Each week we scour the web to discover the latest developments, news and tips that will help you keep your technology (and your business) safe and secure.
Here are the most interesting articles we’ve found this week that could be helpful to you:
Too many people still use terrible passwords
When you make your password easy to guess, attackers can easily break into your systems and access your sensitive data. So – please don’t use one of these passwords!
The fifth annual SplashData chart of the internet’s worst passwords is out, and it looks like people just can’t learn the lesson. The firm has aggregated the passwords from around two million that were leaked in 2015, finding that basic, easy-to-guess terms are still in abundance. The most popular code behind which people store their valuables is “123456,” with “password” sitting comfortably in second place. Places three and four are similarly guessable, with “12345678” and “qwerty” being the… look, guys, just no, please stop doing this.
Fake Facebook emails deliver malware masquerading as audio message
Phishing attacks are one of the most common scams on the web. Now, you can even find them in Facebook Audio messages. Moral of the story: always be careful with attachments.
A new spam campaign is targeting Facebook users. It uses the same approach as the recent one aimed at WhatsApp users, and Comodo researchers believe that the authors of both campaigns are likely the same.
The fake emails are made to look like an official communication from the popular social network, and their goal is to make the victims believe they have received a voice message
Symantec Disavows Business Partner Caught Running a Tech Support Scam
Don’t think you can trust someone just because they seem trustworthy. One of Symantec’s partners recently got caught running the “Tech Support Scam”. To make things worse, one of their competitors (MalwareBytes) caught them.
This type of online fraud is known in the industry as “tech support scam,” and most of the times, scammers pose as official support staff for companies such as Microsoft, Google, or Apple.
In this particular case, Malwarebytes was investigating a tech support scam reported by one of its users.
The anatomy and physiology of APT attacks
Curious what a real cyberattack looks like? Here’s a great overview of APT’s (Advanced Persistent Attacks) and how the techniques used by early cyber criminals have been expounded upon and are in use by governments around the world today.
Building on what cybercriminals began, security services from many countries have the capability to attack and steal for their national interests.
Firm Sues Cyber Insurer Over $480K Loss
Business email compromise scams (BEC) are a common type of attack business owners face. Here’s a detailed case study of one BEC scam that is being fought by cyber insurance provider Chubb.
In a letter sent by Chubb to the plaintiff, the insurance firm said it was denying the claim because the scam, known alternatively as “business email compromise” (BEC) and CEO fraud, did not involve the forgery of a financial instrument as required by the policy.
Plus – even the FBI recommends adopting two step or two factor authentication. Please take their advice.
The FBI urges businesses to adopt two-step or two-factor authentication for email, where available, and/or to establish other communication channels — such as telephone calls — to verify significant transactions. Businesses are also advised to exercise restraint when publishing information about employee activities on their Web sites or through social media.
