The Year Targeted Phishing Went Mainstream
August 6, 2018
A story published on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. And with good reason — sex sells (the second most-read piece here was my 2015 scoop about the Ashley Madison hack).
But beneath the lurid allure of both stories lies a more unsettling reality: It has never been easier for scam artists to launch convincing, targeted phishing and extortion scams that are automated on a global scale. And given the sheer volume of hacked and stolen personal data now available online, it seems almost certain we will soon witness many variations on these phishing campaigns that leverage customized data elements to enhance their effectiveness.
A strong cybersecurity strategy starts with secure backups in case you ever need to restore your data. CYF4® – Enveloc® FedRAMP Azure Government Cloud Backup uses the Azure Government Cloud combined with End-to-End AES 256-bit encryption to protect your data.