Resources
COVID-19 Drives Spike in Mobile Phishing Attacks
The increase in working from home during the COVID-19 pandemic has led to an increase in mobile phishing campaigns. Attackers are targeting remote workers whose devices lack adequate security protections to steal users’ banking credentials. Mobile phishing attacks increased by 37% globally in the first quarter of 2020. According to research based on data collected from 200 million mobile devices worldwide, 22% of mobile enterprise users encountered a phishing attempt in the first quarter, compared to 16% in the previous quarter. This...
read moreRansomware Attacks Hit 2 More Healthcare Organizations
Risk Mitigation Tips Ransomeware Attacks continue to surge as two ransomware incidents recently reported to federal regulators as health data breaches illustrate. Recent ransomware-related data breaches reported to the DHHS OCR affected Woodlawn Dental Center based in Cambridge, Ohio, and Mat-Su Surgical Associates in Palmer, Alaska. Woodlawn Dental Incident The HHS “Wall of Shame” shows that Woodlawn Dental reported on May 18 that a breach affected more than 14,400 individuals. In a notification statement, Woodlawn says on March 18, it...
read moreFBI Unveils the Top-10 Most Exploited Cybersecurity Vulnerabilities
The FBI has been keeping tabs on the most exploited vulnerabilities for years. They also pay close attention when it appears that hacking is being perpetrated by other nations. On May 12th, they released their list of the top 10 most exploited vulnerabilities. The list is intended to help all organizations “place an increased priority on patching the most commonly known vulnerabilities exploited by sophisticated foreign cyber actors,” they say. Typically, “sophisticated nation-state hackers” refers to China, Iran,...
read moreCriminals, Rogue Nations Using COVID-19 To Distribute Malware
Attackers are continuing to use concerns over COVID-19 to distribute ransomware and malware, including for smartphones. While the healthcare sector is perhaps at the greatest risk from these attacks, criminals are using the panic as a widespread opportunity. Attacks include the usual suspects: cybercrime operators looking to make a fast buck – for example, by demanding a ransom to unlock crypto-locked systems – as well as nation-states seeking to sow chaos. Recently the U.S. Department of Health and Human Services saw increased...
read moreCriminals Spoofing Bank Websites, Offering Attractive CD’s
The SEC’s Office of Investor Education and Advocacy has issued an Investor Alert to warn investors about phony Certificates of Deposit promoted through internet advertising and “spoofed” websites – websites that mimic the actual sites of legitimate financial institutions. Investors should be extremely cautious when purchasing CDs from sites found only through internet searches. “Spoofed” websites – often using URL addresses similar to those of bank websites, or using legitimate-sounding names and URLs – may be used to trick investors into...
read moreCybercrime Still Growing: Phishing and Business Email Compromise Lead The Way
Cybercrime led to $3.5 billion in losses in the U.S. last year, with a sharp uptick in business email compromise scams – which accounted for nearly half those losses, according to a newly released FBI Internet Crime Report, which is based on complaints the FBI received. Donna Gregory, the head of the FBI’s Internet Crime Complaint Center, emphasizes that the FBI isn’t seeing a ton of new types of fraud but rather criminals using new tactics and techniques to carry out existing scams. “Criminals are getting so...
read moreCOVID-19 Ransomware Piles on to Seasonal Spike
Attackers are continuing to use concerns over COVID-19 to distribute ransomware and malware, including for smartphones. The healthcare sector continues to be the largest single target of cybercriminals, and they are exploiting the current situation. Culprits behind such attacks include cybercrime operators looking to make a fast buck as well as nation-states seeking to sow chaos. These attacks are hitting all levels of the U.S. healthcare sector. Recently the U.S. Department of Health and Human Services saw increased scanning of its network...
read moreHealth Data Breach Tally: Trends in 2019
As of early December, the HHS “Wall of Shame” shows that 462 major health data breaches affecting a total of nearly 41 million individuals have been logged in 2019. By the numbers: • 272 breaches were reported as hacking/IT incidents, affecting a total of nearly 36 million people, accounting for approximately 88 percent of people affected by breaches. • 136 breaches were reported as “unauthorized access/disclosure” breaches, affecting a total of 4.6 million individuals, or about 11 percent. • 30 breaches were reported as...
read more8 Tips on Giving Patients Access to Their Records
HHS Points to Ways to Improve Compliance With HIPAA Requirements Under the HIPAA Privacy Rule, patients and their authorized representatives have the right to access their electronic or paper health records. Unfortunately it’s often easier said than done, and federal regulators want that to change. Complaints from patients about the lack of access to their records have remained consistently among the top five issues in HIPAA cases that are investigated and closed with corrective action by HHS’ Office for Civil Rights. In order to...
read moreHow Vulnerable Are Your ATMs?
Attackers are increasingly hacking into banks’ networks to gain access to the IT infrastructure connected to their ATMs. They then push malware onto the ATMs that allows a low-level gang member to walk up and enter a preset numerical sequence into the ATM to make it dispense all of its money in what’s known as a “jackpotting” or “cashing out” attack. Such attacks also allow them to steal card data from ATM machines. For attackers, the appeal is simple: It’s safer and easier than walking into a bank with a...
read more