Security Alert: 23 Million Bogus Emails Spreading Ransomware

In just 24 hours, over 23 million phishing emails carrying the Locky Ransomware virus have been distributed in one of the largest malicious campaigns of the year. The emails have utilized subject lines like: please print documents photo images scans pictures The emails come with an attachment, this time it’s a ZIP file containing VBS […]

Malware Evolves To Dangerous Levels

Criminals are an adaptable bunch. Now that most people know not to enable macros and avoid Microsoft Word attachments, hackers came up with new ways that don’t require macros to execute downloads. The first is a malware called “Zusy” that is infecting users with compromised PowerPoint attachments that automatically downloads an executable banking trojan using […]

Anatomy Of A CEO-Wire Fraud Attack

CEO-Wire Fraud is a dangerous Social Engineering attack that cost businesses billions in losses. A good Social Engineer will study potential victims sometimes for months before attacking and craft convincing spoofed emails, targeting accounting personnel with wire transfer responsibilities. Recently, one of our best clients experienced such an attack and they graciously allowed us to use […]

How To Identify A Phishing Email—An Example

One of our good clients sent us a phishing email supposedly from Microsoft. It fooled a very experienced user and so would be a good example to use to show our readers how to identify Phishing emails. Fortunately, the bogus link did not forward to an infected website where ransomware could have been instantaneously downloaded, […]

Hackers Step Up Phishing Attacks

  It seems that phishing attacks have increased exponentially during the last few months and businesses and individuals must always be on their guard.     Recently, an employee of one of our very good clients forwarded an email to me saying that it looked suspicious. It invited my client to click a button to […]

Ransomware – Information Held Hostage

On  May 12, 2017, I attended a great seminar, “Information Held Hostage: Protecting Your data From Ransomware and Phishing”, held by the Connecticut Technology Council and hosted by Datto, the world leader in Business Continuity solutions. The featured speaker was Arthur House, Connecticut’s Chief Cybersecurity Officer. Arthur was joined by panelists: Jane Domboski, FBI Supervisory […]

Think it can’t happen to you?

Many individuals simply operate on the assumption that no one is interested in what they have or their company is too small for criminals to bother with. This is called security through obscurity. If you operate under this assumption—you are wrong. You are vulnerable if you: Keep logins (user names & passwords), documents, emails, personal […]

Security Alert! Locky Reemerges—Dangerous As Ever

Most of us breathed a sigh of relief thinking that the notorious Locky ransomware virus, which first made its debut in February 2016,  had run its course. Not so! This past week, Locky reemerged with a slight but devious twist—the same nasty virus but with a different delivery mechanism. Previously, Locky was sent to victims via […]

ALERT: NYS Department of Finance Issues A Warning

The New York State Department of Finance recently sent an alert warning companies that scammers, posing as company executives are contacting the Payroll and/or HR departments of targeted companies requesting lists of employees and their personal information. This is not a new scam but apparently it is an effective one and Government officials have seen a resurgence recently. […]

Security Alert: Karma Ransomware Hides In SW Downloads

  Security blog, Graham Cluley posted yesterday that researchers discovered that Karma ransomware is piggybacking on free internet downloads. Once downloaded onto your PC, Karma checks to see if it is running on a virtual machine. If it is, it terminates itself but if it detects that it is running on a physical machine it […]