Everyone wants to look good in front of their boss. Which is exactly why an urgent email from the CEO of your company is guaranteed to catch your attention. You’re more likely to act on the request immediately without questioning the details. But what if that email didn’t come from your boss? All it takes is one savvy email that encourages an employee to act on behalf of their team leader. For...

Phishing attacks work because people don’t know what phishing looks like. These examples of phishing emails emphasize how easy it is to be tricked.

The education sector experienced a "record-breaking" year of cyber attacks in 2020. In case you'd been sleeping under a rock, there was a global pandemic that drove up the need for virtual setups. According to Microsoft , education is globally the sector most vulnerable to threats like malware, accounting for more than 6.8 million (over 63%) of total reported encounters in early 2022. It's not one...

Hackers are targeting hundreds of thousands of Google users with fake Google Drive notifications and emails to try and trick them into visiting malicious websites.

Everyone wants to impress their boss, which is exactly what scammers rely on nowadays to carry out sophisticated phishing attacks called CEO fraud. Examples of CEO fraud are becoming increasingly common, with attackers regularly sending out phishing emails to an organization's employees and impersonating the top executive. This often comes with a demand at the end of the day that must be completed...

As much as we can say that cyber security measures are advancing, we can say the same about cyber criminals and their strategies. In 2022, ransomware attacks occurred every 11 seconds on average, at a global annual cost to businesses and governments of $20 billion US. Costs are rising in part due to the growing ransoms demanded from victims. While estimates of the average ransomware payout in 2020...

KrebsOnSecurity blog recently reported on a popular, low-cost Common Access Card (CAC) reader available on Amazon that came with drivers infected by malware . A compromised smart ID card reader can bring severe consequences to both government and private organizations. It gives hackers an easy backdoor means of infiltrating networks and systems, which can leave sensitive information vulnerable to...

Not only are they burning through cash as they pivot toward the metaverse, but their struggles with data privacy are an ongoing issue. In many ways, Facebook/Meta’s data privacy troubles began in 2018, with revelations that a data-marketing firm had illegally collected the personal details of more than 80 million Facebook users. However, despite promises of improvements and changes in corporate...

The way we think about data protection is changing. Cyber culture is emerging as the new norm, and organizations must adapt their strategies to stay ahead of the curve. Data protection has traditionally focused on preventing breaches and protecting sensitive information. However, cyber culture goes beyond this by encompassing all aspects of online life. It includes everything from how we interact...

If you’re a company that uses email scanning technology as the first line of cyber defense, you should know about a recent slate of malicious Word document-based attacks. These attacks are designed to deliver malware and ransomware to targeted systems. Security researchers at Cisco Talos recently identified an attack where Word document files attached to emails were used to deliver Cobalt Strike...

There is a sharp rise in cyber attacks targeting businesses and organizations across Australia. The nature of these attacks ranges from ransomware and phishing scams to distributed denial-of-service (DDoS) attacks, with some estimates suggesting that the number of cyber incidents could be as high as one million per year. The financial cost of these cyber attacks is immense, with businesses and...

Did you know that gift card scams are among the most popular cyber threats? The same things that make gift cards popular with consumers—convenience and ease of use—also make them attractive to scammers as a vehicle for fraud. Gift cards, also known as gift certificates or vouchers, have topped the list of reported fraud payment methods every year since 2018, according to the Federal Trade...

On November 1st, 2022, Dropbox became the victim of a cyber attack where source code repositories, as well as names and emails of their employees, were unauthorizedly accessed. It is not yet clear how the unauthorized access took place, but Dropbox has said that they are investigating the matter. The company is urging all users to change their passwords as a precautionary measure. This breach...

During the annual eCommerce bonanza known as Black Friday and Cyber Monday weekend, shopping websites will be swarming with people who are mostly unaware of cyber threats that can leave personal data vulnerable. In 2021, Europe, Canada, and the United States saw a 50% spike in transactions during the Black Friday and Cyber Monday window from the previous week. With the imminent spike in online...

On September 15, the Hive ransomware group claimed to have launched an attack against Bell Technology Solutions on August 20, 2022. The compromised information contained approximately 1.9 million active email addresses, 1,700 names, and active phone numbers. Bell Technology Solutions is a subsidiary of Bell Canada, a leading communications company and communications provider for over 140 years...

Restaurant menus worldwide have been replaced by QR codes stuck to the table during the COVID-19 pandemic. Physical menus were judged too difficult to clean and could act as infection vectors. Since everyone has a smartphone nowadays, QR codes were attractive alternatives instead of asking clients to type in the restaurant’s URL on their phones. Before, QR codes were mainly used for advertising...

Trap phishing is one of the most valuable intelligence-gathering tools cyber criminals have at their disposal. Hackers routinely send out emails, phone calls, and messages to trick the recipients into handing over personal information, clicking on a web link,or downloading a malicious attachment and infecting their device. These trap phishing attacks, more commonly referred to as phishing scams...