Targeted ransomware attacks on local US government entities—cities, schools, and police stations—are on the rise. In this blog learn you’ll learn why ransomware attacks are successful, what you can do to minimize the risk, and what to do if you are a victim. Continue Reading >
The Verizon DBIR — The C-Suite is Under Attack
According to The Verizon 2019 DBIR, the C-Suite is the primary target of criminals. Find out why, and what you can do to strengthen your enterprise’s defenses, in our June blog, “The 2019 Verizon DBIR — The C-Suite is Under Attack.” Continue Reading >
New Phishing Attacks are Increasingly Clever
Cunning phish are on the rise, according to industry experts at Microsoft. Additionally, phishing attacks continued to be the top attack vector through 2018. While ransomware attacks have decreased 60% since 2017, the cleverness of phishing attacks has been increasing. Don’t fear, there are still plenty of truly-cringeworthy phish assaulting your network, but you should be on the lookout for new, more thoughtful phishing attacks in 2019. As our industry’s defenses strengthen over time, malicious actors must seek new and inventive ways of targeting and exploiting our users. Some of these new phishing attacks do just that very effectively. 2019’s […] Continue Reading >
Don’t Pay the Price: Is Your Company Prepared for Invoice Fraud?
Imagine for a moment that you are sitting at your desk at work: your email pings alerting you of a new message from a supplier your company works with frequently. You open this email to read that they are switching to bank ABC, and they need you to update the information in the system. You do your normal checks of the email: branding, spelling, and logos all check out. With those things in place you update the banking information and reply that you have complied to the request. The next time an invoice comes in it is paid in a […] Continue Reading >
Are You Ready for a Career in Cybersecurity?
If you are interested in the human side of security, then the specialty field of professional social engineering is for you. Find out how you can get started on this exciting career path in our April blog, “Are You Ready for a Career in Cybersecurity?” Continue Reading >
Have You Ever Received One of Those Calls?
What Is Vishing? We define vishing as the “practice of eliciting information or attempting to influence action via the telephone.” Similar to phishing, the goal of vishing calls are to obtain valuable information that could contribute to the direct compromise of an organization by exploiting people’s willingness to help, fear, or curiosity. You may recognize these as calls from “tech support” or the “IRS” and even “your credit card company” asking you to confirm or correct information. You may have even heard “hackers in your area trying to hack your computer right now.” Have you ever received one of those […] Continue Reading >
Assess Your Risks
We talk a lot about phishing, vishing, smishing, and impersonation here at SECOM, and there is a good reason for that. Those are the primary services we provide as a company for our clients. Not all clients use all of our services, and some companies don’t use any of our services for a multitude of reasons. Maybe they use another company to test these attack vectors, maybe they use an internal team, some don’t test them at all. Regardless of your company’s choice, it is important, at a minimum, to have an understanding of and assess your company’s risks when […] Continue Reading >
How To Avoid a RAT Infestation
This is not a discussion on how to prevent or get rid of those large rodents that cause grown adults to scream like little children when they come scurrying across the floor or drop from a ceiling. We are referring to the remote access trojans (RATs) that are infesting computers and networks across the globe. These RATs are a type of malware that let a hacker gain administrative control of your computer. This threat is continuing to rise in popularity with one form, flawedAmmyy, entering the top 10 most prolific malware threats according to Check Point’s Global Threat Index for […] Continue Reading >
In 2019, Test Impersonation Attacks
At SECOM, we perform many forms of social engineering attacks, from phishing to vishing and smishing as well as impersonation. All of these attacks are used regularly by actual attackers and should be tested as part of a robust security assessment in every organization. Small and large businesses alike are vulnerable to these attacks. If you are currently training and testing your employees against phishing and vishing, as you should be, we encourage you, in 2019, to test impersonation attacks as well. What Are Impersonation Attacks The way SECOM describes an impersonation attack is the “practice of pretexting as another […] Continue Reading >
Not All Phishing Programs Are Created Equal
In today’s corporate world, security awareness training should be a common puzzle piece in general user onboarding and on-going staff education. With that training, regular testing should also be part of that puzzle. There are many variations in the types of programs offered at companies, so that means not all phishing programs are created equal. Phishing should be a staple component in any security awareness program, since phishing attacks account for some of the most notable breaches reported, think about Target, the DNC, Anthem, you get the point. According to one report, 76% of organizations say they experienced phishing attacks […] Continue Reading >
- « Previous Page
- 1
- 2
- 3
- 4
- …
- 9
- Next Page »
