Tag: social engineering

Sitting Ducks: When Employees Work from Home

As the COVID-19 health crisis rages on and millions of workers and students move to working from home (WFH) and online distance education, no one should make the error of thinking that working and learning from the comfortable and familiar surroundings of home somehow makes these employees and students safe. They are not safe. If […]

WSJ: “Losing $450,000 in Three Days: Hackers Trick Victims Into Big Wire Transfers”

Rachel Louise Ensign wrote a great story for the WSJ about CEO Fraud, also known by the FBI as Business Email Compromise. I’m quoting an extract and I strongly recommend sending a link to the original WSJ article to your C-levels as it’s excellent ammo to get budget for new-school security awareness training. “In 2018, […]

U.S. Government Issues Warning About Possible Iranian Cyberattacks

Christopher C. Krebs, Director of Cybersecurity and Infrastructure Security Agency issued a warning about a potential new wave of Iranian cyber-attacks targeting U.S. assets after Maj. Gen. Qassim Suleimani was killed by a U.S. airstrike at the Baghdad airport in Iraq. “Given recent developments, re-upping our statement from the summer,” Krebs said in a rare […]

4 patients sue Alabama health system after ransomware attack

BeckerHospitalReview just posted a new wrinkle in the battle against ransomware: “Four patients filed a class action lawsuit against Tuscaloosa, Ala.-based DCH Health System, alleging privacy violations and medical care disruption after an October ransomware attack. Five things to know: 1. The patients filed the lawsuit on Dec. 23, according to the Tuscaloosa Real-Time News. […]

Phishing Remains the Most Widespread Risk

As organizations look to improving their defenses, it’s worth remembering that attackers usually get through those defenses by manipulating the human beings those security measures are in place to protect. A recent warning on increased phishing attacks worth taking to heart comes from Deloitte Malaysia Cyber Risk, Risk Advisory executive director Ho Siew Keient. “Fraud, […]

Veterans are High-Payoff Social Engineering Targets for Scammers

Veterans are particularly valuable targets for various types of social engineering attacks, according to Mary K. Talbot at the Providence Journal. Veterans are often respected leaders in the community, and often function as influencers whose opinions carry a lot of weight. As a result, disinformation campaigns in often single them out to hijack their accounts […]

Financial Advisor Fined After Falling for BEC Scam

The Financial Industry Regulatory Authority (FINRA) fined and temporarily suspended a financial advisor working for UBS after he was tricked into transferring $511,870 from a client’s account in a CEO fraud scam, according to FinancialAdvisorIQ. A hacker used social engineering to access the client’s account and asked the advisor, William Darby, to move the money […]

Microsoft Sees Phishing on the Rise

According to Microsoft security research, the percentage of inbound emails associated with phishing on average increased in the past year. For some, this may feel like obvious news, but given the scale of Microsoft and their visibility into global traffic, the security intelligence report makes for some interesting fact-based reading. Souce: Microsoft Security Intelligence Report According […]

What’s in it for the Social Engineers?

A necessary skill for any successful hacker is an understanding of how the human mind works, according to a post in IT Pro. Knowing how to manipulate technology is a major part of the job, but this knowledge can be complemented with social engineering to launch much more successful and efficient attacks. These talents can […]

Insurance Company On The Hook for 1.7 Million Dollars After Denying BEC Scam Claim

An article in the insurance Journal reports that the 11th Circuit Court in Atlanta agreed with a district court ruling that insurance company “Ironshore” is still on the hook for paying a claim to Principal Solutions Group arising from a BEC (Business Email Compromise) scam resulting in the loss of about $1.7 million dollars. Principle […]