Podcast Episode Details
Back to Podcast Episodes
Malware-Less Email Attacks, Equifax Breach Updates, Vizio Class Action Lawsuit
This is the Shared Security Weekly Blaze for September 17, 2018 sponsored by Security Perspectives – Your Source for Tailored Security Awareness Training and Assessment Solutions and Silent Pocket. This episode was hosted by Tom Eston. Listen to this episode and previous ones direct via your web browser by clicking here. You can also watch each episode of the podcast on our YouTube Channel!
Show Transcript
This is your Shared Security Weekly Blaze for September 17th 2018 with your host, Tom Eston. In this week’s episode: Malware-less email attacks, Equifax breach updates and the Vizio class action lawsuit.
Silent Pocket is a proud sponsor of the Shared Security Podcast! Silent Pocket offers a patented Faraday cage product line of phone cases, wallets and bags that can block all wireless signals, which will make your devices instantly untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order. Visit silent-pocket.com to take advantage of this exclusive offer.
Hi everyone, this is Tom Eston, Co-host of the Shared Security podcast. Welcome to the Shared Security Weekly Blaze where we update you on the top 3 security and privacy topics from the week. These weekly podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.
Security vendor FireEye released research this past week which shows that 90% of the half-a-billion emails, blocked through their product in the first half of 2018, were found to be “malware-less”. Meaning, there were no malicious attachments or other code within the email itself that would attempt to compromise victims. Phishing actually made up 81% of what are considered malware-less attacks. Malware-less attacks also use impersonation of a trusted sender or company and include intimidation, links to malicious sites and sometimes forged requests. Other interesting data points include: malware-based attacks were most common on Mondays and Wednesdays and that malware-less attacks were most likely to occur on Thursdays. Data from the report also notes that phishing attacks will continue to rise.
Just for a minute, let’s forget about the day of the week that attacks like these are most likely to occur and focus on what you should do if you do receive a malware or malware-less email in your inbox. As we all know, social engineering techniques are often used to convince you to click a link or submit sensitive information to the attacker. In fact, we just released episode 80 of our monthly show with social engineering expert, Chris Hadnagy in which we talk to him about the different types of social engineering techniques used in phishing and many other types of attacks. It was great having Chris on the show so definitely give this episode a listen. Emails using social engineering techniques are one of the most popular ways to target victims because email is still one of the primary means of communication that we all use, especially in the business world. While many businesses typically have some type of security product to screen emails for potential attacks, it won’t help in situations with personal email or when these products don’t work as expected. Your first line of defense is to “think before you click”. This means for any suspicious email, take a step back for 30 seconds, read the email carefully and look for clues that indicate that the email might be a phishing attack. Check out our show notes for a Published on 7 years, 3 months ago