Article Roundup – Week Ending 10/06/17

XSolutions posts to social media almost on a daily basis. Readers of our blog and newsletter see only a small portion of the information we share. Below are articles from various sources and experts that we shared this past week: Source: Deloitte Breach Affected All Company Email, Admin Accounts Global accounting firm, Deloitte experienced a […]

Security Alert: Equifax Data Breach Impacts 143 Million People

Reporting agencies and security blogs are ablaze today with the news that Credit-reporting giant Equifax suffered a data breach possibly exposing critical information on 143 million U.S. consumers. Hackers supposedly exploited a vulnerability in a website application and gained unauthorized access to files as far back as mid-May. Information exposed in the hack: names, Social Security […]

Anatomy Of A CEO-Wire Fraud Attack

CEO-Wire Fraud is a dangerous Social Engineering attack that cost businesses billions in losses. A good Social Engineer will study potential victims sometimes for months before attacking and craft convincing spoofed emails, targeting accounting personnel with wire transfer responsibilities. Recently, one of our best clients experienced such an attack and they graciously allowed us to use […]

Security Alert: DocuSign Breach Leads To Phishing Attacks

A recent breach at DocuSign has led to phishing campaigns designed to infect recipients with credential stealing and banking trojans: Pony, EvilPony and ZLoader. DocuSign is one of the most widely used electronic signature applications with 200+ million users. As an immediate measure, DocuSign recommends that you delete any email that appears to come from […]

How To Identify A Phishing Email—An Example

One of our good clients sent us a phishing email supposedly from Microsoft. It fooled a very experienced user and so would be a good example to use to show our readers how to identify Phishing emails. Fortunately, the bogus link did not forward to an infected website where ransomware could have been instantaneously downloaded, […]

Hackers Step Up Phishing Attacks

  It seems that phishing attacks have increased exponentially during the last few months and businesses and individuals must always be on their guard.     Recently, an employee of one of our very good clients forwarded an email to me saying that it looked suspicious. It invited my client to click a button to […]

Ransomware – Information Held Hostage

On  May 12, 2017, I attended a great seminar, “Information Held Hostage: Protecting Your data From Ransomware and Phishing”, held by the Connecticut Technology Council and hosted by Datto, the world leader in Business Continuity solutions. The featured speaker was Arthur House, Connecticut’s Chief Cybersecurity Officer. Arthur was joined by panelists: Jane Domboski, FBI Supervisory […]

Security Alert: Massive Google Docs Phishing Campaign

A very convincing and deceptive Google Docs phishing scheme hit the internet yesterday ensnaring thousands. The email is very short and looks like it came from someone you know saying that a document in Google Docs has been shared with you and inviting you to view it. After the user clicks the link or button, […]

ALERT: New Malware Campaign With A 90% Success Rate

Researchers have discovered a brand new, sophisticated spear phishing campaign that fools 90% of their targets into opening infected attachments or visiting spoofed websites. Once a target takes action, the malware either steals data, credentials or both. These hackers are very savvy—diligently researching targets, tailoring messages specifically to them and adding personalized information to fool […]

Security Alert: HSBC Customers Targeted In Phishing Scams

XSolutions has learned that HSBC customers have been recently targeted by cyber-thieves in a rash of email Phishing scams. A recent post on Malwarebyte’s blog has identified at least four scams going around. The thieves embed infected links or attachments in targeted SPAM emails to the bank’s clients urging them to click on the link […]