|
|
Scam Of The Week: Spoofed CEO Money Transfer Request
.jpg) Heads-up, there is a real wave of this scam going on at the moment. I would copy and paste this section plus link to the story on our blog and send it to your CEO, CFO/Controller and/or Compliance officer right this minute.
The scam goes like this. The criminals are monitoring emails between the CEO and CFO for months and wait till the CEO is on a business trip. How do they monitor email? They either have credentials obtained somehow, hacked the email server or they have a keylogger on the machine(s) of the CEO/CFO. Remember, per the FBI there are two kinds of people; the ones that know their network has been penetrated, and the ones that don't.
Cybercrime has gone pro, and this scam comes well prepared. The bad guys have registered a domain name that looks very much like your existing one, they spoof the CEO's "from" address, and give the CFO or someone in Accounting specific instructions to transfer a large amount of money to a foreign bank for some very believable reasons, like an acquisition or large equipment purchase. The request looks very, very real and ask for urgency and confidentiality.
Here is a recent, real story of a publisher that recently lost $1.5m in a phishing scam like this, and what happened with their CEO:
http://blog.knowbe4.com/magazine-publisher-loses-1.5m-in-phishing-scam
|
The 5 Security Awareness Training Generations [CARTOON]
Participate In Scientific Awareness Training Research
We are looking for a few organizations of 100+ employees that are willing to participate in a scientific study regarding security awareness training. You cannot be an existing KnowBe4 customer, and we would like you to be in finance, manufacturing and/or healthcare. The study requires employees to fill out a short 6-question survey before the 4-month study starts.
It will start with a baseline phishing test, and 1 consecutive simulated phishing email every month after, for a total of 4 emails to your employees. In exchange for participating, you will get a 1-year subscription. If you are interested, please send an email to stus@knowbe4.com with a short description of your organization. First come, first serve. |
Warm Regards,
Stu Sjouwerman
|
" Appreciation is a wonderful thing: It makes what is excellent in others belong to us as well." - Voltaire - Philosopher (1694 - 1778)
" There is no cloud. Only other people's servers." - Found recently on Twitter
|
Thanks for reading CyberheistNews!
|
Use Gmail As Your Corporate Email? Watch This.
There is an insanely simple way to social engineer an employee into giving away access to their Gmail account. It's a variation on a password reset scam. All that is needed is the email address that the hacker wants to own, and the employee cell phone number.
Here’s how it works: An attacker can try to log in to a victim’s email address. The attacker can then say he or she forgot the password and, if two-step authentication is in place, ask the email provider to text a code to the cell phone to reset the password.
Once this is done, the attacker can then send the victim another text asking for the code. The attacker's text would look something like this: "This is Google. There has been unauthorized activity on your account. Please reply with the verification code we just sent you."
If the victim unknowingly replies to the attacker's text with the code, the email account is pwned. Symantec made an excellent, very instructive little video about this, that I would send to all employees using Gmail, either at the office or at the house:
https://youtu.be/_dj_90TnVbo
|
Win a $150 Amazon Gift Card - Take The 'Internet of Things' Survey
The Internet of Things (IoT) is all over the news. Strategy Analytics has teamed with KnowBe4 on the 2015 IoT Deployment and Usage Trends Survey.
This survey examines the business and technology drivers and challenges associated with IoT. The survey should take about 10 minutes to complete. Leave a comment with your Email address for a chance to win a $150 Amazon gift card.
In the Digital Age of BYOD, the Cloud and the Internet, there is no hotter topic for corporations and consumers than the Internet of Things (IoT). IoT environments advance pure Machine-to-Machine (M2M) device connectivity and use Big Data and predictive analytics to drive real-time analysis, enabling corporations and consumers to make more informed and intelligent decisions to drive top line revenue and business decisions.
When properly deployed and managed IoT platforms and services can also improve reliability, minimize risk and help companies to cut costs and accelerate ROI. Take the survey here:
https://www.surveymonkey.com/r/DGXQ6PB
All responses are confidential. No sales person will call you and we never share your information with anyone. Once the survey is complete, we will publish an Executive Summary on the CyberheistNews and Strategy Analytics websites. Additionally, anyone who has completed the survey is eligible for a complimentary copy of the full Report and PowerPoint slide deck by emailing ldidio@strateganalytics.com.
|
In Search of The Most Dangerous Town On the Internet
It is a well-known fact that after communism in a country collapses, the first thing that happens is a crime wave. Romania is a good example, last year a billion dollars were stolen by Romanian hackers. Watch the cybercrime documentary profiling the Romanian town nicknamed "Hackerville" or "Most Dangerous Town on the Internet."
Convicted blackhat hackers, like Guccifer (real name), talk worms, viruses, social engineering, identity theft, and even hacking Hillary Clinton's email:
https://www.youtube.com/watch?t=23&v=un_XI4MM6QI
|
Cardinals-Astros Hack: Don’t Use Old Passwords At Your New Company
Bob Sullivan wrote: "First of all, if you haven’t read it, you must: The FBI is investigating baseball’s St. Louis Cardinals for hacking the Houston Astros, according to the New York Times. Someone from the Cardinals allegedly stole data offering insight into the Astros player evaluation files, details on possible trades, and so on.
This kind of corporate espionage goes on all the time, and if you didn’t believe that, well, there you are." This is an interesting story:
https://bobsullivan.net/cybercrime/privacy/onnightlylessonfromcardinalsstory/
|
This Week's Links We Like. Tips, Hints And Fun Stuff.
|
|
|
|
|
|
|
