Leveraging Knowledge to Manage Your Data Risks
If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer names, email addresses, telephone numbers, and partial payment information for a subset of campus diners.
GrubHub’s response states, “The unauthorized party also…
We have repeatedly warned our readers about malicious QR codes and their use by threat actors.
Threat actors are now using these codes to disguise packages as gifts. Upon opening the package, recipients find a note with instructions to scan a QR code to identify the sender. The code launches a website that asks for…
This week, I received a fake text message (a smish) saying my E-ZPass account was overdue and that I urgently needed to pay it. That’s a new one and, apparently, quite effective. Luckily, I knew it was a scam, but others were victimized.
According to the website Krebs on Security, security researchers “say the…
TikTok users are seeking alternate platforms to share and view content as the U.S. is set to ban the popular social media app on January 19, 2025. Instead of turning to U.S.-based companies like Facebook or Instagram, users are flocking to another Chinese app called Xiaohongshu, also known as RedNote. The app, which previously…
CyberArk, an identity security provider, has issued a new report on employee risk that is a must-read for IT Professionals and executives. The report highlights several findings that are directly related to the risks employees pose to an organization. These risks include:
Scammers prey on us at our most vulnerable. Although some of us are early holiday shoppers, others wait until the last minute. Scammers know this and are lurking to find late shoppers scrambling for gifts. Many late shoppers feel a bit desperate, so they are at risk of falling for scams that divert them to…
I often get asked whether law enforcement is making any headway in catching cybercriminals. Although it is a challenging task, a recent example of a big win for law enforcement deserves celebration.
Authorities from 40 countries, territories, and regions came together to assist INTERPOL with a recent global cybercrime initiative known as Operation HAECHI-V. The…
Many people do not understand how their geolocation data can be collected and used about them, or how massive the amount of precise location data collected from our devices.
The Federal Trade Commission (FTC) recently filed a complaint against Mobilewalla, Inc., alleging that it violated Section 5 of the FTC Act by selling consumers’…
The Federal Trade Commission provides consumers with tips and advice, including online privacy. Its Scam Alerts are helpful and timely.
Continuing its mission, the FTC has launched Youville, an online learning platform targeted to kids aged 8-12. According to the FTC, Youville contains educational materials and tools to use at home and in the…
DocuSign is a great and efficient way to obtain authentic signatures for contracts and invoices. As with other efficient tools, threat actors will and have found a way to use the DocuSign API to send fake invoices to divert funds.
According to security researchers at Wallarm, “Unlike traditional phishing scams that rely on deceptively…
