Tag Archives: phishing

Business Email Compromises Bilking U.S. Companies Out of $301M Per Month

The United States Treasury Department came out with a report last week that concludes that business email compromises (BEC) are costing U.S. companies more than $301 million per month. The report confirms that the two industries hit the hardest by these scams are manufacturing and construction. The report, issued by the Treasury Department’s Financial Crimes … Continue Reading

DHS Warns Businesses of Risk of Iranian-Backed Wiper Malware Attacks

The tension with Iran has generally increased, and it has been reported that the U.S. has launched a cyber-attack against Iran. In retaliation, the risk of Iranian-backed wiper malware attacks against U.S. businesses and government agencies has increased, according to the Department of Homeland Security (DHS). DHS recently issued a warning to U.S. businesses to … Continue Reading

Phishing Continues to Be Seen as Biggest Cybersecurity Threat to Companies

According to a recent survey of cybersecurity professionals by AT&T Cybersecurity entitled “Confidence: the perception and reality of cybersecurity threats,” phishing and cloud security threats are keeping them up at night. The survey polled 733 cybersecurity professionals attending the RSA conference and asked the respondents about what they perceive to be the biggest internal and … Continue Reading

WIPRO Hacked

I have been alerting clients that I know use Wipro, but may have missed some of you. It is being reported that IT outsourcing company Wipro Ltd. has been hacked through several phishing campaigns from what is believed to be a state-sponsored attacker. According to recent reports, including KrebsonSecurity, sources have stated that “Wipro’s systems … Continue Reading

Spear Phishing Scheme Dupes Nine Staff Members at Oregon DHS Compromising PHI of 350,000 in Over 2M Emails

The Oregon Department of Human Services (DHS) announced late last week that nine of its staff members had fallen victim to a phishing campaign and that their email boxes were compromised on January 8, 2019. The intrusion was discovered on January 28, 2019. When the intrusion was discovered, the staff members’ changed their passwords to … Continue Reading

Privacy Tip #181- IRS Warns Consumers and Employers About Tax-Related Phishing Schemes

In another round of warnings from the federal government on protecting yourself from tax return fraud and identity theft, the Internal Revenue Service (IRS) has issued its 2019 “Dirty Dozen” Campaign, designed to warn individuals about the most common tax-related phishing schemes that are focused on tax fraud and identity theft. During tax season, cyber … Continue Reading

Anti-Money Laundering Contacts at Financial Institutions Hit with Targeted Phishing Attack

To illustrate just how creative phishing campaigns have become, on January 30, 2019, it was reported by multiple credit unions that Bank Secrecy Act officers at credit unions around the country received emails that appeared to be from Bank Secrecy Officers at other credit unions. The emails were addressed to the actual Bank Secrecy officers … Continue Reading

Recruiting Scams on the Rise

With more companies hiring, online recruiting scams have re-emerged to prey on job seekers and employers. The Better Business Bureau tracked more than 3,000 recruiting scams in the first 10 months of 2018 with losses in the million dollars. The online recruiting scam works this way: the scammer fraudulently uses a company’s name and logo, … Continue Reading

Ransomware Continues to Be Top Threat to Small Companies

According to a new report by Datto, Inc. (its third annual Global State of the Channel Ransomware Report), ransomware continues to be the top cyber-attack experienced by small- and medium-sized companies. Some managed service providers were surveyed in Singapore, the Asia-Pacific region and across the globe. Fifty-five percent of them said their clients had experienced … Continue Reading

Phishing Attack Causes Breach at Southwest Washington Regional Surgery Center

Phishing attacks continue to hit health care providers and experts say the attacks will become even more frequent in 2019. As previously reported, the largest breach of health care information was recently settled by Anthem, which involved almost 80 million individuals’ information, all caused by a phishing email sent to one individual at Anthem [view … Continue Reading

Test Your Employees with Internal Phishing Campaigns

Phishing campaigns continue to be one of the most successful ways for malicious intruders to access company information, including personal information of employees and customers. Phishing emails continue to get more and more sophisticated and employees continue to fall victim to them, often putting the entire company at risk. Typical successful phishing campaigns end with … Continue Reading

Privacy Tip #162 – Cybersecurity Help for Small Businesses

Small businesses are targeted by hackers because they often do not have the resources to stay abreast of new schemes, or to protect against them with the latest technology or security solutions. Small businesses have historically struggled with data security, so any help is always welcome. Recognizing that small businesses struggle with data security, the … Continue Reading

Two Federal Criminal Convictions for Cyberattacks

The month of August saw two federal criminal convictions of individuals involved in significant cyberattacks. In Boston, a federal jury convicted Martin Gottesfeld of one count of conspiracy to intentionally damage a protected computer and one count of intentional damage to protected computers. The charges resulted from 2014 Distributed Denial of Service (DDOS) attacks on … Continue Reading

Virginia Bank, Hacked Twice with Phishing Schemes, Losing $2.4 Million

In a lawsuit against its insurance company requesting reimbursement for close to $2.4 million from two different hacking incidents, National Bank of Blacksburg detailed the intrusions, which are instructive of a sophisticated scheme against the financial services industry. According to the lawsuit, the first theft took place on Memorial Day weekend of 2016. In that … Continue Reading

Manufacturing Sector Getting Hit with Cyber-Attacks: Portable Oxygen Device Manufacturer Notifies 30,000 Patients of Breach

Inogen, which manufactures portable oxygen devices, has alerted the Securities and Exchange Commission in a recent filing that it is notifying 30,000 individuals that their personal information was compromised when a hacker gained access to one of its employees’ email accounts through a phishing scheme. The incident illustrates how the manufacturing sector is continuing to … Continue Reading

FBI Issues New Warning to Businesses About Phishing Campaigns

In a recent Public Service Announcement dated February 21, 2018 entitled “Increase in W-2 Phishing Campaigns,” the Federal Bureau of Investigations (FBI) issued another alert about an increase in phishing campaigns since the beginning of 2018. According to the FBI, “IRS’s Online Fraud Detection & Prevention (OFDP), which monitors for suspected IRS-related phishing emails, observed … Continue Reading

EDUCAUSE Challenges the US DOE’s Guidance on Data Breach Reporting

On January 30, 2018, EDUCAUSE, a higher education technology association, submitted a letter to the U.S. Department of Education describing concerns that it had with the Federal Student Aid (“FSA”) ability to protect federal student financial aid data. EDUCAUSE’s members include IT professionals from over 1,800 colleges and universities as well as other organizations. First, … Continue Reading
LexBlog