Freelance Word Punk

[THIS SITE IS NO LONGER BEING UPDATED - IF YOU HAVE ENDED UP HERE YOU ARE IN THE WRONG PLACE, PLEASE CLICK WWW.HAPPYGEEK.COM TO VIEW NEW CONTENT BY DAVEY WINDER]

Saturday, March 28, 2015

Don't click on this link: How to avoid the cloud credential scammers

When we think of cloud security, more often than not it is in terms of protecting our data in transit and at rest. However, sometimes it helps to broaden our view of the cloud security threatscape because when we do then all sorts of risks sitting on the periphery come into view. Risks such as those posed by cloud credential phishers. Cloud what now? Well, everyone should be well aware of those cyber criminals who seek to con victims into visiting a 'clone bank site' in order to grab the login credentials of the user and then wipe their accounts of cash. Equally, most folk know about email document attachments, which actually execute a malware installation, often with a similar credential-scraping payload. However, as more and more of us gain this awareness of the techniques used so the less effective they become. This effectiveness is further hampered by improvements in online banking security including the use of two-factor authentication for example. So the bad guys are looking for new routes to the same old credentials and new ways to get that malware installed. Which is where the cloud comes in.
Newer Post Older Post Home

Blog Archive




Co-founder of IT Security Thing Ltd, Davey Winder is a three time winner of the Information Security Journalist of the Year award (2006/2008/2010) and received the prestigious Enigma Award for his lifetime contribution to information security journalism in 2011.



Simple theme. Powered by Blogger.