by Greg Scott | Apr 22, 2024 | Phish collection
Today’s authentication state of the art uses two of a few possible factors identify us. We call this Two-factor authentication (2FA). The possible factors include: Something you know – for example, a password. Something you have – maybe a cell phone...
by Greg Scott | Mar 14, 2024 | Phish collection
ICANN – the Internet Corporation for Assigned Names and Numbers – keeps a registry of names and contact information for every internet domain name. ICANN periodically sends reminder emails like this one, and everyone who operates a website has seen them....
by Greg Scott | Jan 16, 2024 | Phish collection
It’s a time-honored tradition to reserve the first spots on the year’s Greg Sustaining Membership roster for truly exceptional Patriots, and this year, I chose YOU. That’s right. I’m pleased to invite YOU to be one of the very first people to become a 2024...
by Greg Scott | Sep 20, 2023 | Phish collection
Ah, yes, the old click-here-for-your-salary-history scam. Who wouldn’t want a helpful link from their company with salary history details? Click here to open the spreadsheet, click through the macro warnings, and enjoy the payload it leaves inside your computer....
by Greg Scott | Jul 28, 2023 | Phish collection
This phishing attack impersonates domain registrar, Namecheap, and might be the best I’ve seen. It grabbed my attention because I’ve fought expired certificates before and they’re always a major hassle to deal with. But wait a minute. Namecheap is my...
by Greg Scott | Jul 13, 2023 | Phish collection
This phishing attempt is all about timing. If an attacker sends a million of these, they’ll probably find a few potential victims waiting for somebody to share content. The game is, fool the victim into believing this is the content they’re waiting on, so...
Recent Comments