In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he […]

Early 2019 marks the fifteenth anniversary of Facebook’s launch. Since the winter of 2004, social media has come a long way, becoming deeply ingrained in the live of billions of people worldwide. According to the Pew Research Center, 73 percent of Americans used YouTube in 2018 and 68 percent were on Facebook. Even smaller network […]

Visiting a website for the first time, perhaps via an email link? Look for the tell-tale signs of phishing. These include misspellings and grammatical mistakes on the page, aggressive advertising and especially unusual and complex URLs. If you see some or all of them, leave the page immediately.

Many phishing scams involve the phisher posing as a major retailer and then sending emails claiming to contain coupons that you redeem by clicking them in an email. To stay safe, never click on one of these offers if it seems to good to be true, comes from a long/garbled email address or is contained in a […]

URL typos aren’t always harmless – the slightly misspelled website might actually be a registered domain that could put your device in harm’s way. The risk has grown as the number of top-level domains has increased; instead of just .com or .org, now there’s also .xyz, .capital and many more. Double-check any URL you type […]

Vanity link shorteners such as bit.ly and goo.gl were once popular as a space-saving techniques on platforms like Twitter. They carry risks, though, since you cannot immediately see where they lead. Truncated URLs have been used in several scams. For example, a goo.gl address was central to a phishing campaign that pointed victims to a […]