FBI shares security advice for online shopping
FBI: Use credit cards rather than debit cards, don't use public WiFi, keep your devices updated, and more.
The FBI has issued a list of 12 things you should do during the holiday shopping season. If you do fall victim to a holiday scam the FBI wants you to report the crime to it's Internet Crime page
By reporting the crime you help the FBI to understand trends and help it in fighting these activities.
Read all the tips at the following link;
https://www.zdnet.com/article/fbi-shares-security-advice-for-online-shopping/?ftag=TRE-03-10aaa6b&bhid=2219791
Microsoft details the most clever phishing techniques it saw in 2019
This year's most clever phishing tricks include hijacking Google search results and abusing 404 error pages.
In the year 2019, Microsoft said that out of the total volume of emails analyzed by the company, phishing emails grew as a percentage from .2% in January of 2018 to .6% by October of 2019.
There were 3 attacks identified by Microsoft as being most clever;
1. Hijacking search results
The first is a multi-layered malware operation through which a criminal gang poisoned Google search results.
2. Abusing 404 error pagesWhen a 404 page is displayed it indicates that the link is broke or non-existent. Hackers are using links that takes one to a supposedly non-existent page but is hosted on phishing website. If a security system scans the link and receive a 404 error it will ignore the site, however, if a real user clicks on the link the phishing site could detect the user and redirect to a phishing page.
3. MitM-based phishing (Man in the Middle)
I've written about this attack in previous blogs. It is one that my Office 365 online users will be familiar with.
An attacker will send a phishing email, usually saying that something is wrong with your Office 365/Exchange account or that you have received an attachment, a PDF or Voicemail. Upon clicking on the link you will be presented with a familiar login screen. Web pages are easy to duplicate by capturing the underlying source code. The key to being safe from these phishing attempts is looking at the URL displayed in the address space.
To read more about these phishing attacks click on the following link;
https://www.zdnet.com/article/microsoft-details-the-most-clever-phishing-techniques-it-saw-in-2019/?ftag=TRE-03-10aaa6b&bhid=2219791
No comments:
Post a Comment