How many emails do you receive each day? Did you know that one out of every 99 emails is a phishing attack? Phishing emails are everywhere and are still the most consistently effective cyberattack method we see daily. The subject lines are tricky as they appear to be legitimate emails that would generally be in your inbox, and it takes utmost vigilance and awareness to not click right on through one of these emails. To become more vigilant and cyber-aware, let’s take a look at the top 10 phishing email subject lines from Q1 of 2022.
Credential Stuffing was our topic last week. If you missed it, here is the link. We discussed what it is, the steps hackers take, and how likely you are to be a victim. Other than not reusing passwords, we did not cover how to prevent falling victim to one of the most common attacks. Let’s look at how to stay safe from a credential stuffing attack.
The holiday season has officially started for most of us, and thus the shopping has also begun. In addition to our increased shopping habits, those looking to take advantage of you are also kicking their season into high gear with scams that target shoppers, travelers, and just about everyone else. With last year being a record $9 billion Black Friday, a lot of money moving is as tempting to hackers as is that extra piece of pumpkin pie.
The Dark Web is only accessible via unique browsers or software that allow the users to remain anonymous. Imagine the Dark Web as an unlit, hidden alley. You can’t see the face of anyone when you peek inside; transactions are happening between people that aren’t being seen, and individuals are moving freely, anonymously, and without a trace. Search engines like Google or Bing track nothing. Encryption hides identities, and to get into these secret areas, you need to have special software. Like that "dark alley," this is where dishonest behavior can thrive. If your information and identity are being exchanged on the Dark Web, you need to know so you can remedy things quickly.
The North Korean Edition of Crouching Tiger, Hidden Dragon
Security is at the forefront of everyone's mind these days and for an excellent reason. Attacks are genuinely coming from every angle. In fact, the FBI has just released a warning about an infamous operation in which the US government has given the code name, Hidden Cobra. These North Korean government-linked hackers have been using two strains of malware to remotely penetrate global systems with the intent to steal passwords and other sensitive data. The tools they are using to gain access are, the remote access tool (RAT) Joanap RAT and the Server Message Block (SMB) worm Brambul and have potentially been using these tools with the same intent since 2009. Remember the 2014 attack on Sony Pictures Entertainment and the WannaCry malware attack….this was the same group.