The Financial Industry Regulatory Authority (FINRA) fined and temporarily suspended a financial advisor working for UBS after he was tricked into transferring $511,870 from a client’s account in a CEO fraud scam, according to FinancialAdvisorIQ. A hacker used social engineering to access the client’s account and asked the advisor, William Darby, to move the money […]
Whaling: Like Phishing, but After Bigger Game
Organizations have to acknowledge their responsibility for ensuring their employees are able to recognize targeted phishing attacks, according to James McGachie, Legal Director of DLA Piper Scotland. Writing in The Herald, McGachie explains that sophisticated spear phishing attacks designed to steal large amounts of money (also known as “whaling”), should be of special concern to […]
How Phishing is Evolving
Attackers are always using new tactics to stay ahead of defenders, and Microsoft’s Office 365 Threat Research Team describes three noteworthy phishing techniques they’ve observed in 2019. The first was the use of hijacked search results to redirect users to malicious sites. Attackers used a traffic generator to artificially push a baited website to the […]
Dancing with Hackers
Dancing with the Stars pro Witney Carson announced on Twitter that her Facebook account had been hacked. Unknown miscreants gained control of Carson’s Facebook through a unique phishing technique and proceeded to upload spamming material to not only her page, but resharing items to other celebrity pages. Now, there are two questions that immediately come […]
ReVil Ransomware Threatens to Squeeze Their Victims with Public Exposure of Data
The REvil Ransomware crew are getting ready to put more pressure on their ransomware victims to pay up by threatening to release data if the ransom isn’t paid. Our friends at Bleepingcomputer report that the REvil group is threatening to use exfiltrated data obtained before the encryption process to increase pressure on victims to pay […]
Spear Phishing in the Royal Canadian Mint
The Royal Canadian Mint, which produces Canada’s coins, nearly sent an employee’s paycheck to an attacker following a spear phishing attack, CBC News reports. The attacker sent an email to the Mint’s HR department while posing as an employee and requested that the department change the employee’s bank account details. The HR worker who received […]
Microsoft Sees Phishing on the Rise
According to Microsoft security research, the percentage of inbound emails associated with phishing on average increased in the past year. For some, this may feel like obvious news, but given the scale of Microsoft and their visibility into global traffic, the security intelligence report makes for some interesting fact-based reading. Souce: Microsoft Security Intelligence Report According […]
What’s in it for the Social Engineers?
A necessary skill for any successful hacker is an understanding of how the human mind works, according to a post in IT Pro. Knowing how to manipulate technology is a major part of the job, but this knowledge can be complemented with social engineering to launch much more successful and efficient attacks. These talents can […]
Insurance Company On The Hook for 1.7 Million Dollars After Denying BEC Scam Claim
An article in the insurance Journal reports that the 11th Circuit Court in Atlanta agreed with a district court ruling that insurance company “Ironshore” is still on the hook for paying a claim to Principal Solutions Group arising from a BEC (Business Email Compromise) scam resulting in the loss of about $1.7 million dollars. Principle […]
Social Engineering via Elder Scrolls
Scammers are going after Elder Scrolls Online accounts by posing as the game’s developers and informing players that their accounts will be banned unless they hand over their credentials, BleepingComputer reports. The fraudsters convey their scam by PlayStation private messages, and that makes it difficult for the recipients to verify the legitimacy of the sender’s […]