fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Crooks Impersonate US Govt Agencies Offering Financial Aid

Crooks Impersonate US Govt Agencies Offering Financial Aid

Cybercriminals looking to steal personal information are baiting U.S. citizens with emails purporting to be from government agencies offering federal assistance.

Bad actors are sending out messages purporting to be from federal government entities offering financial aid or unemployment assistance during the pandemic.

Personal data and credentials

The purpose of the phishing campaigns is to collect personal data that could be used for identity theft or usernames and passwords that could be used for credential stuffing attacks.

For one malicious message, email protection company Inky says that the cybercriminals lured victims with a fake government program that offers up to $5,800 in cash payments.

The link to the program looks suspicious but clicking on it leads to a “hijacked domain that impersonates the U.S. federal government,” Inky says in a report today.

Also Read: Best Privacy Certification: 3 Simple Steps On How To Achieve

A form on the malicious site asks the victim initially for their name and date of birth, to access another form that asks for additional info including the social security number, driver’s license, address, postal code, state, phone number, and email address.

With all the data filled in, the crooks thank the victim for the input and leave the promise to contact them “as soon as possible.”

A second phishing email is an alert for suspicious activity. It impersonates the Pandemic Unemployment Assistance (PUA) program, managed by each state. The fact that the message appears to come from the federal government should be a red flag.

Just like in the previous message, the link in this email leads to a page hosted on a domain that had been compromised.

The information requested here are the victim’s username and password. After getting the data, the victim is redirected to the genuine Unemployment Insurance Relief program from the U.S. Department of Labor.

Also Read: Computer Misuse Act Singapore: The Truth And Its Offenses

“These are just two examples of phishing attacks tailored to today’s headlines. The pitches are designed to prey on the anxieties of ordinary people, who are unlikely to notice the slight discrepancies, misspellings, and odd link names until it is too late” – Inky

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us