Cyber Risk Aware Blog

Cyber Security Awareness Training - A Must for Educational Institutions

[fa icon="calendar'] Apr 10, 2019 4:59:34 PM / by Jennifer Nwaigwe M posted in Phishing, Spear Phishing, security awareness training, Cyber Risk as a Human Risk, Security Compliance

In our data-driven world, most organizations are at least partially dependent on a measure of electronic storage and networking. Perhaps out of experience, large organizations are generally aware of the need for effective cyber security frameworks including firewalls, access and awareness training, and anti-malware systems. Educational institutions, however, tend to be somewhat behind the curve, when it comes to tightly securing their data-verse. Recently, ethical hackers while testing the security of university networks discovered that they were able to successfully breach networks in less than 2 hours by using spear-phishing attacks to gain access to sensitive information. Well over 50 universities across the UK were a part of the test and in almost every case, testers were able to acquire domain-level administrator access used to control systems and gain complete unauthorized access to system information.

Read More [fa icon="long-arrow-right"]

The Cost of FREE Public WiFi

[fa icon="calendar'] Mar 15, 2019 2:43:40 PM / by Jennifer Nwaigwe M posted in CyberCrime, Phishing, Security awareness, Social Engineering, Accidental Cybersecurity Leaks

Everything has a cost, and that does not exclude free public WiFi connections.

Read More [fa icon="long-arrow-right"]

Tis the Season To Stay Safe Online!

[fa icon="calendar'] Nov 20, 2018 10:09:47 AM / by Stephen Burke posted in Phishing, securty awareness training, smishing

It is true that with the onset of the holiday shopping season there is a dramatic up-tick in activity in both the eCommerce world and the cybercriminal.   Black Friday and Cyber Monday have now become international shopping events and they are no longer one weekend but seem to go on for three to four weeks.  So, with consumers seeing increases in offers, promotions and coupons coming out in emails or SMS messages (SMiShing is the growing threat) as well as all those order confirmations, payment requests and shipping messages there are rich pickings for the cybercriminal who wants to swim in tide of communications hoping to de-fraud some unsuspecting consumers.

Read More [fa icon="long-arrow-right"]

Phishing Template Upgrade - Introducing New Sophistication Rankings

[fa icon="calendar'] Apr 19, 2018 8:44:21 AM / by Julie Lhanang posted in Phishing, Phishing Simulation, phishing email

Getting to know the new lure sophistication classifications, and how they can help your next campaign.

 

In 2017, Symantec reported that phishing rates had increased across most industries and organisation sizes. News sites consistently report on the biggest and scariest malware attacks and data breaches, and then ultimately attribute the increased susceptibility to one of many new phishing trends. But what in fact constitutes a highly-sophisticated phishing message? And how can this knowledge help you strategically plan and execute your next test campaigns.

Read More [fa icon="long-arrow-right"]

Phishing Alert: Hurricane Harvey Disaster Relief Fraud

[fa icon="calendar'] Aug 28, 2017 11:59:00 AM / by Stephen Burke posted in Phishing, Disaster Relief fraud, Social Media Scam

 

Hurricane Harvey has hit the U.S. State of Texas hard, the most powerful storm to make landfall in the U.S. for over a decade and create what has been described as a 500 year flood. At times like this decent human beings want to help each other. However, for others in society namely "cyber-scum" they are exploiting this disaster and human goodness. 

Read More [fa icon="long-arrow-right"]

Ransomware Phishing: An Ounce of Prevention

[fa icon="calendar'] Jun 27, 2017 9:45:11 PM / by Stephen Burke posted in Phishing, Spear Phishing, Phish prone, Ransomware, security awareness training, wannacry, petrwrap

Phishing has been in the news lately, not only because it was the intrusion technique allegedly used by Russian hackers to access U.S. voter registrations, but also because it is becoming more prevalent, especially in the UK.  You only have to look at the recent NHS "Wannacry" and the latest "Petrwrap" ransomware incidents both starting with curious staff opening phishing emails to understand the risks.

Read More [fa icon="long-arrow-right"]

Will Your Employees Take the Bait?

[fa icon="calendar'] May 26, 2017 9:13:29 AM / by Stephen Burke posted in CEO Fraud, Phishing, Spear Phishing, security awareness training

Do your employees know enough about phishing? Can they explain what spear phishing is? Do you have a policy in place to help prevent CEO fraud?

If the answer to any of these questions is ‘no’, then you are not alone. Employees remain the weakest link in the battle against cybercrime and are criminals number one target.

Read More [fa icon="long-arrow-right"]

HSE Could Be a 'Sitting Duck' for a Cyber Attack

[fa icon="calendar'] May 14, 2017 12:51:49 PM / by Stephen Burke posted in Phishing, Staff Awareness, Ransomware

 The content of this article was originally published by Mark O'Regan - Sunday Independent

The HSE could be a 'sitting duck' for a cyberattack unless it radically beefs up security to protect highly sensitive data which may be sold by criminals on the Dark Web.

Read More [fa icon="long-arrow-right"]

Ransomware Prevention!

[fa icon="calendar'] May 13, 2017 12:41:13 PM / by Stephen Burke posted in CyberCrime, Phishing, Ransomware, Data Protection, Phishing Simulation, securty awareness training

A widespread cyber attack has been coming folks, and many security professionals are attempting to increase awareness for staff and companies.

Two days ago I shared an article from AIG that stated "systemic cyber attacks" were expected this year across several sectors, including healthcare.

Read More [fa icon="long-arrow-right"]

What is CEO Fraud, and How to Prevent It

[fa icon="calendar'] May 5, 2017 8:58:37 AM / by Stephen Burke posted in CEO Fraud, CyberCrime, Phishing, Social Engineering

 Imagine going away on holiday and returning to find that in your absence your business bank account has been drained. When you ask your accountant, they are mystified - you gave the order for the transfer.

It may sound like the plot of a blockbuster thriller, but it's the scenario that has faced hundreds of business owners whose employees have fallen prey to CEO fraud.

Read More [fa icon="long-arrow-right"]