DMARC: Is It Really a Solution to the Spoofing and Phishing Problem?

Spoofing and phishing, the practice in which criminals send e-mails masquerading as a trusted source in order to obtain users’credentials or install malware on the victim’s computer, has long been a problem that has plagued financial institutions, the healthcare industry, law firms and others. The concept is simple: an e-mail is sent that appears to […]

Read More

The Next Great Phishing Opportunity

By Robert Uomini, Ph.D For many years, financial institutions, from the smallest local savings and loans with a few hundred depositors to nationally-known banks having tens of millions of retail customers, have been plagued by spoofers: individuals and organizations masquerading as banks or other trusted entities in order to gain access to customers’ credentials for […]

Read More

Google Study: Handcrafted E-mail Spoofs VERY Effective

We all hear about the automated attacks where cyber-criminals try to fool us into responding to an e-mail that leads us to giving up sensitive information about ourselves. They are sent to millions of people and are usually easily detected because of their generality. Google just released a study that speaks about criminals that take […]

Read More

Russian hackers use ‘zero-day’ to hack NATO, Ukraine in cyber-spy campaign

If they had been using ChiaraMail technology (ECS) this would have been prevented. The payload never would have been delivered because the sender would not have been verified.   (KACPER PEMPEL/REUTERS) By Ellen Nakashima October 13 A Russian hacking group probably working for the government has been exploiting a previously unknown flaw in Microsoft’s Windows […]

Read More

The Encryption Dilemma

Recently the Mercury News printed an Associated Press article entitled “More turn to encrypted email amid spying fears”. you can read the article here and I have attached it below as well. The article states that many internet companies like Google, Yahoo and Facebook are now automatically encrypting users’ messages given the recent privacy concerns. […]

Read More

U.S. Cybercrime Survey Lists Phishing in Top Incidents List

A just published report called “US cybercrime: Rising risks, reduced readiness” summarizes the findings from the 12th annual U.S. State of Cybercrime Survey sponsored by PwC, CSO magazine, the CERT division of Software Engineering Institute at Carnegie Melon University and  the United States Secret Service.   Some key findings that caught my eye were: 1. […]

Read More

Warning: Apple E-mail Attachments Not Secure

  According to Andreas Kurtz, a security researcher who tested the security of Apple’s iOS7 e-mail application, Apple is not encrypting attachments leaving them exposed to theft. Kurtz posted this in his blog on April 23, 2014 and said that he has informed Apple but has yet to hear when they might address the issue. […]

Read More