Senate Staffers Receive Cybersecurity Training

Buzzfeed is reporting that U.S. Senate staffers recently received cybersecurity training. What was the substance of the training these key government employees received?  What can you learn from this? The answer: “Don’t click on spear phishing emails” All that is left to do is determine which ones are the spearphishing emails so that you don't click on them. That's not so easy to do because the bad guys write emails that look real!  Help unmask fake emails so that you don't click on phishing emails.  Use SP Guard.

2017-01-07T17:35:09-05:00September 28th, 2016|Cybersecurity - General, SP Guard, spear phishing|

Phishing as a Service

Look familiar? This is the familiar Google login page. The main display is correct. The google favicon is in the tab.  The URL has gmail in it. Oh, but it isn't Gmail! In a recent blog posting, researchers at Fortinet remind us of this unfortunate fact: The easiest way to steal credentials is to ask for them! In this criminal enterprise, the service provides all the tools a bad guy needs. The bad guys offer an easy to use interface to create the fake gmail page. The bad guys provide the backend that harvests the credentials from the page. Finally, the [...]

Spearphishing Clinton

The FBI has released its interview notes with Hillary Clinton. Starting on page 30 of the notes (contained in part one of the archive), the FBI describes spearphishing attacks on the Clinton private email system: Replying to a suspicious email with the question, "Is this really from you? I was worried about opening it!" is a natural human reaction. However, this is not the ideal security response. This report demonstrates how hard it is to tell real emails from well-crafted attacks.  SP Guard helps users make these distinctions.

2017-01-07T17:35:09-05:00September 5th, 2016|Cybersecurity - General, Phishing, SP Guard, spear phishing|