A series of attack anecdotes shared by Brian Krebs shows how persistent and sophisticated scammers are in using social engineering tactics to gain access to their victim’s bank account details. It all starts with a bit of information about their next potential victim; using credit card records for sale on the dark web, scammers begin […]
It Starts with a Phish: Employee PII at Risk When Pipeline Development Outsourcer Falls Victim to Ransomware Attack
The latest example of a modern-day ransomware attack demonstrates how data encryption and ransom can no longer be the assume extent of an attack. Two weeks ago, outsourcing service provider ExecuPharm released a notice of data breach to their consumers. In it, ExecuPharm noted experiencing a ransomware attack in March of this year where “employees […]
5 Tips to Prevent CEO Fraud
Every day, employees are regularly receiving spoofed emails. Even C-level executives are receiving fraudulent requests to transfer money or provide sensitive information. This form of social engineering is known as CEO fraud and it’s becoming more and more common. Ingenious Tricks The spike in the number of CEO fraud attempts indicates that cyber criminals are […]
Cyber-Insurance Premiums Jump as High as 25% and May Now Require Co-Insurance
With enough claims under the belts of insurance companies covering data ransoms, data theft, and other types of cyberattack, the risk appears to be shifting somewhat back to the policyholder. Let me make this clear: insurance companies are in business to stay in business. Sure, they’re willing to take on a certain amount of risk […]
2020 Cybersecurity Predictions by KnowBe4’s Experts
With data breaches hitting headlines daily, IT pros are constantly concerned about the next big threat. Whether it’s ransomware, phishing, or completely new attack vectors, there’s always something on the horizon rearing its ugly head. KnowBe4 has compiled a list of its top 10 cybersecurity predictions for 2020 from its executive leadership team and array […]
Veterans are High-Payoff Social Engineering Targets for Scammers
Veterans are particularly valuable targets for various types of social engineering attacks, according to Mary K. Talbot at the Providence Journal. Veterans are often respected leaders in the community, and often function as influencers whose opinions carry a lot of weight. As a result, disinformation campaigns in often single them out to hijack their accounts […]
PayPal Scammers Want More than Just Your PayPal Credentials
Researchers at ESET have come across phishing sites that try to steal PayPal logins along with a wide range of personal and financial information. The scam begins with phishing emails purporting to come from PayPal which inform recipients that an unknown device has accessed their account. The emails appear legitimate and convey a professional sense […]
[LEGAL ALERT] What You May Have Overlooked in the Run Up to CCPA Compliance
LAW.COM had a very good reminder that you really need to keep in mind. Here is an extract: “With just days to go before the California Consumer Privacy Act (CCPA) compliance date, some companies may be scrambling to get their data collection and management processes in order. “Others, however, might be taking a wait-and-see approach […]
[Heads-up] Ransomware attack forces Arkansas CEO to fire 300 employees days before Christmas
The chief executive officer of a telemarketing company in Sherwood, Arkansas has let go 300 employees after the company failed to recover from a ransomware infection a few months back. In a deeply apologetic letter to employees, The Heritage Company CEO Sandra Franecke said two months ago their servers were attacked by hackers who demanded […]
[NEW RISK] The MAZE Ransomware Gang Outs Their Victims On A Public Web Site
In a continuing escalation of its extortion tactics, independent security researcher, Brian Krebs reported on Krebsonsecurity.com that the criminals behind the MAZE-RANSOMWAREMAZE Ransomware gang just created a publicly viewable web site listing 8 victims and a limited amount of selected data. MAZE probably hopes that by increasing psychological extortion pressure they will squeeze current victims […]