phishing | Smart Thinking Solutions

28 January 202228 January 2022

Training is everything when it comes to phishing emails

Here is another example of a phishing attack, from SANS Internet Diary – although I am not sure the average user will know what to do with an ISO file? The attack is interesting as it uses Base 64 to obscure it from detection. Malicious ISO Embedded in an HTML …

Continue reading “Training is everything when it comes to phishing emails”

27 January 202227 January 2022

What PII was compromised in 2021?

This is an interesting article looking at cyber attacks in 2021. Personal identifying information for 1.5 billion users was stolen in 2021, but from where? – TechRepublic

27 January 202227 January 2022

Be aware of COVID-19 testing scams – get trained to deal with these threats

This a complex, but easily implemented by the hackers, hoax, being run by cyber criminals right now. It is based around COVID-19 home testing kits and the subsequent results. Cybercriminals are exploiting COVID-19 tests in phishing attacks – TechRepublic Phishing Emails The vector for the attack is primarily through email …

Continue reading “Be aware of COVID-19 testing scams – get trained to deal with these threats”

19 January 202221 January 2022

More phishing spam – education is the best defence

It is always good to know the latest ways hackers are trying to deceive you. An obvious way to make you feel comfortable with their junk email is to make it look like a legitimate security tool report. Here is a good example reported by SANS Internet Diary of just …

Continue reading “More phishing spam – education is the best defence”

23 December 202123 December 2021

Phishing campaigns – Indeed

One of the things we advise people to do on our Phishing and Social Engineering training, is to be very aware of the look and feel of any login pages and web sites they are directed to, as bad actors may not get it completely right – so if they …

Continue reading “Phishing campaigns – Indeed”

9 December 20219 December 2021

You should know that Phishing is not always done by email

There is an article on the Sans Internet Storm Diary looking at a phishing attack/exploit that is running on Discord. Phishing Direct Messages via Discord (sans.edu) Now you may not know what Discord is, but your takeaway from this blog post is that phishing is not just something that attacks …

Continue reading “You should know that Phishing is not always done by email”

18 November 202118 November 2021

More phishing email threats in the wild – health check your technical cyber security defences

The SANS Internet Storm diary is reporting a new wave of the Agent Tesla, information stealing, Trojan. JavaScript Downloader Delivers Agent Tesla Trojan – SANS Internet Storm Diary More evidence you need to keep your technical defences up to date. Octagon Technology has a range of managed services and advanced …

Continue reading “More phishing email threats in the wild – health check your technical cyber security defences”

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.