logo

Top

Author: Shashi Prakash

Midterm elections are just a few days away and the scourge of fake news and propaganda sites shows no sign of slowing down. In fact, the misinformation such sites have is getting far more challenging to detect with Artificial Intelligence based tools. In order to highlight the problem, here is a quick quiz. Which one(s) of the following news headlines do you think are fake? “Meghan Blames Trump For Journalist Being Slaughtered, Gets Nasty Surprise” “Michael Moore Suggests Trump...

Equifax, one of the three major credit bureaus in U.S. made a disclosure on Sept 7th that they suffered a massive data breach on July 29th, 2017. They reported an estimated 143 million consumers may be impacted, making it one the largest breaches in U.S. history. As security researchers, we've been closely monitoring the news since it broke out. In this blog post, we share some early domains that look suspicious and are worth monitoring closely. As...

Tech support scams have been around for several years now but there are no signs of them going away. A recent crackdown by the Federal Trade Commission revealed that one Florida-based scamming company alone, victimized over 40,000 users between November 2013 and 2016. This resulted in these victims losing a total of $25 million. Another report published by the FBI, reveals there were 10,850 tech support scam complaints in 2016 alone, resulting in a loss of...

There has been quite a bit of talk lately in the media around Homograph attacks following the disclosure of a browser vulnerability by Xudong Zheng. The technique itself is not new as we've seen several talks in the past at security conferences, from as early as 2012. The good news is most modern browsers have mechanisms in place to limit homograph attacks and Zheng's proof-of-concept exploited a very specific vulnerability as you can read in his post. A...

If you use email, chances are you are aware on how to spot phishing emails. It turns out that is not enough to be safe from phishing online, with bad actors increasingly getting creative with their techniques to steal sensitive user data. We spotted a very recent Twitter account that got active barely 16 hours prior to the time of this post. It infringes on Natwest bank's brand and has been tweeting replies to unsuspecting users with links to...

As the U.S. tax filing season for 2017 approaches, we are seeing an expected rise in phishing attempts, largely trying to steal sensitive information like SSNs, IDs, bank accounts etc. This problem is only expected to grow as the tax filing deadline of April 18 gets closer. The Internal Revenue Service (IRS) recently issued an advisory  for tax professionals and tax payers to be wary of emails and links when the source is unknown or looks suspicious. It is also...