Email Security News, Articles and Updates

Medical supplier Inogen hit with breach, 30,000 possibly affected

A California-based medical device manufacturer reported that 30,000 former and current customers may have had their personal information exposed when a company employee's email account was compromised.

Pompeo will put resources into cyber at State Dept., agency warns employees of uptick in hacking attempts

Lawmakers asked Mike Pompeo if he would reinstate the agency's cyber coordinator position while the Cyber and Technology Security Directorate warned the departments employees of an upswing in malicious activities by hackers.

Email hoaxes and phishing scams prey off of school violence fears

A Swiss hacking group has reportedly claimed credit for using a hijacked email domain to bombard schools around the U.S. with fake threats of violence. Meanwhile, a credentials phishing campaign is also stoking school shooting fears by impersonating a campus security alert.

Nigerian man pleads guilty to BEC scams, awaits sentencing

Onyekachi Emmanuel Opara and co-conspirator David Chukwuneke Adindu, along with others, ran BEC scams between 2014 to 2016, trying to fleece victims out of millions of dollars.

White House email domains lack protections against spoofing -- report

An analysis of 26 email domains managed by the Executive Office of the President found that all but one of them lack sufficient DMARC protections against spoofing used in phishing and spam campaigns.

Microsoft adds ransomware protection, recovery tools to Office 365

Microsoft has rolled out a series of new tools to protect its Office 365 Home and 365 Personal customers from a variety of cyberthreats, including ransomware.

Information on 6,800 CareFirst members exposed in phishing attack

CareFirst BlueCross BlueShield said one of its employees fell victim to a phishing attack that led to thousands of its members' personal information being exposed.

10 Ways to tell if that email is legitimate...or not

More sophisticated spear-phishing and whaling attacks — attacks that focus on specific individuals — take more time to prepare and research, but they too can be very inexpensive to perform.

A brief history of crime: Email scammers push fake Stephen Hawking contest

You don't have to be a rocket scientist to figure out that a recently observed spam campaign offering an $8 million prize to whoever can answer three questions about the late astrophysicist Stephen Hawking is a big-time scam.

Report: Hope Hicks testified that email account was hacked

Prior to announcing her impending resignation on Feb. 28, former White House communications director Hope Hicks told federal lawmakers in private testimony that one of her email accounts was hacked, according to NBC News.

Colorado DOT, Allentown, Pa. in recovery mode after costly cyberattacks

The Colorado Department of Transportation (CDOT) and the city of Allentown, Pa., are in the process of digging themselves out from two separate cyberattacks that hit in the last few weeks.

Savannah still suffering effects from cyberattack

Savannah, Ga., is still in the process of recovering from a malware attack that took place last week that forced the city to shut down part of its computer system in an attempt to limit damage.

Edward Snowden returns to U.S.! Oops, nope, it's a phishing scam

No, NSA whistleblower and U.S. fugitive Edward Snowden did not just purchase a 2 terabyte storage plan for iCloud, nor has he moved back to the States.

Fancy Bear targets defense contractors email to steal tech secrets

Just as they did with former Hillary Clinton Campaign Manager John Podesta, Fancy Bear tried to trick employees at companies like Boeing, Lockheed Martin, Raytheon Co., and Airbus Group into handing over their credentials.

Core Security releases security advisory on Kaspersky Labs' Secure Mail Gateway

Core Security issued an advisory for multiple vulnerabilities it found in Kaspersky Labs' Secure Mail Gateway that if left unpatched could lead to administrative account takeover.

Charlotte Housing Authority hit with W-2 tax breach

The Charlotte, N.C., Housing Authority was hit with one of the tax season's earlier W-2 breaches, which was identified 10-days before the Federal Trade Commission's Tax Identity Theft Awareness Week kicked off.

Millions of Fortune 500 email credentials found on the dark web

About 10 percent of the email credentials of all those employed at Fortune 500 companies have been leaked on the dark web, according to a new study.

FBI lost some texts of agent involved in Russia, Clinton probes

The FBI said "misconfiguration issues related to rollouts, provisioning and software upgrades that conflicted with the FBI collection capabilities" prevented the retention of texts between mid-December 2016 and mid-May 2017.

Defense Dept. blocks 36M malicious emails daily, fends off 600 Gbps DDoS attacks

The agency also has thwarted distributed denial of service (DDoS) attacks as large as 600 Gbps and expects those attacks to grow to a terabyte or more.

Defense Dept. warns staffers against using personal email for official business

Personal or other non-official email accounts can only be used to conduct official government business in "rare and extraordinary circumstances," according to a memo issued by Deputy Defense Secretary Patrick Shanahan.

Gov't agencies adopting DMARC more quickly, but still have a ways to go

Research from Agari Analytics shows strong momentum for complying with the directive - adoption increased 38 percent increase between Nov. 18 and Dec. 18.

Louisiana man busted in 'Nigerian prince' scam

The investigation is ongoing and is expected to reach beyond the U.S. borders, according to a release from the police department.

State Dept. releases Abedin emails found on Weiner laptop

The discovery of the emails on disgraced Congressman Anthony Weiner's computer prompted former FBI Director James Comey to renew a probe of Hillary Clinton's email.

Australian loses $1 million in 'catphish' whaling scam

A London court heard a case earlier this month in which one of Australia's richest people tried to recover $1 million scammed from him in a convoluted ruse that combined traditional phishing with the "Catfish" online phenomenon preying on lonely people looking for love.

Irish Zoo scammed, nearly $600,000 stolen

Most humans have a soft spot for animals. Cybercriminals are another breed obviously, as evidenced by the Dublin Zoo's computer system getting breached so that payments due it were electronically redirected to a criminal's account.

Email scam using Xero invoice as bait detected

A large email scam centered on a fake Xero invoice was detected by the firm Mailguard, the second such campaign using the popular cloud-based accounting software this month.

Fancy Bear campaign targets 200 journalists

About 200 journalists have been targeted by the Russian cybergang Fancy Bear over the last two years with the group releasing personal information as part of a grander scheme to hinder Hilary Clinton's presidential election campaign.

Washington, D.C. police computers used by two Romanians to operate ransomware campaign

The U.S. Secret Service has filed a complaint against two Romanian nationals for compromising more than 100 Washington, DC police computers that helped operate the city's camera surveillance network in order to spread ransomware.