Tag: security awareness training

Phishing Attacks Impersonating Canadian Banks Work So Well, the Campaign Has Been Running for Two Years

As part of a massive ongoing phishing campaign, the same group of attackers leverage hundreds of lookalike phishing websites to steal from unsuspecting banking customers. Security researchers at CheckPoint have uncovered a two-year phishing campaign targeting customers of Canadian banks. Emails sent under the guise that banking users need to activate a digital certificate as […]

U.S. Government Issues Warning About Possible Iranian Cyberattacks

Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. Gen. Qassim Suleimani was killed by a U.S. airstrike at the Baghdad airport in Iraq.“Given recent developments, re-upping our statement from the summer,” Krebs said in a rare warning […]

4 patients sue Alabama health system after ransomware attack

BeckerHospitalReview just posted a new wrinkle in the battle against ransomware: “Four patients filed a class action lawsuit against Tuscaloosa, Ala.-based DCH Health System, alleging privacy violations and medical care disruption after an October ransomware attack.Five things to know:1. The patients filed the lawsuit on Dec. 23, according to the Tuscaloosa Real-Time News. The patients […]

Phishing Remains the Most Widespread Risk

As organizations look to improving their defenses, it’s worth remembering that attackers usually get through those defenses by manipulating the human beings those security measures are in place to protect. A recent warning on increased phishing attacks worth taking to heart comes from Deloitte Malaysia Cyber Risk, Risk Advisory executive director Ho Siew Keient.“Fraud, identity […]

Veterans are High-Payoff Social Engineering Targets for Scammers

Veterans are particularly valuable targets for various types of social engineering attacks, according to Mary K. Talbot at the Providence Journal. Veterans are often respected leaders in the community, and often function as influencers whose opinions carry a lot of weight. As a result, disinformation campaigns in often single them out to hijack their accounts […]

PayPal Scammers Want More than Just Your PayPal Credentials

Researchers at ESET have come across phishing sites that try to steal PayPal logins along with a wide range of personal and financial information. The scam begins with phishing emails purporting to come from PayPal which inform recipients that an unknown device has accessed their account. The emails appear legitimate and convey a professional sense […]

[LEGAL ALERT] What You May Have Overlooked in the Run Up to CCPA Compliance

LAW.COM had a very good reminder that you really need to keep in mind. Here is an extract: “With just days to go before the California Consumer Privacy Act (CCPA) compliance date, some companies may be scrambling to get their data collection and management processes in order.“Others, however, might be taking a wait-and-see approach before […]

[NEW RISK] The MAZE Ransomware Gang Outs Their Victims On A Public Web Site

In a continuing escalation of its extortion tactics, independent security researcher, Brian Krebs reported on Krebsonsecurity.com that the criminals behind the MAZE-RANSOMWAREMAZE Ransomware gang just created a publicly viewable web site listing 8 victims and a limited amount of selected data.MAZE probably hopes that by increasing psychological extortion pressure they will squeeze current victims who […]

Financial Advisor Fined After Falling for BEC Scam

The Financial Industry Regulatory Authority (FINRA) fined and temporarily suspended a financial advisor working for UBS after he was tricked into transferring $511,870 from a client’s account in a CEO fraud scam, according to FinancialAdvisorIQ. A hacker used social engineering to access the client’s account and asked the advisor, William Darby, to move the money […]