Cyber News
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
Microsoft Warns of Increasing OAuth Office 365 Phishing Attacks
February 8, 2021
Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, BleepingComputer has learned. These attacks were part of two campaigns that ran between September and December 2020, targeting victims in multiple recurring waves. Read more >>>
New Phishing Attack Uses Morse Code to Hide Malicious URLs
February 8, 2021
A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment. Read more >>>
The concept of TMI – too much information – doesn’t just apply to socially awkward dinner conversations with your surprisingly loose-lipped blind date. Employees and executives are often oversharing personal details on social media and even in automated out-of-office (OOO) email messages. And under the wrong circumstances, an attacker could use some of these shared details to gain access to company networks. Read more >>>
What You Need to Know About Scam Text Messages in 2021
February 3, 2021
The threat of scam text messages may now seem distant, even quaint. With the new, exotic and sophisticated attacks that have arisen in the past decade, surely text message attacks are low on the list. But they can still be a big problem. Short message service (SMS) scams are social engineering attacks that work like email phishing attacks. Called ‘smishing’ (a mashup of SMS and phishing), the attacks aim to trick the victim into providing info or access that benefits the attacker. Read more >>>
The Office of the Washington State Auditor is investigating a security incident which has compromised the personal information of more than 1.6 million people who filed for unemployment claims in the state in 2020. State Auditor Pat McCarthy’s office blamed the breach on a third party software provider named Accellion, whose services are used to transmit computer files. Read more >>>
Phishing campaign lures US businesses with fake PPP loans
February 3, 2021
Threat actors are sending phishing emails impersonating a Small Business Administration (SBA) lender to prey on US business owners who want to apply for a Paycheck Protection Program (PPP) loan to keep their business going during the COVID-19 crisis. Read more >>>
