News Recap: Cyber Attacks through Social Engineering

By | February 7th, 2014|Uncategorized|

social engineeringIn today’s digital age, nearly everything we do online requires an account composed of a username, password and other important personal data – including answers to private questions for password reset options – unique to each individual. It’s these pieces of information that are the foundation for a person’s “digital life,” or what you could call your digital DNA. Building a digital life through online accounts typically makes things easier and provides such benefits as increased efficiency, ease of use and personalization. Despite the many conveniences, your digital life could be in great danger without proper security precautions. One of the latest trends of online attackers is social engineering, which is the practice of manipulating users into performing certain action that will provide the attacker privileged information.

Karissa Bell of Mashable shared the story of Naoki Hiroshima – a man with a coveted digital presence. According to Bell, “Naoki Hiroshima claims to have tweeted using the @N handle since signing up for Twitter in 2007. In that time, he said, he has fended off multiple attempts by attackers to take control of the coveted one-character account. He claims he was once even offered $50,000 in exchange for the handle.” Bell goes on to tell the story of how Hiroshima experienced several breaches of online accounts including PayPal, GoDaddy and Facebook that eventually ended in the hacker blackmailing Naoki into handing over control of his @N Twitter handle.

In his own words, Hiroshima wrote, “As of today, I no longer control @N. I was extorted into giving it up.” Continuing his story, Hiroshima describes with great detail the great lengths his attackers went to in order to secure his information, including holding his GoDaddy domain names and other information hostage until the handle was released. Knowing the severity of his attackers to his digital livelihood, Hiroshima saw no other option than to relinquish the desired Twitter handle.

What can you do in order to protect your digital presence from attacks like this? How can you work with third party sites to better protect your information? What tools can be used to better monitor your digital presence? Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

News Recap: Feb. 1 is National Change Your Password Day

By | January 31st, 2014|Uncategorized|

PWWith the recent release of 2013’s worst passwords, there has been a good deal of discussion about the importance of good password habits. And what better time for this discussion than now, considering National Change Your Password Day is this Saturday, February 1st.

SpiceWorks’ Peter Tsai discusses password protection, the dangers that poor password security presents from an IT perspective, and what to do on the upcoming National Change your Password Day. Ultimately, Tsai encourages readers to take advantage of the holiday with following tips:

  1. Enforce a strong password policy
  2. Don’t store your passwords out in the open!
  3. Implement 2 factor authentication in your IT environment
  4. Enable 2 factor authentication on your personal accounts
  5. Consider using password management software
  6. Password protect and secure your mobile devices
  7. Consider a MDM solution for BYOD devices that have access to your network

We found in a survey last year that poor password habits are rampant: 44 percent of consumers change their passwords only once a year or less, and 61 percent of people reuse passwords across multiple websites. So in addition to Tsai’s tips, we also encourage you to take a few minutes on Change Your Password Day to make sure your own passwords – personal and professional – are long and strong, and vary across websites! For more about how to spruce up your passwords and the importance of password security, see our white paper and infographic on the topic.

How are you going to participate in National Change Your Password Day? What are your go-to tips for maintaining secure password habits, personally or in the workplace? Let us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Load More Posts