Understanding Multi-Factor Authentication

We all know that passwords alone just don’t cut it anymore. Between data breaches, phishing attacks, and password reuse, relying on a single password to protect your most valuable accounts is like locking your front door but leaving the windows wide open. That’s where multi-factor authentication (MFA) comes in. It adds extra layers of protection to your online accounts. While many companies are implementing passkeys, not all of them have it available. So, MFA is the next best way to protect your accounts, MFA makes it so that even if your password falls into the wrong hands, no one can get in without passing additional verification steps. READ FULL STORY

Users Get Tricked Into Falsely Updating Google Services

The TrickMo Android banking trojan has re-emerged in a new form, disguised as a fake Google Chrome app for Android. Once installed, this malicious app prompts users to update Google Play Services, tricking them into downloading TrickMo under the guise of "Google Services." By doing so, it gains access to critical permissions, including those for the device's accessibility settings, which it then exploits to perform various malicious activities. READ FULL STORY

Are You A Money Mule? What You Need To Know

Criminals of all kinds traffic in stolen money and need middlemen to relocate the funds. From romance scams to phishing attacks and more, there’s plenty of fraudsters with hijacked money needing laundering—and that’s where money mules come in handy. Unfortunately, sometimes those people are unaware of what they are doing, but that doesn’t mean they can’t be punished for it. Check out the red flags of avoiding becoming a money mule—and a criminal. READ FULL STORY

Ways To See If Your Data Has Been Stolen

With all the data breaches, whether by intrusion or accident lately, it’s likely your information was exposed somehow to someone you didn’t intend. After all, the marketing company Exactis, exposed hundreds of traits on us in 350 million records. Yahoo let out email addresses and passwords on billions of people, and of course who can forget the massive breach of Equifax just last year. There is a lot of information that gets leaked on us and the more the bad actors have on us, the more targeted their phishing campaigns can be. Checking on whether or not your data is available in the underground can help you mitigate any fraud or identity theft. READ FULL STORY

Instagram’s Helper Bot Helps Hijackers Get Access to Your Account

For years, cybercriminals have relied on phishing emails, malware, and stolen passwords to break into online accounts. Now, some attackers appear to have found a shortcut hiding in plain sight: Meta's own AI-powered support system. Security researchers say hackers were able to trick Instagram's automated support chatbot into helping them take over user accounts, raising fresh concerns about the risks of allowing artificial intelligence to perform sensitive account recovery tasks. The incident serves as another reminder that convenience and security do not always make good roommates. READ FULL STORY

Is Your Wrist Wear A Security Risk?

Your smartwatch tracks your steps, displays your messages, and can even unlock your phone. It’s a tiny device with a lot of power. But all that convenience also means your watch could hold more personal information than you realize. From health data to email notifications, smartwatches store plenty of details that hackers would love to get their hands on. The good news is a few simple settings can help keep your smartwatch locked down so your personal data stays on your wrist and out of the wrong hands. READ FULL STORY

Your Homework Was Hacked--Canvas Breach Gives Students an Excuse to Avoid Studying

Students, faculty, and administrators across the country got an unexpected interruption to finals week after hackers linked to the cybercrime group ShinyHunters allegedly breached Instructure, the company behind the Canvas learning platform used by thousands of schools worldwide. While passwords and financial information do not currently appear to have been stolen, cybersecurity experts warn the data could still fuel phishing attacks, scams, impersonation attempts, and long-term identity risks for students and faculty alike. If you use or have used Canvas, now is the time to change passwords, watch for suspicious emails, and treat every “urgent” school message like it arrived wrapped in digital caution tape. READ FULL STORY

One Billion Records Exposed When MongoDB Database Found Unsecured

A newly discovered data leak tied to identity verification company IDMerit has exposed an enormous amount of personal information online. Security researchers say the database contained more than a billion sensitive records, including names, addresses, phone numbers, and national identification details. While the database has since been secured, the incident shows how a single misconfigured system can put massive amounts of personal data at risk. If your information was included, scammers and identity thieves could use it for fraud, phishing, or account takeovers. Taking a few steps now can help protect your personal data before criminals try to exploit it. READ FULL STORY

Home Title Theft May Make Your Home No Longer Your Home

Imagine waking up to learn your home is no longer your home. No one broke in and held you hostage to get it, no one served you paperwork to get out, but suddenly you discover that the name on the deed to your property is no longer yours and no actual legal transfer took place. No broken windows. No moving trucks in the driveway. However, paperwork appears that says it’s no longer yours. But your home is no longer your home. What may have happened is deed fraud. READ FULL STORY

Financial Services Robust Security Forces Cybercriminals To Target Customers

Cybersecurity experts are focused on finding ways to foil attempts by cyber criminals to access information related to client accounts and the cyber criminals themselves, who are continually in search of loopholes in security solutions to access sensitive personal information. And if research from Akamai is true in their annual “State of the Internet” report, then cybersecurity teams are fighting a desperate fight against professional malware groups intent on using a variety of tactics. READ FULL STORY

Business Email Spoofing On The Rise

While the headlines are focused on ransomware attacks, spoofed emails are getting sneakier and more successful. Bad actors are always finding new ways to hack their way into businesses, and spoofing email addresses are proven way of doing just that. During the first 100 days of the coronavirus outbreak, spoofing attacks increased by 30%. This type of phishing email can sneak past antivirus security and lead to data theft, fraudulent wire transfers, ransomware, BEC (business email compromise), and more. READ FULL STORY

Common Signs Of Phishing To Keep In Mind When Your Inbox Overflows

With email phishing, deciphering what’s real from what’s fake can be a challenge. Our inboxes are stuffed with emails fighting to get our attention and get us to take some action. But how to ferret-out what’s legitimate takes some cyber-smarts. Research shows email is the primary method of spreading 92% of all malware, and the U.S. is the target of 86% of all email phishing attacks. Whether at home or at work, email phishing is relentless, but being aware of characteristics they have in common can be a powerful tool. READ FULL STORY