What do you get when you add a totally free 1.3 Billion set of phone numbers and data from millions of Facebook profiles? A massive dox database of users now up for sale for $100,000. The Clubhouse data breach earlier this year, while headline-worthy, resulted in a big nothing where all the phone numbers exfiltrated […]
A Popular Fraud Combo is Back: Elon Musk and Bitcoin
Researchers at Bitdefender warn that cybercriminals continue to impersonate Elon Musk in Bitcoin scams. One campaign that started on May 15 involved sending thousands of emails telling users to register for a $5,000 Bitcoin giveaway organized by Tesla. “79.72% of scam emails appear to be sent from IP addresses in Germany, targeting users in Europe […]
New QuickBooks-Themed Phishing Attack Seeks to Infect Victims with Dridex Malware
Quickbooks Phishing AttackPurporting to be invoices and payment reminders, this new campaign targets users of the popular accounting software to install the banking trojan on its victims endpoints. The bad guys have long known that emails involving the concept that the recipient owes money will get a response. They also know if you use a […]
FBI Finds Phishing Sites Abusing Search Results and Ads to Steal Banking Credentials
The US Federal Bureau of Investigation has sent out a private industry notification (PIN) warning that cybercriminals are using search engine ads and search results to spread phishing sites that impersonate banking websites. The FBI says this campaign has been running since March of 2021, although the Record notes that this technique has been in […]
Optrics Insider – How to Stay Safe Against Phishing Attacks & Social Engineering
Join Scott Young from Optrics Engineering and Mike Brill from KnowBe4 as they discuss the latest Zoom phishing attacks and social engineering and how best to keep you and your staff safe from them. Read the “Running Headfirst into a Breach” blog article mentioned in the above video. Learn more about KnowBe4 by going […]
Running Headfirst Into a Breach
The pandemic changed the fortunes of many organisations. Perhaps none so much as Zoom, which has found itself becoming a noun synonymous with any form of video call. However, its meteoric rise has not been without some hiccups along the way. There have been many cases of people not securing their meetings, leading to many […]
It’s Not Only About the URL
You have to look at the totality of an email to determine whether it is a phishing attack or not. I’ll admit it, I’m guilty. When I get a phishy-looking email, the first thing I do is hover over the URL to see if it is legitimate-looking or not. And, most phishing emails do contain […]
New Ransomware, OldGremlin, Coming Soon to an Organization Near You!
Pay attention to this one. Despite only targeting Russian companies, the use of custom self-made malware and decidedly creative phishing campaigns makes them a potential danger. OldGremlin first showed in in late March of this year. Singapore-based GroupIB took note and has been tracking them continually. What makes this new kid on the block so […]
The Geography of Business Email Compromise
Researchers at Agari have released a report on the global distribution of business email compromise (BEC) actors, and determined that 25% of these criminals are operating from within the United States. This makes the US the second-largest hub for BEC actors in the world. Criminals in Nigeria still account for the vast majority of BEC […]
Healthcare Sector Still Sustains Phishing Campaigns
No one should take too seriously the high-minded things criminals sometimes say about how they’re restraining themselves during the pandemic, and that they’re going to avoid hitting hospitals and biomedical research organizations. If anything, attacks on such targets have increased in recent months, and phishing is the usual approach. The goal of the phishing attacks […]