BazarCaller – Vishing Gang
BazarCaller is a new cybercrime gang that uses Vishing to trick its victims into handing over information or access to a device. Vishing is the malicious practice of making phone …
Stalkerware
Stalkerware refers to tools, apps, software programs, and devices that let another person (a stalker) secretly watch and record information on another person’s device. Parents use this type of tool …
FBI Recovers Colonial Bitcoin Payment
In May of 2021, the United States’ largest pipeline, Colonial Pipeline, halted operations due to a ransomware attack. At the time, Colonial Pipeline carried 45% of the fuel used on the …
Quick Response (QR) Code
A Quick Response (QR) Code is a type of barcode that contains a pattern of dots and lines. It can be scanned using a QR scanner or on a smartphone camera. …
Clickjacking
Clickjacking, also known as a “UI Redress Attack”, is when an attacker uses multiple transparent or vague layers to trick a user into clicking on a button or link on …
Instagram Scams: How To Avoid Them
Since Instagram’s official launch in 2010, it’s seen more than 1 billion accounts opened with users sharing close to 100 million photos every day. Instagram’s popularity skyrocketed since its launch …
Domain Name System (DNS)
A Domain Name System (DNS) is essentially the ‘phonebook’ of the Internet. DNS is an elaborate, fault-tolerant way of connecting people to resources online. While it is quite complex, this …
PayPal Smishing Attack
A PayPal text message phishing campaign was discovered that attempts to steal your account credentials and other sensitive information. This form of phishing attack, through text messages, is called Smishing. Hackers …
Sender Policy Framework (SPF)
Sender Policy Framework (SPF) is an anti-spam tool where email domains of the senders can be authenticated. SPF works hand-in-hand with DKIM and DMARC to help authenticate email messages to …
DKIM
DKIM (DomainKeys Identified Mail) is an email authentication tool that verifies messages are sent from a legitimate user’s email address. It’s designed to prevent email forgery and spoofing; essentially phishing. …
DMARC
DMARC which stands for Domain-based Message Authentication, Reporting, and Conformance is an email security protocol. When enabled, your email domain is protected from spoofing by hackers. DMARC sets up an …
Shark Tank Host Phished For Nearly $400K
Barbara Corcoran, a world famous Shark Tank host, was scammed out of nearly $400,000 in late February. Barbara Corcoran, a renowned real-estate broker and business expert, admitted last month that …
Melissa Virus
The Melissa Virus is malware that was was deployed in late March of 1999. A programmer by the name of David Lee Smith took over an America Online (AOL) account …
Vishing
Vishing is the fraudulent practice of making phone calls or leaving voice messages pretending to be from reputable companies in order to have individuals give out personal information, up to …
Smishing
Smishing is another form of phishing, where a hacker sends a malicious text or SMS message trying to trick someone into giving them sensitive information. Smishing can be more dangerous …
Spear-Phishing
Spear-Phishing is a form of phishing attack that targets a specific person or organization, seeking access to sensitive information. Similar to phishing, this is done through spoofing emails that appear …
Whaling
Whaling refers to malicious hacking that targets high-ranking executives. Similar to phishing, whaling is where the hacker hunts for data that they can use, but they focus on high-ranking bankers, …
Cybersquatting
Cybersquatting, also known as “Typosquatting“, is the act of registering, trafficking, or using a domain name in bad faith. For example, phishing attacks are used against users to gain their …
Social Engineering
Social Engineering in the context of cyber security, is when one uses psychological manipulation to have people perform specific actions or to give out confidential information. This differs from the …
Spoofing
Related Terms: Social Engineering, Phishing Source: CNSSI 4009 If you would like more information on spoofing, watch this short video: Watch this video on YouTube
CyberHoot: Phishing Attacks
Spotting and Avoiding Phishing Attacks This CyberHoot core curriculum and BootCamp video outlines the common attack patterns found in phishing attacks and provides the viewer with a clear set of …
How to Protect Yourself from Phishing Attacks
You’re either here because you’re interested in training, or you failed your Phishing Test. This video will help you understand what phishing emails look like and some skills you can …
Phishing Training
This 3 minute video by the Government of Canada outlines how phishing occurs online. Problems online occur when you are phished and turn over account numbers, passwords, or other critical …
New Orleans State of Emergency Following Cyber Attack
It was only about a week ago that the government facility in Pensacola, Florida was shut down due to a cyber attack. Now the city of New Orleans is shut …
Ransomware
Ransomware is a type of malicious software designed to block access to a computer system, and more importantly the critical data it contains, until a sum of money or ransom …
Phishing
Phishing is a digital form of social engineering to deceive individuals into providing sensitive information. This is typically done via email, having people click on links that allow hackers to …
RYUK Ransomware infects 110 Healthcare Facilities
This past Thanksgiving weekend, 110 healthcare facilities were infected by a ransomware attack on their IT provider. Virtual Care Provider Inc. (VCPI), provides security, data hosting and access management services …
Watch out for Cyber Monday Phishing Scams
Who is most likely to fall victim to Cyber Monday phishing scams? People who don’t know about phishing scams, typosquatting, and fake look-alike websites. Did you know there are 4 …
BlueKeep is MS Blaster
Good backups will let you go back in time to recover compromised systems. Don’t let this happen by not patching for BlueKeep now.
