email | Page 2


In the spirit of all the ghosts and ghouls that creep through our inboxes every day we posted a short quiz to see just how savvy our audience was at identifying phishing emails. The results are in and we cannot deny that we are slightly amused. We would like to thank everyone who participated, all 295 of you. The Results: The beginning of the quiz separated each respondent into one of 3 groups: -Absolute beginners -Your average netizen -Veteran security professionals As expected, the veterans scored just a little bit better than everyone else,... [Read More]
by RSS Michael Perna  |  Nov 12, 2013  |  Filed in: Industry Trends & News
Advanced Persistent Threats (APTs) usually start off with using a common tactic, which is through a spear phishing email. Disguised as coming from a well-known organization, the email certainly draws the user's attention, as seen in the one that I've recently received. Figure 1: Spear phishing email The unsuspecting user may open up the attached ZIP file and double click the extracted file, which turns out to be malware. This particular malware, which we detect as W32/Bublik.BDYG!tr, is found to be a simple downloader which is relatively small... [Read More]
by RSS Danny Choi  |  Oct 28, 2013  |  Filed in: Security Research
A: Reset your password and security questions, run a virus scan, and hope for the best. Beyond the basics, there are a few more considerations when your Gmail (or any other account for that matter) has been breached. Google offers two-factor authentication, enabling this should be one of your first steps. Two-factor authentication requires anyone logging into your account to not only know your username and password, but also retrieve a time sensitive token. This security token is usually a 5 digit number sent to your cell phone or your... [Read More]
by RSS Michael Perna  |  Oct 04, 2013  |  Filed in: Security Q & A
Spear phishing attacks are increasing today and the FBI has even issued a warning to the public due to its ability to target multiple organizations. Such attacks are considered as a part of APTs (Advanced Persistent Threats), which attempt to gain a foothold in the network of an organization. Recently, my email inbox has received two spam emails with suspicious attachments. A screenshot of one of the emails can be seen below: Figure 1: Spam email. I have collected the attachments of the two emails and found that they are the same file, which... [Read More]
by RSS Danny Choi  |  Aug 27, 2013  |  Filed in: Security Research
Many security and technology writers have had similar thoughts as this author has in regards to Yahoo's plan to recycle inactive email addresses (my previous post is here if you'd like to take a look). In response to Mat Honan's of Wired query to Yahoo for more comment, Yahoo made the following statement: "Our goal with reclaiming inactive Yahoo! IDs is to free-up desirable namespace for our users. We're committed and confident in our ability to do this in a way that's safe, secure and protects our users' data. It's important to note that the... [Read More]
by RSS Richard Henderson  |  Jul 30, 2012  |  Filed in: Industry Trends & News
Yahoo announced last week that they're going to release what may be hundreds of thousands of inactive or unused @yahoo.com email addresses starting next month. While on the surface this seems like a good idea, it's really not. Here's a personal story that shows what can happen when a company decides to recycle unused email addresses: I had a friend years ago who wanted to sell some things on eBay, but was absolutely flummoxed as to what to do. So I walked her through the whole process. When it came to accepting payments, she asked if she could... [Read More]
by RSS Richard Henderson  |  Jul 30, 2012  |  Filed in: Industry Trends & News
For geeks like me, 1986 was a great year... IBM unveiled their \"PC Convertible laptop\", the [\"first MS-DOS virus, Brain,\"](http://en.wikipedia.org/wiki/Brain_(computer_virus) was released, and the \"Electronic Communications Privacy Act of 1986 (ECPA)\" was enacted. And, why is this so important? Because 27 years later, laptops, computer viruses and this piece of legislation all impact just about everyone in one way or another. But, this article is about email, privacy and you. What does the ECPA have to do with that? See, back in 1986 servers... [Read More]
by RSS UnAttributed  |  Jul 30, 2012  |  Filed in: Industry Trends & News