Phishing attacks: Sophisticated new group found operating undiscovered for a year

A newly uncovered phishing group is targeting big companies around the world. It’s thought to be the first major scam gang of its type operating out of Russia, indicating a potential shift in the cyber-threat landscape.  Business email compromise (BEC) scams can be highly lucrative for cyber criminals, with organisations losing hundreds of millions of dollars a month after being tricked into sending finances into accounts owned by criminals.  … Cosmic Lynx – the campaign has targeted individuals in 46 countries across six continents and combines in-depth research on target organisations and their executives

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your office from Phishing Attacks?Join the conversation on our Facebook Page!

Spear-phishing campaign compromises executives at 150+ companies

A cybercrime group operating since mid-2019 has breached the email accounts of high-ranking executives at more than 150 companies, cyber-security firm Group-IB reported today.  The group, codenamed PerSwaysion, appears to have targeted the financial sector primarily, which accounted for more than half of its victims; although, victims have been recorded at companies active across other verticals as well.  PerSwaysion operations were not sophisticated

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Are you prepared for these attacks?
Join the conversation on our Facebook Page!

 

Coronavirus used in email phishing attacks – a 667% increase

There has been a steady increase in the number of coronavirus COVID-19-related email attacks since January, according to security firm Barracuda Networks, but researchers have observed a recent spike in this type of attack, up a whopping 667% since the end of February. …

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

How are you protecting your office?

Join the conversation on our Facebook Page!

 

 

Half of firms have spotted a cyberattack – and here is the most common one you will face

Almost half of businesses have experienced a cyberattack or data breach in the past year – and almost all of the organisations that know they’ve been on the receiving end of attacks have reported being targeted by phishing and other fraudulent emails

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

How do you stop phishing attacks?Join the conversation on our Facebook Page!

2020’s Most common cyberattacks & how to defend against them

Protecting your business from cyberattacks is a never-ending challenge. But to make sure your security eggs are in the right baskets, here’s a look at the most common cyberattacks we’ll likely see this year and how to defend against them.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Which has been a greater problem for your firm: phishing attacks or reansomware?Join the conversation on our Facebook Page!

Official: Puerto Rico govt loses $2.6M in phishing scam

Puerto Rico’s government has lost more than $2.6 million after falling for an email phishing scam, according to a senior official. … Rivera said the government agency transferred the money on Jan. 17 after receiving an email that alleged a change to a banking account tied to remittance payments, according to a police statement. …

APnews.com click the link to read the rest of the story.  Get our free tools here.

How do you protect your office from these scams?Join the conversation on our Facebook Page!

 

New service notifies companies when their employees get phished

Companies across the world now have a new free web service at their disposal that will automatically send out email notifications if one of their employees gets phished.  The service is named “I Got Phished” and is managed by Abuse.ch, a non-profit organization known for its malware and cyber-crime tracking operations.

ZDNet.com click the link to read the rest of the story.  Get our free tools here.

Will you sign up?Join the conversation on our Facebook Page!

Beware of this sneaky phishing technique now being used in more attacks

Security company researchers warn of a large increase in conversation-hijacking attacks. Here’s what they are and how to spot them.

ZDNet.com click the link to read the rest of the story. Get our free tools here.

Has your team received training in how to spot these attacks!Join the conversation on our Facebook Page!

Phishing attacks jump by 21% in latest quarter, says Kaspersky

The number of worldwide phishing attacks detected by Kaspersky hit 129.9 million during the second quarter of 2019, according to a new report from the security vendor.

TechRepublic.com click the link to read the rest of the story. Our FREE Tools can help!

Have you been hit this year?

Join the conversation on our Facebook Page!

Ransomware: Why cities are now big targets for cyberattacks – and why it’ll get worse

In an emergency meeting of the city council, the administration of Lake City, a small Florida city with a population of 65,000, voted to pay a ransom demand... The decision to pay the ransom demand was made after the city suffered a catastrophic malware infection earlier this month… Despite the city’s IT staff disconnecting impacted systems within ten minutes of detecting the attack, a ransomware strain infected almost all its computer systems…  the unfortunate truth is that some organizations still won’t heed the lessons of the recent spate of attacks

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Do you agree with their decision to pay the ransom?

Join the conversation on our Facebook Page!

Strange new phishing attack uses a surprise bill to trick you

Banks and financial institutions around the world are being targeted by a new email phishing campaign which uses an unusual technique as part of its attacks.  The phishing emails come with server-parsed HTML (SHTML) file attachments that are typically used by web servers. If users open the attachments, they’re immediately redirected to a malicious site requesting sensitive information, which if entered, falls directly into the hands of cyber-criminals …

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Does you company test employee phishing id skills?

Join the conversation on our Facebook Page!

Israel issues warning of a new type of cyber attack

Israel issued a warning warning of a new type of cyber attack, using artificial intelligence (AI) technology to impersonate senior company executives. In this method, instructions are given to the companies staff members to perform transactions such as money transfer to perform transactions such as money transfers, as well as malicious activity on the company’s network. …

Gadgetsnow.com click the link to read the rest of the story. Our FREE Tools can help!

How are you protecting your office from such attacks?

Join the conversation on our Facebook Page!

Top 10 Common Network Security Threats Explained

Now that most of our daily procedures and activities are automatized and available for use on the Internet, we need to take the same level of precaution we did as children, crossing to the other side of the street… today we’re going back to basicsexploring and explaining the most common network security threats you may encounter while online…

Securitytrails.com click the link to read the rest of the story. Our FREE Tools can help!

How safe is your business from these threats?

Join the conversation on our Facebook Page!

New Ransomware Attacks Much More Expensive to Survive

The average ransom demand is up to almost $13,000, compared with $6,700 just a few months ago.

The average ransom demand by hacker to release files encrypted by their ransomware attack has almost doubled in 2019.  … The sharp increase in ransom payments is linked to the emergence of more expensive and more hands-on forms of ransomware… They’ll exploit vulnerabilities in remote desktop protocols or abuse stolen credentials to gain access to systems, moving around networks and laying the groundwork for their ransomware to encrypt as many PCs as possible for the maximum impact.

ZDnet.com click the link to read the rest of the story. Our FREE Tools can help!

Has your company paid a ransom?

Join the conversation on our Facebook Page!

Phishing Attacks Are Prevalent During March Madness

With popular sporting events like March Madness, it’s easy for attackers to prey on human emotions with excitement running high and money on the line. With so many employees participating in office pools and brackets, it’s critical to avoid getting phished through fake sporting-themed websites, contests and offers around the games, or malicious browser extensions that claim to keep track of scores and stats.

SecurityBoulevard.com click the link to read the rest of the story. Our FREE Tools can help!

Has your company been hit with this attack?

Join the conversation on our Facebook Page!

Phishing attacks: Half of organisations have fallen victim in last two years

Almost half of all organisations have fallen victim to phishing attacks in the last two years, with larger businesses the most likely to been compromised, despite also being most likely to conduct cyber security training for staff.

ZDNet.com click the link to read the rest of the story.

How are you dealing with phishing attacks in your business?

Join the conversation on our Facebook Page!

Fake meeting request from the boss steals passwords

Called to a meeting with the CEO? Don’t be so sure.

A widespread phishing campaign is targeting executives across a number of industries with messages asking to reschedule a board meeting in an effort to steal logins and passwords.

ZDNet.com click the link to read the rest of the story.

Has your office received on of these yet?Join the conversation on our Facebook Page!

How to use Google’s Password Alert tool to thwart phishing attacks

Google’s built a new tool in the fight against phishing. The free Password Alert Chrome extension keeps track of where you enter your Google account password and alerts you when you’ve entered it someplace other than accounts.google.com. This does two things: it prevents you from re-using your Google password on other sites, and it protects you if you’ve entered your password on a site that’s pretending to be Google to collect your private information, a practice also known as phishing.

Cnet.com click the link to read the rest of the story.

Have you been scammed into giving up your gmail password?Join the conversation on our Facebook Page!

How to Spot Phishing: It’s the Most Common Cyber Attack

One percent of emails sent today are phishing attempts. And it often represents a more serious threat than the nuisance offers for free money we’ve all seen in our inboxes. Phishing is about stealing your password.

Medium.com click the link to read the rest of the story.

Take their quiz?  How did you do on it?Join the conversation on our Facebook Page!

New Trojan attack adds a backdoor to your Windows PC to steal data

A well-resourced and prolific hacking group is distributing a new strain of malware that gives the hackers remote desktop access as part of an information-stealing campaign targeting banks, retailers and businesses. … The remote access trojan capabilities of FlawedGrace mean it allows attackers to gain almost full control over an infected device. Given how the campaign targets banks and retailers, it’s likely that acquiring money is the ultimate goal of the attacks…

ZDNet.com click the link to read the rest of the story.

How are you protecting yourself from these attacks?Join the conversation on our Facebook Page!

Why ransomware costs small businesses big money

About 22% of businesses with less than 1,000 employees that experienced a ransomware attack in the last year had to stop business operations immediately. About 15% lost revenue.

On average, small companies lost over $100,000 per ransomware incident due to downtime. For one in six organizations, these attacks caused 25 hours or more of downtime.

cnn.com  click the link to read the rest of the story.

How much would it cost your business to be down for several days?Join the conversation on our Facebook Page!

How to spot a phishing email?

One of the solution I’d implement would be: when ever we hover over the link its should show you to which link it is pointing or redirecting to and this solution needs to be implemented by all email providers like Google’s Gmail, Microsoft’s Outlook etc. This will prevent the user from exposing their personal information to hackers.

Medium.com  click the link to read the rest of the story.

Have you been the victim of a phishing attack?Join the conversation on our Facebook Page!

Apple iOS Users Targeted By New Exploit

The scam starts with an email informing users that their phones have been locked due to “illegal activity” and instructing them to call “Apple Care” to get the problem fixed.

DWPia.com click the link to read the rest of the story.

Have you received these emails?Join the conversation on our Facebook Page!

Why Nation-State Hacking Should Matter To Everyone

Perhaps most critical, particularly for business networks who also support employee or consumer devices, is to ensure every device receives these necessary updates and patches. One vulnerable entry point can spell the downfall of an entire organization or a household of connected devices.

Forbes.com click the link to read the rest of the story.

Are you considering purchasing one?
Join the conversation on our Facebook Page!

DeepLocker: will malware weaponize artificial intelligence?

Traditional cyber security solutions, such as bolt-on antivirus software, are no longer enough. Cyber attackers are exploiting every possible avenue to steal data, infiltrate networks, disrupt critical systems, rinse bank accounts, and hold businesses to ransom.

PCMag.com learn more here

Are you adding new layers of protection for your business?
Join the conversation on our Facebook Page! 

Bad bots detected on 100% of web login pages, here’s how to protect your business

All websites with login pages have been hit with bad bot traffic and face Account Takeover (ATO) attempts, according to a Tuesday report from Distil Networks.

techrepublic.com Click the link to read the rest of the story.

Are you sure your business website is safe from attack?

Join the conversation on our Facebook Page!

Automate Your Inbox with these Tips, Tools, and Templates

We receive an average of 94 business emails every day and devote almost one-third of our time at work to email management. Bottom line: the benefits of email often come at the expense of productivity.

To reclaim your time, automate your inbox. Here are the tips, tools, and templates…

Zapier.com Click the link to read the rest of the story.

Have you tried integration tools like Zapier, before?

Join the conversation on our Facebook Page!

 

‘KnockKnock’: New Attack on Office 365 Discovered

Do these new attacks trouble you?

Microsoft’s Office 365 suite of cloud applications is now the most popular cloud service in the world by user count. While this has fast-tracked Microsoft’s path to becoming a cloud-first enterprise software company, it has also put a bulls-eye on Office 365, making it a target of choice for hackers. …
KnockKnock has been active since May 2017 and is currently still active. To go undetected, the hacking activity occurs in short stints, averaging 3-5 attempts of guessing the password of the system account before moving on to a different account within an organization. Moreover, it doesn’t display the same level of activity across multiple organizations. As it ramps up its number of attempts in one organization, it ramps down in others, further making detection difficult.

Tripwire Click the link to read the rest of the story.

How do you keep up with latest attacks on your business?

Join the conversation on our Facebook Page!