You are viewing 'phishing'

Avoiding Popular Tax Season Scams

Phishers & Scammers & Taxes, Oh My!

Justin Miller

February 09, 2017 - Posted by Justin Miller to Security Insight

Tax Season

Our new Constitution is now established, and has an appearance that promises permanency; but in this world nothing can be said to be certain, except death and taxes.

— Benjamin Franklin

It’s that time of year — tax season. Regardless of whether you owe or are expecting a refund, there is one thing we all should be looking out for: people who want to take your money. This is a good time of year to remember one of the least technical, but certainly one of the most dangerous aspects of our industry, social engineering.

Whether by email through a phishing scheme or via telephone and fear, there is a possibility that you will be contacted in an attempt to access your IRS records, or pushed to send money to an unauthorized, but reputable sounding party.

Here are just some of the potential social engineering scams you might see:

A tax company appears... read more >

IDN Homograph Attacks

How a Russian spammer registered ɢoogle.com

Brandon Louder

January 05, 2017 - Posted by Brandon Louder to Security News

A friend recently brought to my attention that the Google Analytics report for his website was showing that 18% of his visitors had the below message showing up under the language field. Typically, this field shows language abbreviations depicting the native language of the visitor to the site such as: “en”, “es”, “fr”.

“Secret.ɢoogle.com You are invited! Enter only with this ticket URL. Copy it. Vote for Trump!”

Google Analytics Screen Shot

Looking beyond the political aspect of this message, there are two issues here. The second being the most unsettling:

  1. First of all, it is not uncommon for spammers to target Google Analytics with messages that incite the website owner to follow the link. This specific spammer has been active with this campaign for several months now. Google...
read more >

Decoding a VBA Macro Downloader

Jacob Faires

September 20, 2016 - Posted by Jacob Faires to Security Insight

Phishing Email

Recently, NTT Security discovered a phishing email containing malware. The email had a Microsoft Word document attached with a malicious embedded macro. Macros are an effective infection vector and have been steadily gaining popularity in the last several years. Microsoft Office macros are a series of instructions run together as a single command. Microsoft extended macro capabilities to include Visual Basic for Applications (VBA) run inside of a Microsoft Office application (Access, Word, Outlook, Excel, and Power Point). The takeaway is that macros could be, and probably are, malicious code when coming from an unknown source.

The Document

Below in figure 1 is a screen shot of the document we discovered embedded in the email. As you can see, the document is well formatted, and looks very legitimate. It also gives step-by-step instructions, requesting the user to enable content so the... read more >

Cybersecurity Quiz

Do you know what you don't know?

Guest Blogger

December 08, 2015 - Posted by Guest Blogger to Security Insight

Password

Data theft is on the rise, and it's getting more expensive. A recent study conducted by the Ponemon Institute now puts the average cost of a data breach at $3.8 million per incident. In the case of data theft, it's safe to say that an ounce of prevention is worth far more than a pound of cure. How much do you know about cybersecurity? Take our quiz and find out — or better yet, attend our Security Summit (at no cost to you!) next week where these topics will be covered in detail by cybersecurity experts.

True or False:

  1. Your business has a 30% chance of being hit with a DDoS (Distributed Denial of Service) attack.
  2. Social engineering is one of the biggest security threats facing...
read more >

Holiday Shoppers Beware!

Four threats to be aware of this holiday season

Terrance DeJesus

November 25, 2015 - Posted by Terrance DeJesus to Security Insight

When thinking about the period between November through the end of December, joyful thoughts of mouth-watering turkey, ham, mashed potatoes and (my personal favorite) stuffing, tend to come to mind. Let’s not forget about those Black Friday, Cyber Monday and holiday deals we are anxiously awaiting and hunting for. Once the deals are found, shoppers create stampedes at local stores to buy the intended items by swiping away at every credit/debit card system needed.

If you like to avoid the chaos, maybe you prefer entering your credit/debit card’s 16-digits, expiration date and CSV code into online shopping sites during Cyber Monday? Either way, with cybercrime on the rise and recent research making cyber news headlines, we should take a step back to ensure that our shopping process does not have negative results by reviewing a little bit of what has been going on, and how it could impact you during or after holiday shopping. Four scams to watch out for during this... read more >

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS