In this 3-minute read, I'll tell you how a software company got fooled by a blatant phish
- Twilio Breach - How it happened
- Phishing 101
- Defending yourself against phishing
… and how we protect ourselves in situations like these.
Twilio Breach - How it happened ...
Twilio SaaS (Software as a Service) platform focused on customer engagement, announced on Monday (August 15, 2022) that a "sophisticated" threat actor achieved "unauthorized access" using an SMS-based text message phishing campaign targeted at its staff to gain information on a "limited number" of accounts.
Read More: Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack
Web infrastructure company Cloudflare disclosed this Tuesday (August 16, 2022) that at least 76 employees and respective family members received text messages on their personal and work phones that included similar characteristics as that of the above-mentioned attack.
❌ Stop worrying about cyber threats and getting hacked.
✅ Start protecting your personal information and finances.
DISCOVER the most dominant cyber threats out there and how they plan to hack you.
PROTECT your personal information, mobile devices, social media, and finances.
REVEAL the defensive best practices that the bad guys don’t want you to know!
My latest eBook is the ULTIMATE reference for DEFENDING yourself against various types of CYBER THREATS.Get your FREE copy now!
Phishing attacks and schemes, both leveraging email and SMS, are known to lean on aggressive scare tactics to coerce victims into handing over their sensitive information.
Social Engineering = Social engineering is a manipulation technique that exploits human error to gain private information, access, or valuables. (Kaspersky)
Check out some of these statistics:
- In 2021, 83% of organizations reported experiencing phishing attacks. In 2022, an additional six billion attacks are expected to occur.
- Last year, roughly 214,345 unique phishing websites were identified, and the number of recent phishing attacks has doubled since early 2020.
- Roughly 65% of cyber attackers have leveraged spear phishing emails as a primary attack vector.
Want to understand the MOST ADVANCED Penetration Testing Distribution - Kali Linux?
Hacking is simple yet at the same time very complex.
Why not start at the beginning with Hacking with Kali Linux, Bash, and Python (Cybersecurity eBook)
This ebook is the ULTIMATE reference for the KALI LINUX distribution and teaches Linux basics with a focus on how HACKERS would leverage them.Download Now
Defending yourself against phishing
When it comes to scams related to email, text messages, and even phone calls, I like to educate people using what's known as the STOP method.
The STOP Method is an acronym that goes like this:
- S - Is the message suspicious?
- T - Is the message telling you to click something?
- O - Is the message offering you something too good to be true?
- P - Is the message pushing you to act quickly?
Security Tip(s) of the Week:
- ALWAYS use critical judgment
- Multi-Factor Authentication is a MUST
- Remain humble, we are only human!
That is all for now, talk to you next week!
If you enjoyed this post, you'll love The Secure Entrepreneur Newsletter.
The Secure Entrepreneur newsletter is the result of 10+ hours of reading, analysis, and original thought on the topics of cybersecurity, business, and technology —sent as a 10-minute read every Thursday morning.
Join the thousands of people getting the best finds every Thursday morning…Sign Up Now
Michael @TrillTayo - The Secure Entrepreneur