Saturday, September 23, 2023

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Hot Topics
  • LastPass: ‘Horse Gone Barn Bolted’ is Strong Password
  • The Threat Landscape for Healthcare Organizations
  • Cyber Week 2023 & The Israel National Cyber Directorate Presents - Guarding the Cyber Galaxy: Electronic-Cyber Defense in Space
  • Cybersecurity Insights with Contrast CISO David Lindner | 9/22
  • Web Application Firewall vs Firewall: What You Need to Know
Data Security Security Bloggers Network Threats & Breaches 

Home » Cybersecurity » Data Security » Be afraid … Be very afraid

SBN

Be afraid … Be very afraid

by Jane Grafton on October 31, 2019

It seems ironic that Halloween marks the final day of National Cybersecurity Awareness Month (NCSAM). The ghoulish holiday of spooks dredges up visits by shady hacker carnies. Except there’s no need to ask, “Trick or Treat?” With cybercriminals, it’s always a trick. And if you fall for it, it will cost you. Let’s look at some tricks from recent fraudsters you should be afraid of – very afraid.

Don’t Get Pinned

This juicy hack comes to us from Pieter Gunst, @DigitalLawyer. In a nutshell, a hacker pretends to be a bank employee alerting you to fraudulent account charges. The fraudster uses your member number and social engineering to reset your bank account password, then logs in as you. He reads off recent transactions asking if they are valid. This makes the call seem more legitimate. Eventually, the hacker asks for your bank pin code. This was the final straw that ended this particular fraud attempt. According to Pieter, this was “the most credible phishing attempt” he’d experienced to date. Here are the details.

AWS Builder Community Hub

Don’t Cash That Check

If you get a check in the mail you are not expecting, DON’T CASH IT. If you are practicing national cybersecurity awareness, you’ll know it’s likely a scam that will end up costing you dearly. By signing a check, you are signing a legally binding contract. So, you better know what that check is for before you sign your life away. You may be agreeing to a high-interest loan or enrolling in an expensive membership program. It’s nearly impossible to cancel these memberships and your monthly fee could be much more than the amount of that check.

Don’t Greet the Holidays

Do you love receiving holiday cards? Christmas is nearly upon us, so be prepared to sniff and snuff out malicious cyber greetings. Don’t open electronic greeting cards from people or companies you don’t know. Just like phishing emails, these e-cards contain malware laden links waiting to inject your computer with surprise gifts you really don’t want. This is table stakes for anyone who claims to know something about national cybersecurity awareness.

Don’t Read Fake News

Yep, fake news is a real thing. And, it’s dangerous. You could easily become a victim of an online scam by consuming what you think is a real news site, but which is actually a fake. Fake news sites serve up malicious links. Fake news sites sell fake products. And, fake shopping sites are dreaded wormholes. Don’t read fake news and don’t by fake products. Focus on national cybersecurity awareness.

Don’t Answer the Phone

You know from horror movies you should never answer the phone – especially if you are home alone at night. What about calls from numbers you don’t recognize with no caller ID? Should you answer those? No. There’s no treat that comes from an unknown number. More than likely, it’s a scammer trying to get you to divulge personal information or pay an erroneous bill. NEVER SAY THE WORD “YES” WHEN TALKING TO AN UNKNOWN CALLER. Be a national cybersecurity awareness champion and just say no. The fraudster is trying to record your voice saying “yes” so he can prove you agreed to buy something (which you did not). If the caller says, “Can you hear me?” HANG UP.

Do Play the 2019 NCSAM Trivia Game!

Enough about things you shouldn’t do. Let’s talk about actions you should take, in the wake of National Cybersecurity Awareness Month. The NCSAM website has a lot of information we hope you put to good use this month. It’s always important to be vigilant when it comes to national cybersecurity awareness. And, if you haven’t played the NCSAM Trivia game, you’re missing out! It’s easy, fun and informative. For example, do you know how many attempted cyberattacks are reported to the Pentagon every day? Download the 2019 Trivia Game and instructions to find out.

Do Implement Proactive Cybersecurity Controls

For large enterprises, the best defense is an automated offense. Luckily Gurucul offers Behavior Based Security Analytics to predict, detect and stop insider threats, account compromise, data exfiltration, privileged access abuse, fraud and more. Contact us for details. We want to put your mind at ease when it comes to protecting your data from malicious insiders and cyber criminals.

The post Be afraid … Be very afraid appeared first on Gurucul.


Recent Articles By Author
  • UEBA vs SIEM: The Key Differences of Each Solution
  • What is XDR? Concepts and Benefits
  • RSA 2023 Survey Reveals the Biggest SIEM Challenges Facing the SOC Today
More from Jane Grafton

*** This is a Security Bloggers Network syndicated blog from Blog – Gurucul authored by Jane Grafton. Read the original post at: https://gurucul.com/blog/be-afraid

October 31, 2019October 31, 2019 Jane Grafton Account Compromise, Blog, Cybersecurity, Data breach, data exfiltration
  • ← Securing the SMB With a Small Budget
  • Dynamic and Flexible AI for Network Security →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Mon 25

Cloud Security

September 25 @ 1:00 pm - 2:00 pm
Thu 28

A Guide to Smart Dependency Management

September 28 @ 12:00 pm - 1:00 pm
Oct 03

Way Too Vulnerable: Uncovering the State of the Identity Attack Surface

October 3 @ 11:00 am - 12:00 pm
Oct 11

ASPM: Leveling the AppSec Playing Field

October 11 @ 1:00 pm - 2:00 pm
Oct 16

Shadow Access: Where IAM Meets Cloud Security

October 16 @ 3:00 pm - 4:00 pm
Oct 17

Securing Cloud-Native Applications Across the Software Development Life Cycle

October 17 @ 11:00 am - 12:00 pm
Oct 18

Live Workshop on ‘SCA 2.0’: Using Runtime Analysis to Find High-Risk SCA Vulnerabilities

October 18 @ 12:00 pm - 1:30 pm
Oct 19

Managing Security Posture and Entitlements in the Cloud

October 19 @ 1:00 pm - 2:00 pm
Oct 24

When Seconds Matter: Real-Time Cloud Security With AWS and Sysdig

October 24 @ 11:00 am - 12:00 pm
Oct 24

Reporting From the Pipeline: The State of Software Security in DevOps

October 24 @ 1:00 pm - 2:00 pm

More Webinars

Subscribe to our Newsletters

TSTV Podcast

Most Read on the Boulevard

Group Allegedly Behind MGM, Caesars Attacks is Fairly New to Ransomware
A Wave of Chinese Cyberthreat Campaigns Use Old and New Malware
LockBit Affiliates Use RMM Software in Ransomware Attacks
Getting Started With Two-Factor Authentication (2FA)
Leveraging Wargaming Principles for Cyberdefense Exercises
How to secure payments from checkout to chargeback: Pairing Sift Payment Protection and Dispute Management
How Third-Party Breaches Impact Financial Institutions
Top Cybersecurity Events
Helpdesk Telephone Attack: How to Close Process and Technology Gaps
Automated Vulnerability Detection: Mitigate Fraud and Strengthen Your Cybersecurity Defense

Download Free eBook

The Dangers of Open Source Software and Best Practices for Securing Code

Industry Spotlight

Google: Chromebooks Will Get 10 Years of Software, Security Updates
Application Security Cybersecurity Data Security Endpoint Featured Industry Spotlight Malware Mobile Security Network Security News Security Boulevard (Original) Spotlight 

Google: Chromebooks Will Get 10 Years of Software, Security Updates

September 19, 2023 Jeffrey Burt | 3 days ago 0
Group Allegedly Behind MGM, Caesars Attacks is Fairly New to Ransomware
Cloud Security Cybersecurity Data Security Featured Identity & Access Industry Spotlight Malware Mobile Security Network Security News Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threats & Breaches 

Group Allegedly Behind MGM, Caesars Attacks is Fairly New to Ransomware

September 18, 2023 Jeffrey Burt | 4 days ago 0
DoD Turns to Stronger Alliances to Combat Cyberthreats
Cybersecurity Data Privacy Featured Industry Spotlight Malware Network Security News Security Awareness Security Boulevard (Original) Spotlight 

DoD Turns to Stronger Alliances to Combat Cyberthreats

September 14, 2023 Jeffrey Burt | Sep 14 0

Top Stories

China Accuses US of Years of Cyber-Spying, Malware Campaigns
Cybersecurity Data Security Featured Identity & Access Malware Network Security News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches 

China Accuses US of Years of Cyber-Spying, Malware Campaigns

September 22, 2023 Jeffrey Burt | Yesterday 0
Signal Intros Quantum-Resistant Encryption for App
Application Security Cybersecurity Data Privacy Data Security Featured Identity & Access Mobile Security Network Security News Security Boulevard (Original) Spotlight 

Signal Intros Quantum-Resistant Encryption for App

September 22, 2023 Jeffrey Burt | Yesterday 0
GitLab Releases Urgent Security Updates for Critical Flaw
Application Security Cloud Security Cybersecurity Data Security DevOps Featured Identity & Access News Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities 

GitLab Releases Urgent Security Updates for Critical Flaw

September 21, 2023 Jeffrey Burt | 1 day ago 0

Security Humor

Randall Munroe’s XKCD ‘xkcd Phone Flip’

Randall Munroe’s XKCD ‘xkcd Phone Flip’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.