Cyber Security and Data Threat Round Up 12 December 2019
Welcome to the third in our series of fortnightly blogs which comprises of information gleaned from the National Cyber Security Centre (NCSC).
These blogs bring together the latest cyber security threat reports. Please feel free to share this information with your own customer base.
In this threat round up blog…..
Website ‘free giveaway’ steals login credentials
Cyber security researchers have uncovered a fake ‘free giveaway’ website that tricks users into revealing their login credentials. Cyber criminals posted links to a phishing website in the comments section of the legitimate Steam website, encouraging users to visit a convincing – but fake – page that contained free downloadable content for the platform.
In order to download the content, users were instructed to log in to the fake site using their Steam credentials. While the screen looks like a legitimate Steam login page, any usernames and passwords that users entered were sent to the attackers instead.
Phishing scams such as this are a particularly devious method used by cyber criminals to steal sensitive information, and it can be a worrying time for victims. Using Password Managers can also help prevent this kind of attack.
Millions exposed after data breach
A US mass text service provider has unintentionally leaked the data and personal information of millions of customers.
True Dialog, which specialise in mass text messaging and SMS marketing, had inadvertently left their Oracle Marketing Cloud database without protection, exposing 604GB – the equivalent of one billion entries – of sensitive information.
The breach exposed the email addresses, full names and phone numbers of recipients, as well as the content of messages. True Dialog resolved the issue a day after being alerted to it by cyber security researchers.
Large stores of data are a tempting target for attackers, and anyone concerned about the security of their online accounts should follow the guidance in ‘Top tips for staying secure online’ from the NCSC.
Mobile breach affects more than a million customers
Over a million T-Mobile customers have been affected following a data breach conducted by a cyber-criminal.
The telecoms company confirmed last weekend that the malicious actor had obtained personal data, although financial data and passwords were not stolen. In a disclosure notice, T-Mobile confirmed it had discovered and shut down the unauthorised access and had reported the incident to authorities.
Even if passwords or financial data have not been stolen, it is still possible for criminals to use personal data steal identities and gain access to accounts. It’s important to remain aware of potential phishing scams following data breaches.
To find out more about these threats please visit https://www.ncsc.gov.uk/section/keep-up-to-date/threat-reports.
Ready to join the revolution?
If you are in the cyber or cloud space and want to generate more demand for your existing products and services, Boost Technology Group can help. Our award-winning team can help your cyber and cloud organisation improve your chances of winning business through the provision of specialist demand generation marketing, sales education and sales enablement services.
To find out more contact us and book a FREE discovery call.
Call: 0203 740 4074