An expert security company has issued a warning to users of Microsoft Outlook, hotmail and Google Gmail after reporting a massive 240% rise in email phishing scams. Cyber defence firm BlueVoyant has spoken about "dynamic phishing" and "smishing" scams due to their reputation for being difficult to identify. BlueVoyant has listed typical warning signs in order to help people spot dodgy emails. One technique that scammers often use is multiple redirect paths after a user has clicked on an email...
Security
LastPass Hacked – How serious is it & Things You May Not Know
If you use LastPass as your password manager, I recommend reading this post in full.If you know anyone who uses LastPass, forward this to them.Even if you do know about the LastPass hack, I still recommend you read this, as there will be information here that you may not know about and risks you have not thought of In case you are not aware LastPass got hacked Back In August 2022 and then AGAIN in November and all customer password vaults have been stolen. This is also not the first time they...
Beware: Paypal Money Request Scam is back
If you have a paypal account, then literally anyone with an email address can request money from you. That's the double-edged sword with PayPal - it's simple to set up and use for legitimate purposes, but fraudsters can take advantage of that ease of use to perpetrate scams on the unsuspecting public. The PayPal Money Request scam has been around for a long time, but occasionally the scammers will often revert to using old tricks, so consider this a friendly reminder, this one has made a...
Hackers using “push bombing” to bypass your MFA/2FA
Multifactor authentication (MFA) is the gold standard in offices around the world and 2FA is the standard for end users. We all know the drill: you use your username (often your email address) and, perhaps, as the password, the name of your first dog and your kids DOB. Not very foolproof, and not recommended, but often the end user isn’t too worried. In their mind, they know that if the hacker does figure out their crappy password using various tools or techniques, they still must find their...
What is the difference between 2FA and MFA ?
Cybersecurity is a complex topic and if you are the average layperson, you likely have found yourself asking "What is the difference between 2FA and MFA ". In simple terms, Two-Factor Authentication (2FA) requires users to demonstrate exactly two distinct methods of authentication, whereas Multi-Factor Authentication (MFA) requires users to demonstrate a MINIMUM of two distinct methods of authentication but can be more. So, all 2FA is MFA, but not all MFA is 2FA. If you are new to the world of...
New Android malware bypasses multi-factor authentication to steal your passwords
Cybersecurity researchers uncover MaliBot, a powerful new Android malware that steals passwords, bank details and cryptocurrency wallets from users. Besides being able to siphon passwords and cookies of the victim's Google account, the malware is designed to swipe your 2-factor authentication codes from the Google Authenticator app as well as exfiltrate sensitive information such as total balances and seed phrases from Binance and Trust Wallet apps. The malware has been detailed...
Your browser stores passwords and sensitive data in plain text
Lots of people use their browser to save their passwords, but most browsers store your sensitive data, including usernames, passwords and session cookies in plain text (not encrypted). Most Chromium-based web browsers are affected, including Google Chrome and Microsoft Edge. A quick test on other browsers such as Brave and Mozilla's Firefox conforms that these browsers also storing this data insecurely in plain text as well. Physical access to your machine is not required, as remote access or...
Cryptocurrency Investment Fraud Advice
I have always taught my kids about scams, online safety and security since an early age, yet despite my efforts, one of my sons still managed to get scammed by one of these scumbag fraudsters recently, emptying his bank account. As any parent will know, kids generally refuse to listen to any advise their parents give them, so I am hoping this is a painful lesson learnt and he will heed my advice in the future. In the meantime I thought I would share some advice with the rest of my readers,...
Are you aware of company fraud? As a business owner, you really should be
Did you know that company directors are twice as likely to be victims of ID fraud than anyone else. It’s easy to see why when you consider just how easy it is for someone to commit fraud against your company. Companies House, the UK’s registrar of companies, will happily accept documents submitted via post ‘on good faith’. This means any person can simply complete a form with a fake signature and make changes to your business without your consent or knowledge. This includes:- Change your...
10 Best Practices for Business Email Security for 2022
Email is a leading communication tool for businesses around the world. It’s widely used for both internal and external collaboration. Nevertheless, it’s not innately secure, and is email spoofing is commonly used by cybercriminals. Email spoofing is the creation of email messages with a forged sender address. Criminals will use this technique to send emails purporting to be from YOUR domain. Cybercriminals actively use email channels to distribute malware, spread...
Recent Comments