Estimated difficulty: 💜🤍🤍🤍🤍 I am sure many of you have heard of the term ‘phishing‘. Phishing is a form of social engineering, where the campaign is likely to pose as a trusted service or person, which may trick a user into giving away credentials, money or personal identifiable information. The Continue Reading
Text Me When You Get Pwned: What is SMShing and How Do I Protect Myself?
Estimated difficulty: 💜🤍🤍🤍🤍 What is SMShing? SMShing (AKA Smishing) is a type of social engineering attack conducted over text messages, also known as SMS phishing. Social engineering attacks rely on exploiting human behaviour and reaction rather than a technical vulnerability. Criminals who “SMSh” or “phish” are usually financially motivated, using Continue Reading
ChatGPT: Let’s try it out!
Estimated difficulty: 💜🤍🤍🤍🤍 You may have already heard of ChatGPT. It has been a headliner in the news recently, mainly with a concern that it will replace hundreds, thousands, or maybe even more jobs! This post does not intend to add to the fear mongering, but more explore what we Continue Reading
Typo-What?! How Attackers Use Typo-squatting to Lure You to Dodgy Websites
Estimated difficulty: 💜🤍🤍🤍🤍 New year, new blog post… obviously! To kick things of in 2023, today we’ll be talking about a commonly used social engineering technique called typo-squatting and how you can identify malicious domains/websites to protect yourself, or how to protect your organisation or brand if you own a Continue Reading
I Spy With My Little Eye: A Guide to Social Media OpSec
Estimated difficulty: 💜🤍🤍🤍🤍 Happy Friday and happy (continued) cybersecurity awareness month! For those of you that don’t know, October is renowned for being cybersecurity awareness month – a month dedicated by security professionals to raise awareness in cybersecurity, specifically to the everyday user of technology that may not be security-savvy. Continue Reading
Use Somebody: Romance Scams and Modern Dating
Estimated difficulty: 💜🤍🤍🤍🤍
Welcome to Friday, and Cybersecurity Awareness Month. In October, security professionals spend the month raising awareness about cybersecurity and posting tips on social media about online safety.
Locked Out: What is Ransomware?
Estimated difficulty: 💜🤍🤍🤍🤍 Ransomware can be a costly attack to organisations of all sizes. Recently Garmin fell victim to a ransomware attack, with reported ransoms of up to US$10 million in exchange to reinstate company files. According to a The State of Ransomware 2020 by Sophos, the global average cost Continue Reading
Misery Business: Sextortion Emails
Estimated difficulty: 💜🤍🤍🤍🤍
Content Warning: This post includes discussion of sensitive topics such as revenge porn and blackmail. This week I’m primarily going to cover sextortion phishing campaigns, and a little about how to deal with these sorts of emails. I’ll also include some resources at the end of the post discussing general (non-phishing) sextortion, and organisations who can help if somebody tries to blackmail you with, or releases your personal content without your consent.
B3st Pass**rd Pr@ct!ces
Estimated difficulty: 💜🤍🤍🤍🤍 Passwords have been a form of securing your accounts for years. They are your key to unlock the door to your account for want of a better metaphor. You are the only person that should know your password, as the creator and keeper of this information. My Continue Reading
Thnks fr th Bnk Dtls: A Quick Guide to Fraud
Estimated difficulty: 💜🤍🤍🤍🤍 Hello, and welcome to another week of Security Queens! 🎉 This week I’ll try to give you a quick overview (not exhaustive) of a few common types of fraud, a bit of information about money laundering, and a little perspective about how it all ties into the Continue Reading