Despite trillions of dollars in breach fine payouts, each year the number of compromised companies and individuals with private data exposed rise.
Executives at high-profile companies are being targeted by a fake voicemail campaign hunting for Office 365 credentials.
Cybercriminals seem to get more and more sophisticated with their attacks, and phishing scams are no different. The McAfee Labs team has observed a new phishing campaign using a fake voicemail message to trick victims into giving up their Office 365 email credentials. During the investigation, the team has found three different phishing kits being used to exploit targets.
How exactly does this sneaky phishing scam work? It all begins when a victim receives an email stating that they’ve missed a phone call, along with a request to log into their account to access the voice message. The email also contains an attached HTML file that redirects the victim to a phishing website. This website prepopulates the victim’s email address and asks them to enter their Office 365 credentials. What’s more, the stealthy attachment contains an audio recording of someone talking, leading the victim to believe that they are listening to a legitimate voicemail.
Once the victim enters their password, they are presented with a page stating that their login was successful. The victim is then redirected to the office.com login page, leading them to believe that everything is perfectly normal. Little do they know that their credentials have just been harvested by a cybercriminal.
While this sneaky scheme has been primarily used to target organizations, there is much to be taken away from this incident, as cybercriminals often disguise themselves as businesses to phish for user data. To protect yourself from these stealthy scams, check out the following tips:
The post 3 Tips to Protect Yourself From the Office 365 Phishing Scams appeared first on McAfee Blogs.
Of the 200 schools in the report, the University of Pittsburgh and Georgetown University received top marks, with their DMARC policy set to “reject.”
Targeted ransomware, mobile malware and other attacks will surge, while companies will adopt AI, better cloud security and cyber insurance to help defend and protect against them.
Scammers are targeting those hoping for #CashAppFriday “blessings.”
Silent Librarian cyberattackers are switching up tactics in a phishing scheme bent on stealing student credentials.
Someone recently asked me what I wanted for Christmas this year, and I had to think about it for a few minutes. I certainly don’t need any more stuff. However, if I could name one gift that would make me absolutely giddy, it would be getting a chunk of my privacy back.
Like most people, the internet knows way too much about me — my age, address, phone numbers and job titles for the past 10 years, my home value, the names and ages of family members — and I’d like to change that.
But there’s a catch: Like most people, I can’t go off the digital grid altogether because my professional life requires me to maintain an online presence. So, the more critical question is this:
How private do I want to be online?
The answer to that question will differ for everyone. However, as the privacy conversation continues to escalate, consider a family huddle. Google each family member’s name, review search results, and decide on your comfort level with what you see. To start putting new habits in place, consider these 15 tips.
15 ways to reign in your family’s privacy
Is it possible to keep ourselves and our children off the digital grid and lock down our digital privacy 100%? Sadly, probably not. But one thing is for sure: We can all do better by taking specific steps to build new digital habits every day.
October is National Cybersecurity Awareness Month (NCSAM). Become part of the effort to make sure that our online lives are as safe and secure as possible. Use the hashtags #CyberAware, #BeCyberSafe, and #NCSAM to track the conversation in real-time.
The post 15 Easy, Effective Ways to Start Winning Back Your Online Privacy appeared first on McAfee Blogs.
You’re familiar with the cybercriminals that go after users’ credit card information and look to spread malicious links, but recently, one hacker decided to send a different message. According to Vice’s Motherboard, a hacker accessed TOMS Shoes’ mailing list and sent an email encouraging users to log off and go enjoy the outdoors.
The email specifically stated, “hey you, don’t look at a digital screen all day, theres a world out there that you’re missing out on.” The hacker claimed to have compromised TOMS a while back but never had any malicious intent and felt it had been too long to disclose the breach to the authorities. Although the hacker didn’t tell Motherboard how he or she specifically gained access to the TOMS account, they did voice their frustrations with hackers who steal data from large companies and innocent civilians.
Representatives from TOMS stated that they are actively looking into the breach and warned users to not interact with the message. And while this particular hacker had no malicious intent, users could have a potential phishing scam on their hands if these email addresses had ended up in the wrong hands.
So, whether you’re a TOMS shoe wearer or not, it’s important to stay updated on potential cyberthreats so you can recognize immediately. Here are some tips to help you avoid accidentally treading on potential phishing emails:
The post Watch Your Step: Insights on the TOMS Shoes Mailing Hack appeared first on McAfee Blogs.
End-2-End Encrypted. Secure. Ad-Free.
Lightweight and Faster than the Competition.
Vox Messenger is a secure alternative to other popular chat messenger apps.
Available for Free. Whitelabel Corporate Edition Coming Soon.
All Rights Reserved - Copyright @ 2018 - Vox Messenger (a Division of Kryotech Ltd.)