PINDROP BLOG

Category: Authentication

June 23, 2017
Tech Support, Email Fraud Schemes Top FBI Internet Crime List
Fraudsters are continuing to have quite a bit of success with business email compromise scams. Last year, companies in the United States lost more than $360 million to these schemes, an increase of nearly 50 percent from 2015. The FBI’s 2016 Internet Crime Report, which the bureau’s Internet Crime Complaint Center (IC3) released Thursday, includes…
Read More →
June 13, 2017
Europol Dismantles International Fraud Ring
Police have dismantled a payment-card fraud network that stretched across Europe and had the capability to clone payment cards, install skimmers on ATMs, and is responsible for hundreds of thousands of dollars in losses. The fraud ring was operating not just in Europe, but also in the United States, the Dominican Republic, Peru, Malaysia, Costa Rica,…
Read More →
June 9, 2017
Phishing Attacks Using SSL Spike
Phishing crews increasingly are using sites with valid SSL certificates in order to make their attacks appear more legitimate, a new report shows. In the last couple of years it has become much easier and faster for site owners to obtain SSL certificates for their sites, thanks to the emergence of free CAs such as…
Read More →
June 7, 2017
Apple to Switch Users to 2FA on iOS 11, macOS High Sierra
With the upcoming releases of iOS 11 and macOS High Sierra later this year, Apple is planning to force many users to adopt two-factor authentication for their accounts. The company this week sent an email to customers who have the existing two-step verification enabled for their Apple IDs, informing them that once they install the public…
Read More →
June 1, 2017
Google Upgrades Gmail Defenses Against Phishing and Malware
Google is rolling out a new set of protections for Gmail customers that rely on machine learning to help better identify phishing messages and malicious attachments. Gmail is popular among both consumers and small and medium enterprises, which rely on it for low-cost hosted email and apps. The service also is one of the larger…
Read More →
May 31, 2017
Preventing Forgery With Paper Fingerprinting
In a new study out from a UK based research team, scientists have discovered an inexpensive and easy-to-use way to validate the authenticity of any paper document solely by taking a picture of it with a camera. Capturing the random interweaving of the wooden particles that are used to make up paper, the research team…
Read More →
May 26, 2017
RoughTed Malvertising Campaign Bypasses Ad Blockers
A long-running, multi-faceted, malvertising campaign has been found using a technique that enables the sites involved to bypass the protections of ad blockers. Malvertising campaigns can take a lot of different forms and they often involve multiple layers of compromised or malicious sites and lots of redirections. Some campaigns are connected to malware operations and…
Read More →
May 23, 2017
On the Wire Podcast: Yanick Fratantonio and Simon Chung
A team of researchers from the University of California at Santa Barbara and Georgia Tech this week published detailed research on a set of weaknesses and vulnerabilities in Android that can allow an attacker to use a malicious app to completely control the UI of a device. The Cloak & Dagger attacks, as they’re called,…
Read More →
May 16, 2017
DocuSign Says Breach Led to Phishing Campaign
A recent compromise of a system at DocuSign, the electronic document signing vendor, led to a phishing campaign that’s hitting some of the company’s customers right now. Officials at DocuSign said they had noticed an increase in phishing emails to some customers and users in recent days and began investigating whether the company’s eSignature service…
Read More →
May 15, 2017
Google to Streamline Android Update Process
For a decade, Android users have had to rely on a byzantine update process involving Google, device manufacturers, and carriers in order to get security patches and new versions of the operating system. Google is now trying to streamline this process and get updates into users’ hands more quickly through a plan called Project Treble.…
Read More →