How often do you reconcile your checkbook? Studies show that most of us don’t check our bank account often enough and that there is a significant part of the population who still use checks to pay bills. Yet, we still don’t realize the amount of effort it takes to deal with a compromised bank account. …Read more
As many of you head out on vacation before school starts, you may find that obstacles outside your control threaten your trip. Weather and airline delays are two such examples. Many obstacles, however, are within your sphere of influence. Cyber preparedness is one of them. The following tips will ensure a cyber worry-free vacation no …Read more
In the past, we’ve talked about phishing emails that contain a hyperlink to malicious websites. Traditionally, these are identifiable through boxes, buttons or phrases within the email. When you move your cursor over them, the cursor changes to the hand and displays the content of the URL. This week’s sample email represents an old but …Read more
I’ve covered the use of social media in social engineering attacks a number of times. Statistically, social media continues to be a starting point for crafting elaborate social engineering or phishing attacks. Let’s run through a refresher. Sharing too much private information on social media is dangerous. If you’re not sure what to share, follow …Read more
There are two schools of thought around unsubscribing from unsolicited emails. Some say do; others say don’t. Recently attackers have been abusing legally required unsubscribe links to lead you to malicious sites. In fact, most hyperlinks in emails get abused over time. If you had asked me five years ago whether you should unsubscribe, I …Read more
We have talked about phishing emails containing a hyperlink to malicious websites. Traditionally, these are identifiable through boxes, buttons or phrases within the email. They are visually marked, and when you move your cursor over the link, the link changes to a hand and displays the content of the URL. However, there is another frequently …Read more
After being accused of numerous social media privacy violations, Apple responded on January 8 with a billboard on the side of the Las Vegas Convention Center: “What happens on your iPhone, stays on your iPhone.” But is it true? It is until it isn’t. Let me explain. Both Apple and Google operating systems …Read more
The “tech support” scam has been around for well over 10 years. Although the look and media have changed, the scam has fundamentally stayed the same. If you remember five to six years ago, fraudsters masked themselves as Apple® support. Technology progression (i.e., Voice over IP) makes thieves’ job easier as they can now spoof …Read more
“The devil is in the details,” or so they say. Today I want to explain a technique that serves absolutely no legitimate purpose other than a malicious one: double extension. In the Microsoft® Windows® world the file extension is critical as it indicates which program will open the file. For example, document.doc will be opened …Read more
The primary goal of social engineers is to make us curious or fearful because that is when we are most vulnerable. They use many tactics: Spoofing a sender in emails and utilizing familiar content are two of their favorites. One of the most common attributes of phishing attacks is a sense of urgency. By nature, …Read more