Buzzfeed is reporting that U.S. Senate staffers recently received cybersecurity training. What was the substance of the training these key government employees received? What can you learn from this? The answer: “Don’t click on spear phishing emails” All that is left to do is determine which ones are the spearphishing emails so that you don't click on them. That's not so easy to do because the bad guys write emails that look real! Help unmask fake emails so that you don't click on phishing emails. Use SP Guard.
Look familiar? This is the familiar Google login page. The main display is correct. The google favicon is in the tab. The URL has gmail in it. Oh, but it isn't Gmail! In a recent blog posting, researchers at Fortinet remind us of this unfortunate fact: The easiest way to steal credentials is to ask for them! In this criminal enterprise, the service provides all the tools a bad guy needs. The bad guys offer an easy to use interface to create the fake gmail page. The bad guys provide the backend that harvests the credentials from the page. Finally, the [...]
The BBC is reporting that the World Anti-Doping Agency has been hacked. The hackers have released the confidential medical records of Simone Biles and Serena Williams. Serena Williams 2015 Australian Open How could this happen? Spearphishing. The hackers infiltrated the World Anti-Doping Agency using spearphishing.
The FBI has released its interview notes with Hillary Clinton. Starting on page 30 of the notes (contained in part one of the archive), the FBI describes spearphishing attacks on the Clinton private email system: Replying to a suspicious email with the question, "Is this really from you? I was worried about opening it!" is a natural human reaction. However, this is not the ideal security response. This report demonstrates how hard it is to tell real emails from well-crafted attacks. SP Guard helps users make these distinctions.