Estimated difficulty: 💜🤍🤍🤍🤍 I am sure many of you have heard of the term ‘phishing‘. Phishing is a form of social engineering, where the campaign is likely to pose as a trusted service or person, which may trick a user into giving away credentials, money or personal identifiable information. The phishing campaign is likely to …
Estimated difficulty: 💜🤍🤍🤍🤍 What is SMShing? SMShing (AKA Smishing) is a type of social engineering attack conducted over text messages, also known as SMS phishing. Social engineering attacks rely on exploiting human behaviour and reaction rather than a technical vulnerability. Criminals who “SMSh” or “phish” are usually financially motivated, using stolen information to steal money …
Read more “Text Me When You Get Pwned: What is SMShing and How Do I Protect Myself?”
Estimated difficulty: 💜🤍🤍🤍🤍 You may have already heard of ChatGPT. It has been a headliner in the news recently, mainly with a concern that it will replace hundreds, thousands, or maybe even more jobs! This post does not intend to add to the fear mongering, but more explore what we can do with ChatGPT and …
Estimated difficulty: 💜🤍🤍🤍🤍 New year, new blog post… obviously! To kick things of in 2023, today we’ll be talking about a commonly used social engineering technique called typo-squatting and how you can identify malicious domains/websites to protect yourself, or how to protect your organisation or brand if you own a website domain. Typo-squatting is by …
Read more “Typo-What?! How Attackers Use Typo-squatting to Lure You to Dodgy Websites”
Estimated difficulty: 💜🤍🤍🤍🤍 Happy Friday and happy (continued) cybersecurity awareness month! For those of you that don’t know, October is renowned for being cybersecurity awareness month – a month dedicated by security professionals to raise awareness in cybersecurity, specifically to the everyday user of technology that may not be security-savvy. Following on from Morgan’s last …
Read more “I Spy With My Little Eye: A Guide to Social Media OpSec”
Estimated difficulty: 💜🤍🤍🤍🤍
Welcome to Friday, and Cybersecurity Awareness Month. In October, security professionals spend the month raising awareness about cybersecurity and posting tips on social media about online safety.
Estimated difficulty: 💜🤍🤍🤍🤍 Ransomware can be a costly attack to organisations of all sizes. Recently Garmin fell victim to a ransomware attack, with reported ransoms of up to US$10 million in exchange to reinstate company files. According to a The State of Ransomware 2020 by Sophos, the global average cost to remediate a ransomware attack …
Estimated difficulty: 💜🤍🤍🤍🤍
Content Warning: This post includes discussion of sensitive topics such as revenge porn and blackmail. This week I’m primarily going to cover sextortion phishing campaigns, and a little about how to deal with these sorts of emails. I’ll also include some resources at the end of the post discussing general (non-phishing) sextortion, and organisations who can help if somebody tries to blackmail you with, or releases your personal content without your consent.
Estimated difficulty: 💜🤍🤍🤍🤍 Passwords have been a form of securing your accounts for years. They are your key to unlock the door to your account for want of a better metaphor. You are the only person that should know your password, as the creator and keeper of this information. My post will try to help …
Estimated difficulty: 💜🤍🤍🤍🤍 Hello, and welcome to another week of Security Queens! 🎉 This week I’ll try to give you a quick overview (not exhaustive) of a few common types of fraud, a bit of information about money laundering, and a little perspective about how it all ties into the bigger picture. Fraud is criminal …