With a name like ‘Freaky Leaky SMS’ I had to cover this research. Freaky Leaky SMS: Extracting User Locations by Analyzing SMS Timings (arxiv.org) At the moment this a research paper, the “attack” has only be carried out in the lab and it takes a large amount of preparatory work. …
Earthquake = Scams
There has been a terrible series of earthquakes in Syria and Turkey – so expect the amount of scam traffic email, texts and websites to leap up in the coming days as the scammers take advantage of people’s suffering and other’s compassion. This article by Johannes Ullrich has some very …
“Don’t click on that link”
Yesterday I published an article on CyberAwake discussing the advice every security expert gives (including myself) “don’t click on that link”. Don’t blame your team “Just Click Here” – CyberAwake It’s more complicated than you would expect.
If you get a text from The Metropolitan Police it may not be scam
It will be worth checking out the text carefully as the Met is going to text about 70,000 victims of banking fraud, having arrested an East Londoner who is accused of running an international phone fraud: Police to text 70,000 victims in UK’s biggest anti-fraud operation – BBC News The …
Continue reading “If you get a text from The Metropolitan Police it may not be scam”
More Twitter issues – and why text messages are a poor authentication option
Now the SMS text authentication is only working for some people: Twitter’s SMS Two-Factor Authentication Is Melting Down | WIRED Do you want to know why SMS text message authentication is a very poor third behind app based multi-factor authentication and just about anything else? Read on: Twitter ‘closes offices’ …
Continue reading “More Twitter issues – and why text messages are a poor authentication option”
Every major event will attract cyber criminals. What is your organisation doing on Monday 19 September?
The death of Her Majesty Queen Elizabeth II and the associated ceremonies and period of national mourning will be no exception: Potential phishing activity update – NCSC.GOV.UK The National Cyber Security Centre has issued a warning that the potential for malicious phishing, social engineering and scam cyber-attacks is very high …
How do threat actors get hold of your login credentials? They just ask you to send them over!
The US Government has issued a warning over the growth of text messages that are designed to manipulate you into giving away your secret information. US govt warns Americans of escalating SMS phishing attacks (bleepingcomputer.com) If it is happening in the US, why not extend the attacks to other English …
