Tag Archives: phishing

Aviation and Petrochemical Industries Subject to Hacking by Iran

Hackers working on behalf of the Iranian government have been targeting the aviation and petrochemical industries in the United States, Saudi Arabia, and South Korea since 2013, according to a report released by FireEye last week. According to the report, APT33, a hacking group working for the Iranian government, have sent phishing emails to aviation … Continue Reading

Vevo Hacked through LinkedIn Message

Vevo announced this week that it experienced an intrusion into its servers by the hacking collective OurMine, self-described as a white hat organization that informs individuals and organizations of potential security vulnerabilities. When OurMine reached out to Vevo to inform it of a vulnerability, a Vevo employee dismissed the claim and told OurMine that they … Continue Reading

Southern Oregon University Victim of Phishing Scheme

Last month, Southern Oregon University (SOU) announced that it was the victim of a $1.9 million phishing scheme. SOU received an email purportedly from their contractor, Anderson Construction, requesting the April payment for construction on the McNeal Pavilion and Student Recreation Center. An employee then sent funds to a bank account that the contractor did … Continue Reading

Privacy Tip #91 – Teen App Wishbone Compromised—Female Teenagers at Risk

Social networking app Wishbone, which is used primarily by teenage girls to vote on various teenage type quizzes, like favorite entertainers or fashion, has been hacked. The intruders have reportedly gained access to users’ (again, primarily female minors) names, unique email addresses and mobile telephone numbers. Not just a few, either. The data compromised included … Continue Reading

OCR Levies Hefty Fine Against FQHC

Showing no signs of letting up on enforcement actions, the Office for Civil Rights (OCR) late last week settled an investigation against Metro Community Provider Network MCPN, a Colorado based federally qualified health center, for alleged HIPAA violations. The fine, a whopping $400,000 for the center, which provides health care services to low income patients, … Continue Reading

Washington University School of Medicine Victim of Phishing Attack

Another employee falls for a phishing attack. This time, it was an employee of the Washington University School of Medicine The employee received a phishing email on December 2, 2016, and fell for what looked like a real request, responded to it, which allowed access to employee email accounts, which included the health information of 80,000 … Continue Reading

Federal Agencies Hit with 30,899 Cyberincidents in 2016

The Office of Management and Budget (OMB) released a report this week indicating that federal agencies experience almost 31,000 cyberincidents in 2016. The Federal Deposit Insurance Corporation was responsible for 10 of 16 major incidents. These incidents resulted when personally identifiable information was able to be downloaded onto removable media. Despite the dismal number of … Continue Reading

Privacy Tip #77 – FTC Offers Tips to Businesses That Have Been Impersonated by Phishing Schemes

On March 6, 2017, the Federal Trade Commission (FTC) released tips and a video to businesses that have been impersonated by Phishing schemes. The guidance, entitled “Has a phishing scam hooked your company’s good name?” provides businesses with several tips to respond to being impersonated through a phishing scheme. The tips include: Notify and alert customers … Continue Reading

American Senior Communities Suffers W-2 Scam

W-2 phishing schemes continue to be a problem for companies in every industry. Last week, American Senior Communities based in Indiana announced that one of its employees was scammed through a phishing email and thereafter sent over 17,000 employees’ W-2 forms to the fraudulent emailer. Unfortunately, the scam was not discovered until a month after … Continue Reading

The State of Cybersecurity in 2016 and the (potential) Great Cyber Fire

Cybersecurity hit the news hard in 2016. The number of high profile, and troubling, cyber incidents increased significantly. The Democratic National Committee and one of Clinton’s top advisor’s being hacked, with leaked emails by Russia, according to intelligence reports, may have influenced the U.S. election. Theft of document from the Mossack Fonseca law firm in … Continue Reading

2016 Was the Year of the Data Breach

Although every year we lament about the significance of data breaches in the past year, 2016 was by far the worst. Data breaches were rampant, victimizing every industry and numbing consumers in the process. It was so bad that consumers began to throw up their hands and say “My personal information is out there anyway. … Continue Reading

OCR Alerts Listservs About Fake Phishing Email to Covered Entities and Business Associates

On November 28, 2016, the Office for Civil Rights (OCR) issued an Alert to its listservs that a phishing email is being circulated on “mock HHS Departmental letterhead under the signature of OCR”s Director, Jocelyn Samuels” to employees of HIPAA covered entities and business associates. The email looks official and tells the recipient that it … Continue Reading

Additional Olympians’ Medical Records Hacked by Fancy Bear

We previously reported that several U.S. Olympians’ medical records were posted online by the Russian hacking group Fancy Bear [view related post]. The World Anti-Doping Agency (WADA) has confirmed that the medical records of 25 more Olympic athletes have been accessed and released online. These athletes are from 8 countries, including 10 from the U.S., … Continue Reading

Locky Ransomware Continues to Hit Health Care Entities

FireEye Labs has reported that the Locky ransomware continues to hit the health care industry hard and has increased in the month of August. Although the telecommunications, manufacturing, and aerospace/defense industries are also being targeted with Locky ransomware, the health care industry is being attacked with greater frequency and intensity. The health care industry should … Continue Reading

Privacy Tip #48 – Watch Your Amazon Prime Now Account for Hacked Purchases

Those of you with Amazon Prime Now accounts love the convenience of getting goods delivered to your home RIGHT NOW, well at least within hours until Amazon drones become common place. But beware of recent reports that fraudsters are hacking into customers’ Prime Now account, buying expensive items, then waiting outside your home while you … Continue Reading

FBI reports $3.1 billion lost by businesses through “business email compromise”

This article co-authored with guest blogger David Wang, a R+C summer associate and student at Boston College Law School Wire fraud crime has long been a problem for financial institutions and banks. However, wire fraud through email is a completely different beast. Originally characterized by law enforcement as an extension of traditional wire fraud, wire fraud by … Continue Reading
LexBlog