prevent a breach. There are over 4000 ransomware attacks per day, and the number is expected to increase. Individuals and businesses need to protect themselves against this insidious intrusion. Ransomware is a form of malware designed to extort money from businesses and individuals. It encrypts data on a home computer or business network, and in some cases seeks out connected backups to encrypt [...]

Why Spear Phishing and Social Engineering Work

Why Spear Phishing and Social Engineering Work People are the weakest link when it comes to cybersecurity. Why do they click on an embedded link contained in an email. Why do they open what looks like a suspicious email in the first place? Successful ransomware and spear phishing attacks continue to be on the rise; in February a Los Angeles hospital paid $17,000 to hackers in order to “free” their computers. http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin-20160217-story.html So far this year the FBI estimates $200 [...]

Speeding Ticket Spear Phishing

There is a new email scam that hits close to home: fake speeding tickets! The Spear Phishing email appears to be a speeding ticket. Several people in Tredyffrin Township, Pennsylvania received the emails which appeared to be from a local police department. The email contained accurate driving information: date and time, speed, license number, street address. Even more frightening, the drivers were actually speeding on the date and time listed in the email. The email demands payment through an attached [...]

Police Pay Ransom

Looks like CNN’s prediction that 2016 will be ‘The Year of the Ransomware’ is coming true, and in spectacular fashion. Cyber criminals are targeting the most unlikely of victims: local U.S. police departments!  (http://www.nbcnews.com/news/us-news/ransomware-hackers-blackmail-u-s-police-departments-n561746)   The attacks are based out of Eastern Europe. Since 2013 departments in seven states have reported attacks. NBC News reports that five Maine police departments were locked out of their records management systems last year. Departments in Alabama and New Hampshire were also breached, but [...]

Gone Phishing

      CNN has declared 2016 ‘Year of the Ransomware.’ In a recent report from Ponemon, 90% of US companies surveyed have been breached at least once. (http://www.computerworld.com/article/2509366/security0/90--of-companies-say-they-ve-been-hacked--survey.html) Criminal Phishing and Spear Phishing campaigns continue to be successful. They extort millions of dollars from government agencies, companies and non-profit organizations. Businesses need to know how vulnerable they are; and to define a metric, use internal Phishing campaigns to determine risk.   Companies are not disclosing specific internal phishing campaign [...]

Main Line Health Victim of Spear Phishing Attack

Main Line Health was reported to be the latest victim of a spear phishing attack that resulted in the exposure of its employees’ personal information. On February 16th, a Main Line Health employee received an email that appeared to be from a sender they recognized. This is what prompted the response that led to the current investigation. Layer 8 Security spoke with NBC 10 Philadelphia yesterday to provide more input around the situation and what people can look for to avoid [...]

2017-06-22T20:19:40-04:00By |Tags: , , , |

What’s the deal with LifeLock?

I often get questions from friends and family about LifeLock, an identity theft protection service - what it's all about, whether I use it (I don't), how effective the LifeLock services are, etc. Ironically, about a week and a half ago, LifeLock agreed to pay $100 million (see here) for allegedly breaching a FTC order by: "Failing to establish and maintain a comprehensive security program to protect its customers' sensitive personal information, including Credit Card, Social Security, and bank account [...]