Email PDF Attachments to Control Stealthy Backdoor

Turla, a highly sophisticated Russian cyberespionage group, also known as Snake and Uroburos, for the past several years have been using PDFs in emails to control an especially stealthy Microsoft Outlook backdoor. The most recent victims of the backdoor include Germany’s Federal Foreign Office, a significant defense contractor, and the foreign offices of at least two other European countries. In the attack against the Germany’s Federal Foreign Office, Turla dropped the backdoor on several systems and used them to steal data. Continue reading Email PDF Attachments to Control Stealthy Backdoor

SharePoint Online Phishing Attacks on Office 365 users

A Microsoft Office 365 SharePoint Online Phishing attack is on the rise for stealing login credentials dubbed as PhishPoint. According to Security Affairs, this new phishing attack has already affected about 10% of Office 365 users. From a number’s perspective based on October 2017 reported number of users on Microsoft Office 365 was about 120 Million users, we suspect that has grown to about 150 Million users till date. So, 10% is about 15 Million users impacted and growing. Continue reading SharePoint Online Phishing Attacks on Office 365 users

Phishing Attacks are on the Rise in 2018

Each quarter, the Anti-Phishing Working Group (APWG) prepares a report to keep all sectors aware of current cybercrime threats. The APWG recently released Phishing Activity Trends Report for Q1 2018 on July 31st, 2018. Phishing Activity Trends Report contains detailed data compiled from reported Phishing Campaigns. Phishing Campaigns are emails sent to multiple users with a familiar subject line to get the user to trust the email to open the email and a phishing website that uses safe and ethical phishing practices. Continue reading Phishing Attacks are on the Rise in 2018

Mobile Phishing Scams are on the Rise

Phishing is the practice of sending fraudulent messages or emails pretending to be a part of reputable companies and trying to get individuals to reveal personal information about themselves, whether it be social security numbers, bank account numbers, passwords, etc. In the past few years, the number of phishing scams  have been increasing at an immense rate. According to the security firm Lookout, the rate at which enterprise users are falling for phishing attacks on mobile has increased by 85% every year since 2011. Continue reading Mobile Phishing Scams are on the Rise

Employee Payroll Direct Deposits are the new targets of a phishing scam

An alarming notice to employers and employees! There is an outrageous new phishing scam, affecting most of the employers and employees nationwide, with regard to their payroll service providers and direct deposits, in an attempt to steal your employees’ paychecks. Yes, you read it correctly. These cyber-criminals are going after your employees’ hard-earned income.   Continue reading Employee Payroll Direct Deposits are the new targets of a phishing scam

New Email Security Study Shows a Massive 10.5% Failure Rate

The aggregated results of a new email security analysis show over 10% average rate at which enterprise email security systems miss spam, phishing and malware attachments.
The summary of findings encompasses user mailboxes at companies tested in the Email Security Gap Analysis program during September and October 2017. Continue reading New Email Security Study Shows a Massive 10.5% Failure Rate

Backups becoming more desirable for Ransomware hackers

With all the ransomware attacks that have occurred, like CryptoWall, WannaCry, Petya, there’s a lot of chatter on the Internet about precautionary measures and solutions. One popular solution that’s being talked about is having a good backup for your data. But can having a good back up keep the ransomware attacks at bay? Continue reading Backups becoming more desirable for Ransomware hackers

It’s time to test your employees’ phishing awareness.

On a given day, you tend to get anywhere from less than 10 emails to about a few hundred. Out of these emails, there’s a good chance you will get at least one or two phishing emails, which somehow bypassed your spam filter and other security rules that you have in place. If your spam filter is not currently active, turn it ON as soon as possible. Continue reading It’s time to test your employees’ phishing awareness.