User Policies

Cybersecurity Awareness Month: SMB Edition

By |2019-10-24T15:04:40-05:00October 2nd, 2019|Categories: Security, Business, Cyber Security, Network|Tags: , , , , , , , , , , , , , , , , , , , , |

During the month of October, Cybersecurity Awareness Month reminds us of  category of crime tht continues to inflict companies and taxplayers with damages amounting in the billions of dollars every year. The only way to future-proof your business is by staying up to date on the latest threat landscape. To help you, here are five [...]

Manufacturing and Construction Top Targets for Business Email Compromise

By |2019-08-12T15:36:08-05:00August 15th, 2019|Categories: phishing, Security, Business, Cyber Security|Tags: , , , , , , , , , , , , , , |

Business Email Compromise Doubles in Incidents and Triples in Cost The latest data from the U.S. government’s Financial Crimes Enforcement Network shows fraud via business email is changing tactics and becoming more effective. Phishing attacks don’t always need to result in the use of malware. In many cases the goal is to commit fraud through [...]

Phishing Attacks Go Mobile

By |2019-06-26T10:47:22-05:00June 30th, 2019|Categories: Security, Business|Tags: , , , , , , , , , , , , , , , , |

Phishing Attacks Go Mobile as Cybercriminals Leverage Push Notifications Taking advantage of of the deep-seated trust in mobile content, bad guys are using phishing text messages and look-alike sites to trick users into giving up their credentials. What happens is, you will get a text from “Microsoft” stating your Office 365 password has expired with a [...]

Malicious Business Email Campaign targets Banks and Financial Service Companies

By |2018-12-28T10:34:34-06:00December 31st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , , , |

Researchers have spotted and tracked a new campaign aimed at tricking employees of US financial firms and banks into downloading Houdini Malware, a self-propagating malware strain. In addition to its C2 (command-and-control) functionality, the Houdini remote access trojan (RAT) possesses the ability to move laterally, leveraging removable drives. This malware does not possess a native ransomware component. However, [...]

[Scam Of The Week] New Sextortion Attacks Take A Dark Turn

By |2018-12-12T09:55:56-06:00December 15th, 2018|Categories: Security, Cyber Security|Tags: , , , , , , , , , , , , , , , , , , |

New Sextortion Attacks Take A Dark Turn And Infect People With GandCrab Ransomware A recent report shows that last week, employees in the U.S have been bombarded by a spam attack! This attack pushes a double-whammy of a sextortion attempts combined with ransomware! Starting around May 2018, there have been a number of attack waves [...]

Marriott reveals data breach of 500 million Starwood guests!

By |2018-11-30T11:51:00-06:00November 30th, 2018|Categories: Security|Tags: , , , , , , , , , , , , , , , |

Please read if you have ever stayed at a Marriott! For about 327 million of the 500, the breached data includes names, mailing addresses, phone numbers, email addresses, passport numbers (!), Starwood Preferred Guest ("SPG") account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. The company said in a [...]

Password Sharing is not Caring

By |2018-10-09T12:00:22-05:00October 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , , |

Cybercriminals thrive on misuse of credentials, and users sharing them only makes the criminal’s job easier.  According to a recent report, password sharing is running rampant. The password has been the long-standing guardian keeping unauthorized users from accessing data, applications, and systems they shouldn’t. But, the password is only powerful when the assigned user keeps it private. [...]

Phishing Attack Uses Decoy PDF with Microsoft-issued SSL Cert

By |2018-10-08T16:34:13-05:00September 15th, 2018|Categories: phishing, Cyber Security|Tags: , , , , , , , , , , , , , |

A recent phishing attack posing as a PDF decoy from a Denver law firm was stealing clients' Office 365 credentials. The phishing bait was hosted in Azure blob storage and contained a Microsoft-issued domain and SSL certificate, making it particularly believable. Since the phishing bait was hosted in Azure blob storage, it had a Microsoft-issued [...]

One in Five Employees Share Their Email Password!

By |2018-09-04T08:57:18-05:00September 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , |

Negligent employees remain the number one cause of data breaches at small businesses across America. So why do small businesses continue to struggle with good cyber security practices and what can they do to correct those habits? Small to medium-sized businesses are hit with nearly 4,000 cyber attacks per day -- and that number is [...]

Second Quarter 2018 Top-Clicked Phishing Email Subjects

By |2018-07-25T11:23:13-05:00August 1st, 2018|Categories: Cyber Security|Tags: , , , , , , , , , , , , , , , , , |

We've been reporting on the top-clicked phishing email subjects every quarter for a while now across three different categories: general emails, those related to social media, and 'in the wild' attacks that are a result of millions of users clicking on the Phish Alert Button on real phishing emails and allowing our team to analyze the results. [...]