phishing | Page 2


Phishing works. Not all the time, not every time, but enough of the time. Either because users are in a hurry, are careless, or simply aren’t well-trained enough to recognize an attack, phishing emails catch enough employees and consumers that cybercriminals continue to fire them off by the millions and use them to deliver all manner of malware, lure users to fake or compromised sites and steal personal information. It doesn’t help that phishing emails are becoming increasingly sophisticated. While some are still quite easily recognized... [Read More]
by RSS Chris Dawson  |  Nov 11, 2015  |  Filed in: Industry Trends & News
Recently, our monitoring detected a new email phishing campaign circulating in the wild. The targets are individuals who are using email from providers such as YahooMail and Gmail. Our analysis below will tell more about this phishing campaign and what you should do to avoid becoming a victim of this campaign. Below is a screenshot of the phishing email: Figure 1: Phishing email From figure 1, you can see the content of the email used by hacker for phishing. The attachment is a RAR file containing a simple HTML page used as a fake Yahoo... [Read More]
by RSS Tien Phan  |  Oct 20, 2015  |  Filed in: Security Research
October is National Cyber Security Awareness Month, and it's all too easy to dwell on the hacks and attacks that make headlines every day. It sometimes seems as though every month recently has been Cyber Security Awareness Month. Data breaches and a distinct sense of "cyber insecurity" pervade the news and our digital lives. Victims of cyber attacks range from the largest corporations and government agencies right down to friends and family members whose personal data has been exposed. Instead of focusing on victims and attacks,... [Read More]
by RSS Chris Dawson  |  Oct 01, 2015  |  Filed in: Industry Trends & News
I've kept more than my share of legacy systems alive over the years. Sometimes they've running applications that aren't compatible with newer operating systems. More often, there simply isn't the time or money to deal with an upgrade. But with the end of support for Microsoft Server 2003 coming and going this week, I can't help but wonder at the sheer number of businesses still running the OS or what appears to be a general sense of apathy over its end of life.     As Fahmida Rashid over at PCMag put it, "...Windows... [Read More]
by RSS Chris Dawson  |  Jul 17, 2015  |  Filed in: Industry Trends & News
If the Point of Sale (POS) system in your retail business is still running on an older operating system, e.g., Microsoft Windows XP or anything else pre-Win 7, there are a number of compelling reasons why it's long past time to change that. And while most of these reasons are gotchas, there are also positive reasons. Newer systems are simply richer in features and easier to use. It's understandable that businesses want to hang onto systems that are still working and that employees are familiar with. But it's a bad idea that will... [Read More]
by RSS Daniel Dern  |  May 07, 2015  |  Filed in: Industry Trends & News
I’ve spent a lot of time over my career talking about education. K12, higher ed, virtual and blended learning, educational technology, you name it. I’ve even looked extensively at continuing education and professional development. As my focus has turned more to enterprise technologies and security over the last several years, I still couldn’t help but see many of the challenges we face in IT through an educational lens. After all, security pros and hackers aren’t born with deep security and networking expertise - why should... [Read More]
by RSS Chris Dawson  |  May 04, 2015  |  Filed in: Industry Trends & News
Though not a phishing cure-all, it’s a good sign that Google is bringing this issue front and center for millions of Chrome users. Remember those Nigerian email scams that hit so many people a decade ago? They were fairly comical, but effective enough to earn a place in Internet lore and more than a few memes. They were also the predecessors of modern phishing schemes, designed to steal credentials, personal information, financial data, and other information. Cybercriminals can then use this data to steal identities, money, intellectual... [Read More]
by RSS Chris Dawson  |  Apr 30, 2015  |  Filed in: Industry Trends & News
The games have began and we aren't just talking about football. Unsolicited emails: Beware of spam emails that say you're the lucky winner of a lottery for two free tickets to the World Cup, or promises to give you free access to Websites that let you watch the matches live. By clicking on those links, you could be taken to compromised Websites that download malware onto your computer. That malware could be used as a keylogger to retrieve all of your personal information, including passwords and other credentials; it could be used to download... [Read More]
by RSS Guillaume Lovet  |  Jun 18, 2014  |  Filed in: Industry Trends & News
eBay announced today that a breach of their systems has led to the loss of files containing encrypted copies of their users' passwords. At the moment, it's not known how those passwords were encrypted. Of course, it's hoped that each password was individually salted in order to make decryption much more difficult. Other information stolen in the breach include names, email addresses, home addresses, phone numbers and dates of birth. eBay's payment arm, PayPal claims to have been unaffected by the attack, and that PayPal data is "...encrypted and... [Read More]
by RSS Richard Henderson  |  May 21, 2014  |  Filed in: Industry Trends & News
You get a message in your inbox that appears to be from the popular online retailer Amazon.com, claiming that there was an error with your recent order. All you have to do is confirm who you are with login credentials or a credit card number, and they will be sure to address the glitch and reroute your package as soon as possible. The message looks convincing - yet don't really remember ordering anything on Amazon in the recent past. Or did you? Image courtesy of Richard Henderson In reality, the e-mail is not from Amazon - or any other... [Read More]
by RSS Stefanie Hoffman  |  Dec 04, 2013  |  Filed in: Security 101