Phishing

bitdefender.com

Don’t have your account hijacked. Secure your online accounts with more than a password, says Google

Research published at the end of last week argues that the typical user can significantly harden the security of their online accounts by linking a recovery phone number that can send an alert if there is suspicious activity on the account.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

$40 million worth of Bitcoin stolen from Binance cryptocurrency exchange

Binance, one of the world’s biggest cryptocurrency exchanges by trading volume, says that it has suffered a security breach that saw hackers steal more than $40 million worth of Bitcoin.

Read more in my article on the Hot for Security blog.


0 sec read

An attempt to phish my Amazon Web Services account

An email arrived purporting to be from Amazon Web Services (AWS). It claimed that unless I confirmed I had given my correct contact information for a domain’s WHOIS record, a website I administer could be suspended.


42 sec read

bitdefender.com

Bodybuilders beware! One of the world’s largest online fitness stores hit by security breach

Fitness fanatics are being advised to change their passwords after one of the world’s largest and most popular online fitness stores admitted that it had suffered a security breach that might have exposed customer data.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Unpatched D-Link routers targeted in malicious DNS hijacking campaign

Cybercriminals have been hacking into home routers for the last three months, meddling with DNS settings to redirect users surfing the web towards malicious websites.

Read more in my article on the Bitdefender BOX blog.


0 sec read

Smashing Security #119: Hijacked homes, porn passports, and ransomware regret

A $150 million mansion is hijacked online, Brits will soon have to scan their passport to watch internet porn, and are organisations right to pay up when hit by ransomware?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology broadcaster David McClelland.


1 min read

Smashing Security #116: Stalking debtors, Facebook farce, and a cyber insurance snag

How would *you* track someone who owed you money? What was the colossal flaw Facebook left on its website for anyone to exploit and hijack accounts? And what excuse are insurance companies giving for not paying victims of the NotPetya malware millions of dollars?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Joe Carrigan of the Information Security Institute at Johns Hopkins University.


1 min read

bitdefender.com

Business payroll compromise – a new way for criminals to steal from your company

Firms are being warned about a threat which evolves traditional business email compromise scams into a whole new way of extracting money from unwary companies.

Read more in my article on the Bitdefender Business Insights blog.


0 sec read

tripwire.com

Passwords at risk for users who fall for Eileen’s cousin’s voicemail

Security researchers are warning of a new wave of phishing emails which are using an unusual disguise in their attempt to both bypass scanners at email gateways and dupe unsuspecting users.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Smashing Security #112: Payroll scams, gold coin heists, web giants spanked

Business email compromise evolves to target your company’s payroll, how the world’s largest gold coin was stolen from a Berlin museum, and are internet giants feeling the heat yet over data security?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by people hacker Jenny Radcliffe.


1 min read

British TV viewers targeted by email fraudsters

TV fraudsters are using the disguise of emails from the TV Licensing authority to steal large sums of money from the bank accounts of unwary Brits.


2 min read

Automated phishing attack tool bypasses 2FA protection

Modlishka may help raise awareness of the danger of reverse proxy phishing attacks, but it’s easy to imagine that many criminals will be tempted to put it to malicious use.


1 min read

German politicians suffer massive hack of personal details and private communications

The private communications, emails, contact details, mobile phone numbers, memos, and financial information of hundreds of politicians have been published online.


1 min read

It looked like a Citrix ShareFile phishing attack, but wasn’t

Guest contributor Bob Covello isn’t happy about a password reset email that Citrix has been sending its customers.

If you’re a company contacting your customers via email, please make sure it doesn’t look phishy.


1 min read

Smashing Security #106: Google Maps, Fed phishing, and Grinch bots

How are scammers stealing your money through Google Maps? Why did the FBI create a fake FedEx website? And how are US senators hoping to stop Grinch bots ruining Christmas?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

And don’t miss our special bonus interview about passwords with Rachael Stockton of LastPass.


1 min read

bitdefender.com

School district fails to reclaim $120,000 wired by bank to scammer

A school district in Indiana which had $120,000 transferred from its bank account after its email account was hacked, has failed in an attempt to reclaim the cash.

Read more in my article on the Hot for Security blog.


0 sec read