Consumers and Email – Page 2

The Atlantic on Phishing

In a recent article entitled Phishing Is the Internet’s Most Successful Con, the Atlantic observes: Phishing doesn’t attack computers. It attacks the people using computers. The Sting - The Art of the Con Cormac Herley, a principal researcher at Microsoft Research, observes in the article: Many security-professional and media recommendations exhort eternal vigilance, paying attention to every detail. This is terrible advice. I’m a professional with years of experience in this space and I don’t bother to inspect my emails or carefully read all my URLs: I have things to do. As a strategy for the constant level of [...]

rpziconix2018-09-18T14:26:38-04:00September 18th, 2018|Consumers and Email, Cybersecurity - General, Email Marketing, Iconix Truemark Service, Phishing, SP Guard, spear phishing|

Prof. Vishwanath, Iconix’s Science Advisor, Published by CNN

Prof. Arun Vishwanath, Iconix's Science Advisor, was recently published by CNN. In his article, Spear phishing has become even more dangerous, Prof. Vishwanath discusses how threat actors take advantage of several weaknesses of procedures on the Internet, and the vulnerabilities are growing worse. He highlights how tricking users is an important element of these evil plots.

rpziconix2018-09-07T13:17:56-04:00September 7th, 2018|Consumers and Email, Cybersecurity - General, Phishing, SP Guard, spear phishing|

Iconix Issued Ninth Patent for Email

The United States Patent and Trademark Office has issued Iconix's ninth patent titled "Rapid Identification of Message Authentication." The abstract for U.S. Patent 10,063,545, dated August 28, 2018, states: "Techniques are presented for uniquely identifying authentication associated with messages. A message is inspected for sender or domain identifying information associated with a sender of the message or a sender's domain. The identifying information is authenticated, and if authentication, then distinctive metadata is associated with the message. The distinctive metadata is presented or played in connection with the message for purposes of readily identifying the authentication.” Prof. Arun Vishwanath, Iconix’s Science [...]

rpziconix2018-09-04T08:05:25-04:00September 4th, 2018|Consumers and Email, Cybersecurity - General, Email Authentication, Email Marketing, Iconix Truemark Service, Phishing, SP Guard, spear phishing|

FBI Internet Crime Statistics

On May 7, 2018, the FBI published its report of online crimes, 2017 Internet Crime Report. This vis summaries the FBI's findings: The largest losses were attributed to the Business Email Compromise/Email Account Compromise in which the victim is tricked into sending money to criminals. This crime is almost exclusively committed using deceptive emails. Deceptive emails are also used to commit other internet crimes such as data breaches, identity theft, phishing, and ransomware. SP Guard fights email deception by helping users identify suspicious emails.

rpziconix2018-05-21T16:55:50-04:00May 21st, 2018|Consumers and Email, Cybersecurity - General, Email Marketing, Iconix Truemark Service, Phishing, SP Guard, spear phishing|

Successful Phishing – Pretend to be FBI

The FBI warns that cyber criminals are sending phishing emails that impersonate the FBI! Why does this scam work? Because it is easy for cyber criminals to create very convincing emails that appear to come from the FBI. The FBI gives some examples here. How big a problem is fake email? What are the big cyber crime problems? Check in next week when we discuss the FBI's recently released 2017 Internet Crime Annual Report.

rpziconix2018-05-18T14:33:27-04:00May 18th, 2018|Consumers and Email, Cybersecurity - General, Phishing, SP Guard, spear phishing|

Why Do People Phish?

With all the press about phishing and hacking and social engineering, you have to ask, "Why Do People Phish?" Certainly state actors like Russia and North Korea have political objectives. But they aren't after me. Why do people phish average businesses and people? A recent prosecution in Virginia makes it clear why people phish -- it's the money! Yesterday (March 6, 2018), Olajide Abraham Eyitayo of Hempstead, NY, pleaded guilty to stealing more than $1.1 in a phishing scam. The particular scam he used was what the FBI calls a Business Email Compromise. The FBI describes the scam: The schemers [...]

rpziconix2018-03-07T13:13:43-05:00March 7th, 2018|Consumers and Email, Cybersecurity - General, Phishing, SP Guard, spear phishing|

What’s Worse – Phishing or Malware?

New research from Google, U.C. Berkeley and International Computer Science Institute made this stunning finding: We find victims of phishing are 400x more likely to be successfully hijacked compared to a random Google user. In comparison, this rate falls to 10x for data breach victims and roughly 40x for keylogger victims. This just examined one problem -- stolen credentials. Now consider how this applies to installing ransomware and malware, abuse of native processes, human misdirection of files (such as sending payroll tax returns in response to phishing) and the Business Email Compromise. Interestingly, the researchers do not ask why phishing [...]

rpziconix2017-11-15T13:54:21-05:00November 15th, 2017|Consumers and Email, Cybersecurity - General, Phishing, SP Guard, spear phishing|

Massive Google Docs Phishing Attack Sweeps Internet Today

A large scale phishing attack using a google docs exploit rapidly spread across the internet today. Google Docs Phishing Email You can learn about the data processing aspects of this attack. It has been reported in the The Wall Street Journal, The Verge, The New York Times, and many other sources. What about the human aspects of this problem? Why did people open these emails? Why do people open any emails? Prof. Arun Vishwanath, in Why Do People Get Phished, established that people open emails as a matter of habit which is invoked in response to perceived relevance and [...]

rpziconix2017-05-04T14:06:33-04:00May 4th, 2017|Consumers and Email, Phishing, SP Guard, spear phishing|

How The Russians Hacked Yahoo!

The United States indicted four Russians for compromising over 500 million Yahoo! user accounts. Indicted Russian Hackers So, how did they do it? In an interview with Ars Technica, the FBI said that the hackers gained access to Yahoo!'s systems using ------ Spearphishing!

rpziconix2017-03-30T09:27:26-04:00March 30th, 2017|Consumers and Email, Cybersecurity - General, Phishing, SP Guard, spear phishing|

Phishing as a Service

Look familiar? This is the familiar Google login page. The main display is correct. The google favicon is in the tab. The URL has gmail in it. Oh, but it isn't Gmail! In a recent blog posting, researchers at Fortinet remind us of this unfortunate fact: The easiest way to steal credentials is to ask for them! In this criminal enterprise, the service provides all the tools a bad guy needs. The bad guys offer an easy to use interface to create the fake gmail page. The bad guys provide the backend that harvests the credentials from the page. Finally, the [...]

rpziconix2017-01-07T17:35:09-05:00September 23rd, 2016|Consumers and Email, Cybersecurity - General, Iconix Truemark Service, Phishing, SP Guard, spear phishing|