Trending Security Topics

Cybersecurity Awareness Basics

How to avoid identity theft, frauds, scams and more. Click below for more information.

Cybersecurity Basics

Cybercriminals Set Sights On Bot Attacks And Mobile Apps

"What we are really seeing is the establishment of cybercrime as an industry in its own right and, as it continues to evolve, I think we can expect to see this criminal enterprise mirror genuine businesses—the 'engineering department' develops the cutting edge attacks, while 'procurement' enlists money mules and 'finance' deals with money laundering."

From “Tech Republic” Macy Bayern (9/13/2019)

What Is Phishing? A Look At One Of Cybercrime’s Favorite Tactics

Phishing is a very real and very dire threat to organizations and individuals alike. In fact, in 2018 alone, nearly one-third of all data breaches involved various types of phishing attacks or tactics. We’re not just pulling this number out of a dark region; this research comes from Verizon’s 2019 Data Breach Investigations Report. This is just one of many reasons why phishing is so dangerous to businesses, brands, employees, and consumers alike.

From “Security Boulevard” Casey Crane (9/14/2019)

In The Wake Of Hurricane Dorian

After a storm like Hurricane Dorian, scammers often target people who need to get their homes cleaned up or repaired, or find a new place to rent. Scammers might pose as a government official, asking for financial information or money to apply for aid that you can request on your own for free. Whatever the story, they often demand that you pay by gift card, prepaid card, or by wiring money. And that’s always a scam.

From “Federal Trade Commission” Colleen Tressler (9/11/2019)

OUCH! Newsletter: Scamming You Through Social Media?

Many of us have received phishing email, either at work or home. These emails look legitimate, such as from your bank, your boss, or your favorite online store, but are really an attack, attempting to pressure or trick you into taking an action you should not take, such as opening an infected email attachment, sharing your password, or transferring money. The challenge is, the more savvy we become at spotting and stopping these email attacks, the more cyber criminals try other ways of contacting and scamming us.

From “SANS OUCH Newsletter” Dr. Jessica Barker (9/04/2019)


Evolving Digital Security Threats Require ‘Cyber Vigor’

Cybercriminals will always evolve and employ more sophisticated attack methods. In response, we must understand who the bad actors are and what data or resources they’ve seized. With a cyber vigor approach, organizations can assume a proactive stance and strengthen their defensive efforts. Without it they will remain in reactive mode, continuously under threat by the unknown. Nor will they take any comfort in the known threat that usually follows—for as Target, Marriott, Equifax and other victimized companies can attest, massive data exposure often leads to poor media exposure.

From “BAI Banking Strategies” George de Urioste (9/12/2019)


More Than 99% Of Threats Target Corporate Staff

Specific staff members, dubbed "Very Attacked People" (VAPs), are targeted most often — perhaps because they have access to corporate funds or sensitive data, or even because they are easily discoverable by outsiders.

From “Info Security” Phil Muncaster (9/10/2019)


When It Comes To Resiliency, Can You Handle The Truth?

When it comes to cyber resiliency, the number of possible examples like the previous story increases exponentially at each turn. These cracks in the truth can be hiding in your Intrusion Prevention, Intrusion Detection, firewall rules, network topology, connectivity redundancy, levels of trust and authentication, and even the policies and procedures that govern all of your infrastructure and cyber resiliency strategy.

From “Jack Henry & Associates, Strategically Speaking” Eric Flick (9/04/2019)


Potential Hurricane Scams Among Latest Fraud News And Leak Warnings

CISA suggested users exercise caution in handling any email with a hurricane-related subject line, attachment or hyperlink. In addition, users should be wary of social media pleas, texts or door-to-door solicitations relating to severe weather events.

From “Credit Union Times” Roy Urrico (9/05/2019)


Social Security Is Not Trying To Take Your Benefits

We’ve seen a new twist on the Social Security Administration (SSA) scam recently. Check out this SSA imposter robocall, which says your benefits will end.

From “The Federal Trade Commission” Jim Kreidler (9/13/2019)


Free Trials And Tribulations

As you browse online, you probably see offers to try out cool products or services for free. This can be tempting and, many times, it’s okay to check them out. But some dishonest companies will bury the terms of their “free trial” offers in fine print or not disclose them at all. Their real goal is to rob you blind.

From “Federal Trade Commission” Lisa Lake (9/06/2019)


Formjacking: What Is It, And How Can You Protect Your Users?

Here’s how it works: When end users enter their payment information, a malicious JavaScript running in their browser sends an extra copy of the information to a server controlled by the attacker. Formjacking — a new name for a phenomenon that has been around since April 2000 —is the digital version of credit card skimming. Like modern credit card skimmers, formjacking is stealthy and hidden from sight.

From “Ed Tech” Joel Snyder (9/03/2019)


Instagram Confirms Security Issue Exposed User Accounts And Phone Numbers - Exclusive

I had the security researcher run tests on the platform and he successfully retrieved “secure” user data I know to be real. This data included users’ real names, Instagram account numbers and handles, and full phone numbers. The linking of this data is all an attacker would need to target those users. It would also enable automated scripts and bots to build user databases that could be searched, linking high-profile or highly-vulnerable users with their contact details.

From “Forbes” Zak Doffman (9/12/2019)


2019 National Cyber Security Awareness Month Toolkit

This toolkit includes highly effective engagement collateral to help you address cyber security safety messages and identify opportunities for behavioral change within your entire organization.

From “SANS” (9/11/2019)


Ransomware Protection Strategies

The Cybersecurity and Infrastructure Security Agency (CISA) has observed an increase in ransomware attacks across the Nation. Helping organizations protect themselves from ransomware is a chief priority for CISA.

From “U.S. Department of Homeland Security CISA” (9/06/2019)


Facebook: 419 Million Scraped User Phone Numbers Exposed

“People could enter another person's phone number or email address into Facebook search to help find them," he wrote. "Malicious actors have also abused these features to scrape public profile information by submitting phone numbers or email addresses they already have through search and account recovery."

From “Bank Info Security” Mathew J. Schwartz (9/05/2019)


Protect yourself from fake check scams with these tips from FDIC Consumer News (Click link for full article)

Even in today’s digital and mobile world where electronic money transfers are common, consumers and businesses may still prefer the assumed security of paper cashier’s checks or official bank checks for large or major payments. Recipients generally prefer one of these checks over a personal check because the financial institution presumably has already collected the funds from the party purchasing the cashier’s checks or official bank checks. This means the payment is guaranteed, unless the check is counterfeit, so there are risks to consumers and businesses from these types of paper instruments, as well.