Hit with the Spear

To understand how spear phishing works, how it differs from phishing attacks, this article breaks down the attack into 4 stages: Identify, Research, Email and Action. Many of the tell-tale signs of spear phishing are similar for phishing and covered in more detail in Caught in the Net, one of our previous articles. Stage 1 […]

Read more

Unsafe Financial Transactions

Despite continuous reports of financial fraud in the media, history appears to keep repeating itself. The same frauds are still being carried out, and the only real difference, is an increase in the level of fraud, not a decrease due to increased awareness. Earlier this month I published an article called ‘deviation from the norm’ […]

Read more

12 Months of GDPR

General Data Protection Regulation (GDPR) became law in the UK exactly one year ago and this article reports on personal observations over a 12-month period. One thing that is clear, is that GDPR has created greater awareness of best practices for handling personal data. This is precipitated by the fear of financial penalties of up […]

Read more

Choosing Suppliers Online

Protecting personal information is a serious concern for everyone, and when choosing suppliers online for whatever purpose, it will be necessary to share some information in order to avail yourself of the services being offered. It is your responsibility to choose carefully who you trust with your personal information. Does the business have an established […]

Read more

Caught in the net

Phishing emails continue to trick people into giving away personal information which can be used by fraudsters to inflict harm and financial losses on their victims. Emails can be extremely convincing, made to look like they come from anyone, and with just enough bait on the hook for people to be easily caught. Fake websites […]

Read more

More on passwords

The strange thing about writing a password blog, is that most of it is the same as what was being discussed 20 years ago, so the challenge is not writing about passwords, but in fact making the subject of passwords interesting to read. The key difference is that during these 20 years the use of […]

Read more

Bring Your Own Devices

Should employees be allowed to bring their own devices into the work place and connect them to the corporate network? There are mixed views on this, and the key point is to carefully consider the advantages and disadvantages, and then define corporate policy. Personal devices in the workplace are a high risk and the IT […]

Read more

.EU domains after Brexit

In March 2018 the European Commission announced that upon the United Kingdom’s departure from the European Union, businesses and individuals in the United Kingdom will no longer be entitled to register .EU domains or renew existing .EU domains. More information is available here: https://ec.europa.eu/digital-single-market/en/news/notice-stakeholders-withdrawal-united-kingdom-and-eu-rules-eu-domain-names A number of workarounds have been identified and advertised such as […]

Read more

The paper data breach

In the digital age, much emphasis is placed on protecting electronic data, but very little seems to have changed in the way of protecting data on paper. Here are a few examples: Charity – I am often approached on the street by a representative of a charity wanting monthly donations by direct debit. While listening […]

Read more