Hackers Use Fake Google reCAPTCHA to Cloak Banking Malware

| February 21, 2019

article image
The most effective phishing and malware campaigns usually employ one of the following two age-old social engineering techniques: Impersonation. These online phishing campaigns impersonate a popular brand or product through specially crafted emails, SMS, or social media networks. These campaigns employ various methods including email spoofing, fake or real employee names, and recognized branding to trick users into believing they are from a legitimate source. Impersonation phishing campaigns may also contain a victim’s name, email address, account number, or some other personal detail. Panic/Bait. With this technique, attackers generate a fake situation to instill a sense of urgency or panic in the victim. A well-targeted, well-engineered false emergency often causes a victim to abandon normal operating security policies, aiding the hacker in the process.

Spotlight

CBTS

CBTS is a leading technology provider to enterprises in all industries, including dozens of Fortune 500 and Global 2000 companies. What sets us apart is the agility, flexible delivery models, and client focus of a smaller company coupled with the ability to deliver the resources, scale, and capabilities required by large organizations.

OTHER ARTICLES

CYBERSECURITY AND CORONAVIRUS: KEEPING YOUR BUSINESS SAFE

Article | March 19, 2020

Measures to mitigate the outbreak of COVID-19 have led to an unprecedented increase in remote working across the board. Our guest author Philip Blake, European Regional Director at EC-Council and cybersecurity expert, outlines key challenges and tips for staying secure while away from the office. As governments and businesses work on mitigating the impact of the ongoing COVID-19 outbreak, social distancing measures are leading to an increase in remote working across all sectors. The reasoning behind the measures is best left to health authorities, and are discussed at length elsewhere. The purpose of this article is to shed light on some of the key cybersecurity challenges around the sudden spike in remote work arrangements, and propose potential measures to keep networks as secure as possible during these times.

Read More

Security by Sector: Medical IoT Gets Much Needed Dose of Cybersecurity

Article | March 19, 2020

The subject of how information security impacts different industry sectors is an intriguing one. For example, how does the finance industry fare in terms of information security compared to the health sector, or the entertainment business? Are there some sectors that face greater cyber-threats and risks than others? Do some do a better job of keeping data secure, and if so, how and why? Information security risks and challenges in the healthcare industry are well documented and much maligned. There are several reasons why the healthcare sector is particularly vulnerable, but one of the chief causations is the high amount of connected yet insecure devices commonly used within hospitals, clinics and medical centers. For example, a report from researchers at healthcare cybersecurity company CyberMDX discovered that connected medical devices are twice as likely to be vulnerable to the BlueKeep exploit compared to other devices on hospital networks.

Read More

How much do behavioural biometrics improve cyber security?

Article | March 19, 2020

Experts often consider biometrics security the next big thing in cyber security. It encompasses a broad category that includes verifying a person's fingerprint, iris, gait and other factors that should be unique to the person checked. However, various tests proved that some biometric-based security has substantial room for improvement For example, researchers have hacked into smartphones that have fingerprint scanners by pressing the print of the rightful owner into a piece of Play-Doh and holding that impression against the reader. What those results indicate is that people should not assume that biometrics options are a foolproof choice for cyber security needs.

Read More

Guide to Cloud Security Certification: Which Ones Are the Best of the Best?

Article | March 19, 2020

As your organization looks to move to cloud computing, security certification will become more critical. Cloud solutions have unique security considerations that are different from an on-premise solution. IT professionals that are managing these solutions should be well-versed in multi-layered protection, encryption, monitoring, and more. Not only is certification important for your own IT staff, but it should also be part of your recruiting strategy. Experience combined with certifications can be invaluable foclr protecting your cloud environment. You want to ensure that the data you store in the cloud is protected from security threats.

Read More

Spotlight

CBTS

CBTS is a leading technology provider to enterprises in all industries, including dozens of Fortune 500 and Global 2000 companies. What sets us apart is the agility, flexible delivery models, and client focus of a smaller company coupled with the ability to deliver the resources, scale, and capabilities required by large organizations.

Events