<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Open Sans";}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.readmsgbody, li.readmsgbody, div.readmsgbody
{mso-style-name:readmsgbody;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.externalclass, li.externalclass, div.externalclass
{mso-style-name:externalclass;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:363673115;
mso-list-template-ids:-1003178000;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1
{mso-list-id:449979275;
mso-list-template-ids:1960850466;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2
{mso-list-id:713232325;
mso-list-template-ids:1421536780;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3
{mso-list-id:1463038828;
mso-list-template-ids:-768054538;}
@list l3:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l3:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1027" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor="white" lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Good morning.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">I wanted to share the below phishing alert information as well as the additional items from KnowBe4.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Thanks,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Thor<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Thor Sage<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Executive Director<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Miami Valley Educational Computer Association<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">937-767-1468 x3101<o:p></o:p></span></p>
<p class="MsoNormal"><a href="http://www.mveca.org/"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;text-decoration:none"><img border="0" width="174" height="64" id="Picture_x0020_1" src="cid:image001.jpg@01D3BAC1.29928900" alt="http://www.mveca.org/images/logo.gif"></span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">
</span><a href="https://www.linkedin.com/company-beta/3947840/"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;text-decoration:none"><img border="0" width="32" height="32" id="_x0000_i1033" src="cid:image002.jpg@01D3BAC1.29928900" alt="i"></span></a><a href="https://twitter.com/mvecarcog"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;text-decoration:none"><img border="0" width="32" height="32" id="Picture_x0020_2" src="cid:image003.jpg@01D3BAC1.29928900" alt="t"></span></a><a href="https://www.facebook.com/MVECA-707401659416692/"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;text-decoration:none"><img border="0" width="32" height="32" id="Picture_x0020_3" src="cid:image004.jpg@01D3BAC1.29928900" alt="f"></span></a><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><i><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Not-for-profit Technology Services for Education and Local Governments<o:p></o:p></span></i></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
</div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> CyberheistNews [mailto:feedback@knowbe4.com]
<br>
<b>Sent:</b> Tuesday, March 13, 2018 10:12 AM<br>
<b>To:</b> Thor Sage <sage@mveca.org><br>
<b>Subject:</b> [ALERT] "A Really Difficult Phishing Scenario That's Very Hard To Beat"<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%">
<tbody>
<tr>
<td style="padding:0in 0in 0in 0in">
<p class="MsoNormal"><img border="0" width="1" height="1" id="_x0000_i1025" src="http://newsletter.knowbe4.com/a/1022/open/727/2101618/c6d3f9aed783cb61c1c1c6ca74bddcd983748657"><o:p></o:p></p>
</td>
</tr>
<tr>
<td style="padding:0in 0in 0in 0in">
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:600px;float:left">
<p class="MsoNormal" style="line-height:9.0pt"><span style="font-size:7.5pt;font-family:"Open Sans";color:#676767">[ALERT] "A Really Difficult Phishing Scenario That's Very Hard To Beat"<br>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:200px;float:right">
<p class="MsoNormal" align="right" style="text-align:right;line-height:9.0pt"><span style="font-size:7.5pt;font-family:"Open Sans";color:#676767">Email not displaying?<br>
<a href="http://newsletter.knowbe4.com/a/1022/click/727/2101618/b0b95ee283cb9cc9fc41475b777a158c4a77b943/c6d3f9aed783cb61c1c1c6ca74bddcd983748657" target="_blank"><span style="color:#F16824;text-decoration:none">View Knowbe4 Blog</span></a></span><o:p></o:p></p>
</div>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal" align="center" style="text-align:center"><a href="http://newsletter.knowbe4.com/a/1022/click/727/2101618/044ac0b3da603dc543019ea4b8f92228baf8fbe8/c6d3f9aed783cb61c1c1c6ca74bddcd983748657" target="_blank"><span style="text-decoration:none"><img border="0" id="_x0000_i1026" src="http://cdn2.hubspot.net/hubfs/241394/CHN-LOGO-2017-1.png"></span></a><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="1" width="100%" align="center">
</div>
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:10.5pt;font-family:"Open Sans";color:#676767">CyberheistNews Vol 8 #11 | March 13th., 2018</span>
<o:p></o:p></p>
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="1" width="100%" align="center">
</div>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">[ALERT] "A Really Difficult Phishing Scenario That's Very Hard To Beat"</span><!--[if gte vml 1]><v:shapetype id="_x0000_t75" coordsize="21600,21600" o:spt="75" o:preferrelative="t" path="m@4@5l@4@11@9@11@9@5xe" filled="f" stroked="f">
<v:stroke joinstyle="miter" />
<v:formulas>
<v:f eqn="if lineDrawn pixelLineWidth 0" />
<v:f eqn="sum @0 1 0" />
<v:f eqn="sum 0 0 @1" />
<v:f eqn="prod @2 1 2" />
<v:f eqn="prod @3 21600 pixelWidth" />
<v:f eqn="prod @3 21600 pixelHeight" />
<v:f eqn="sum @0 0 1" />
<v:f eqn="prod @6 1 2" />
<v:f eqn="prod @7 21600 pixelWidth" />
<v:f eqn="sum @8 21600 0" />
<v:f eqn="prod @7 21600 pixelHeight" />
<v:f eqn="sum @10 21600 0" />
</v:formulas>
<v:path o:extrusionok="f" gradientshapeok="t" o:connecttype="rect" />
<o:lock v:ext="edit" aspectratio="t" />
</v:shapetype><v:shape id="_x0000_s1026" type="#_x0000_t75" alt="" style='position:absolute;margin-left:56.8pt;margin-top:0;width:108pt;height:108pt;z-index:251658240;mso-wrap-distance-left:0;mso-wrap-distance-top:0;mso-wrap-distance-right:0;mso-wrap-distance-bottom:0;mso-position-horizontal:right;mso-position-horizontal-relative:text;mso-position-vertical-relative:line' o:allowoverlap="f">
<v:imagedata src="http://cdn2.hubspot.net/hubfs/241394/CHN-STU-2017-1.png" />
<w:wrap type="square"/>
</v:shape><![endif]--><![if !vml]>
<img width="144" src="http://cdn2.hubspot.net/hubfs/241394/CHN-STU-2017-1.png" align="right" v:shapes="_x0000_s1026"><![endif]><span style="font-family:"Open Sans";color:#333333"><br>
<br>
I was alerted by a customer about a really difficult scenario that’s becoming all the more frequent. While there’s probably little that can be done in terms of tuning your spam filters and endpoint security tools, new-school security awareness training can
make a difference. Here is the story:<br>
<br>
"Over the past few months, we have been hit with increasing frequency with an attack that follows this 5-step pattern;
</span><o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo1">
<span style="font-family:"Open Sans";color:#333333">A known vendor or customer falls victim to a phishing attack. Their email credentials are compromised, and the “bad guy” gets access to their email account.</span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo1">
<span style="font-family:"Open Sans";color:#333333">They start by changing the password, so that the victim no longer has control.</span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo1">
<span style="font-family:"Open Sans";color:#333333">They then comb through past email correspondence, and using the victim’s account, signature, and logo, send out targeted emails crafted to closely resemble legit correspondence they have had with our company
in the past.</span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo1">
<span style="font-family:"Open Sans";color:#333333">Depending on the “bad guy’s” dedication to his craft, these could be fairly generic, or extremely specific. We’ve received one with an inquiry that referenced a specific real invoice # for that individual.</span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo1">
<span style="font-family:"Open Sans";color:#333333">The email always includes a spreadsheet or PDF. The name can be generic, or can be really specific. We’ve received one titled with a specific real invoice # for that individual.</span><o:p></o:p></li></ul>
<p class="MsoNormal"><span style="font-family:"Open Sans";color:#333333">Because these emails are coming from a real email account for a real business partner, they are very hard to identify, and in some cases they are literally impossible to detect, as they
are carefully crafted copies of past legitimate emails. Naturally, there are a few that cast a wide net, so they are more generic and often contain corrupted grammar or spelling, but others are indistinguishable from real emails."<br>
<br>
<b>What To Do About This Threat</b><br>
<br>
Granted, this is a frustrating and dangerous situation, as the majority of the red flags users have been trained to watch for simply aren’t present if the scammer uses a highly targeted approach like this.<br>
<br>
However, there is one cardinal rule that you need to stress with your users to protect against a scenario like this:
<b>DID THEY ASK FOR THE ATTACHMENT?</b><br>
<br>
If they did not, before the attachment is opened, it's a very good idea to double check using an out-of-band channel like the phone to call and ask if they sent this and why it was sent . There is little else that can be done.<br>
<br>
Yes, that is a little more work. But also, better safe than sorry. You have to constantly work on and reinforce your security culture, anywhere in the world.
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">Surprise FTC Study: *Millennials* Are The Biggest Victims Of Social Engineering</span><br>
<br>
<span style="font-family:"Open Sans";color:#333333">A report from the FTC found that 40% of adults age 20-29 lost money to fraud, while only 18% of adults over the age of 70 did so, challenging the narrative of older adults falling victim to scams.<br>
<br>
Report after report has found that younger adults are the biggest victims of scams. IT leaders need to make sure those users are properly trained on cybersecurity policy and treated like all other employees in regards to security.<br>
<br>
Story, infoGraphic and links at the KnowBe4 Blog:<br>
<a href="https://blog.knowbe4.com/ftc-study-millennials-are-the-biggest-victims-of-social-engineering">https://blog.knowbe4.com/ftc-study-millennials-are-the-biggest-victims-of-social-engineering</a>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">30-second Survey: "I wish I had a tool to..."</span><br>
<br>
<span style="font-family:"Open Sans";color:#333333">When an end-user fell for a social engineering attack, ever had that feeling: "I just wish I had a tool to...." but lacked that tool? Take 30 seconds and let us know what that tool would be?<br>
<br>
Please let me know at this link to Surveymonkey. It may be redirected, so please copy and paste this in your browser:<br>
<a href="https://www.surveymonkey.com/r/lackingtools">https://www.surveymonkey.com/r/lackingtools</a><br>
<br>
Thanks very much in advance! </span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">Social Engineering At The Heart Of Fileless Malware Attacks</span><br>
<br>
<span style="font-family:"Open Sans";color:#333333">Fileless malware is not new, but it is quickly gaining traction among attackers as a common method of compromise. After all, it is stealthy, efficient and capable of evading conventional security systems.<br>
<br>
Today, fileless malware is more than 50% of all attacks. A fileless attack doesn't depend upon installing malicious code in a victim's machine. Instead, the attack subverts legitimate tools in a browser, or an operating system like Windows, turning them against
the user.<br>
<br>
This form of attack is attractive because it's relatively stealthy and difficult for legacy antivirus systems to detect. Basic hygiene, like patching and least privilege policies, is important, but more important are wary users attentive to their risks. Most
fileless malware is distributed by social engineering: phishing, malvertising, watering holes and the like.<br>
<br>
The careless or insufficiently alert can be manipulated to give attackers the means of exploiting weaknesses in browsers or operating systems. Interactive training is seen as a good way of increasing a business's level of protection.<br>
<br>
These technical security measures do not, however, address the issue of human gullibility, which is integral to propagating fileless malware. A fileless malware infection can be spread via a phishing email, malvertising, watering hole or malicious download,
containing a link that, once clicked, enables attackers to exploit security weaknesses in the browser or other applications, and use legitimate programs to execute their own commands.<br>
<br>
Several of these delivery vectors utilize some form of social engineering. This reinforces the need for organizations to train their users on how to recognize and resist social engineering tactics.<br>
<br>
Security awareness training for users should be regular and interactive. The aim is to ensure employees are aware of security risks to the organization and adopt security-conscious behavior. Full article:<br>
<a href="http://www.computerweekly.com/opinion/Security-Think-Tank-Social-engineering-at-the-heart-of-fileless-malware-attacks">http://www.computerweekly.com/opinion/Security-Think-Tank-Social-engineering-at-the-heart-of-fileless-malware-attacks</a>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">Half of Ransomware Victims Recovered Their Data After Paying the Ransom Demand</span><br>
<br>
<span style="font-family:"Open Sans";color:#333333">A massive survey of nearly 1,200 IT security practitioners and decision makers across 17 countries reveals that half the people who fell victim to ransomware infections last year were able to recover their
files after paying the ransom demand.<br>
<br>
The survey, carried out by research and marketing firm CyberEdge Group, reveals that paying the ransom demand, even if for desperate reasons, does not guarantee that victims will regain access to their files.<br>
<br>
Timely backups are still the most efficient defense against possible ransomware infections, as it allows easy recovery.<br>
<br>
<b>Over a quarter of all victims lost their data for good</b><br>
<br>
The survey reveals that 55% of all responders suffered a ransomware infection in 2017, compared to the previous year's study, when 61% experienced similar incidents.<br>
<br>
Of all the victims who suffered ransomware infections, CyberEdge discovered that 61.3% opted not to pay the ransom at all. Some lost files for good (8%), while the rest (53.3%) managed to recover files, either from backups or by using ransomware decrypter applications.<br>
<br>
Of the 38.7% who opted to pay the ransom, a little less than half (19.1%) recovered their files using the tools provided by the ransomware authors.<br>
<br>
The rest (19.6%) lost their data. Ransomware authors either didn't provide ransomware decryption instructions or apps, or these tools did not yield expected results.<br>
<br>
Overall, the study found that over a quarter of ransomware victims (27.6%) lost their data for good, either by paying or not paying the ransom demand.<br>
<br>
<b>Lack Of Security Awareness A Tie With Lack Of Skilled Personnel</b><br>
<br>
They wrote: "Each year, we ask respondents to tell us what’s inhibiting them from defending their respective organizations against cyberthreats. In other words, what’s standing in their way?<br>
<br>
When we first asked the question in 2013 (for our 2014 CDR), we thought for sure that “lack of budget” would come out on top. We were shocked when it only came in at second place, right after “low security awareness among employees.” But what’s even more surprising
is that “low security awareness among employees” remained the top concern among security professionals for the next three years – until this year (see Figure at KnowBe4 blog).<br>
<br>
In 2018, there is a new king of security inhibitors – “lack of skilled personnel.” But if you’ve been paying close attention to inhibitor rankings over the last four years, this shouldn’t come as a surprise: 2014: fifth place; 2015: fourth place; 2016: third
place; 2017: second place; 2018: first place.<br>
<br>
This doesn’t mean that “low security awareness among employees” is no longer of concern. Far from it. In fact, it was only nudged out of first position by one-hundredth of a point. Furthermore, you could say that there was a virtual three-way tie for first
place, with “too much data to analyze” also one-hundredth of a point behind.<br>
<br>
Stepping onto our proverbial soap box for a moment, we want to reiterate our shock and disappointment about IT security organizations’ not doing enough to train company personnel about how to minimize cybersecurity risks through safe computing. (Hello? Is anyone
listening? Bueller? Bueller?)<br>
<br>
Suffering from a shortage of high-quality security talent is completely understandable. But failing – year after year – to invest in your company’s “human firewall” is both inexplicable and inexcusable. Okay, we’ve put away our soap box until next year".<br>
<br>
7 other findings anf figures of the CyberEdge survey at the KnowBe4 Blog:<br>
<a href="https://blog.knowbe4.com/half-of-ransomware-victims-recovered-their-data-after-paying-the-ransom-demand">https://blog.knowbe4.com/half-of-ransomware-victims-recovered-their-data-after-paying-the-ransom-demand</a>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">Live Webinar: What Most Computer Security Defenses Are Doing Wrong and How to Fix It</span><br>
<br>
<span style="font-family:"Open Sans";color:#333333">Most companies have huge gaps in their computer security defenses, and can be compromised at will by a determined hacker. The industry even has a term for it: “Assume Breach”.<br>
<br>
But it doesn’t have to be that way!<br>
<br>
Join Roger A. Grimes, a 30-year computer security consultant and author of 10 books, for this live webinar where he will explore the latest research on what’s wrong with current network defenses and how they got this way. Roger will teach you what most organizations
are doing wrong, why, and how to fix it. You’ll leave this webinar with a fresh perspective and an action plan to improve the efficiency and effectiveness of your current computer security defenses.<br>
<br>
<b>In this live webinar, Roger will show you:</b> </span><o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2 level1 lfo2">
<span style="font-family:"Open Sans";color:#333333">What most companies are doing wrong, why, and how to fix it</span><o:p></o:p></li><li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2 level1 lfo2">
<span style="font-family:"Open Sans";color:#333333">An action plan to improve the effectiveness of your computer security defenses</span><o:p></o:p></li><li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2 level1 lfo2">
<span style="font-family:"Open Sans";color:#333333">How to create your “human firewall”</span><o:p></o:p></li></ul>
<p class="MsoNormal"><span style="font-family:"Open Sans";color:#333333">Attend this webinar and never think about computer security the same way again.<br>
<br>
<b>Date/Time: Thursday, March 15th at 2:00 PM ET<br>
Register Now:</b> <a href="https://attendee.gotowebinar.com/register/8328692117828337921?source=CHN">
https://attendee.gotowebinar.com/register/8328692117828337921?source=CHN</a> </span>
<o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">How Vulnerable Is Your Network Against Ransomware Attacks? Find Out For A Chance To Win!</span><br>
<br>
<span style="font-family:"Open Sans";color:#333333">Bad guys are constantly coming out with new versions of ransomware strains to evade detection. Is your network effective in blocking ransomware when employees fall for social engineering attacks?<br>
<br>
KnowBe4’s free Ransomware Simulator "RanSim" gives you a quick look at the effectiveness of your existing network protection. Plus, you'll be entered to win an awesome 34-Inch Curved UltraWide LG Monitor. To make it even better, we’ll pick 3 winners!<br>
<br>
RanSim has been downloaded thousands of times and run against dozens of AV products. The results have been an eye-opening experience for many IT pros.<br>
<br>
Find out if you’re vulnerable now!<br>
<a href="https://info.knowbe4.com/ransim-sweepstakes-march-2018">https://info.knowbe4.com/ransim-sweepstakes-march-2018</a>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">Live Webinar: Securing the Human Layer</span><br>
<br>
<span style="font-family:"Open Sans";color:#333333">The intersection between technology and human security is a difficult challenge for any organization to tackle, and although detection technologies are advancing, criminals are rapidly evolving their techniques
and tactics to even greater levels of sophistication.<br>
<br>
Their attacks are difficult to detect, and even security administrators themselves fall victim.<br>
<br>
Join Perry Carpenter, Chief Evangelist and Strategy Officer at KnowBe4, as he explains the value of better understanding human nature, patterns and success practices when using technology to build a more secure operating environment.<br>
<br>
Hear practical advice on how to make both security and technology work with (rather than against) human nature to help reduce technology friction and simultaneously raise the security posture and resilience of the organization.<br>
<br>
<b>Key Topics covered in this Webinar:</b> </span><o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo3">
<span style="font-family:"Open Sans";color:#333333">Looking at the multi-dimensional nature of security</span><o:p></o:p></li><li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo3">
<span style="font-family:"Open Sans";color:#333333">Finding relevant intersections between technology & behavior</span><o:p></o:p></li><li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo3">
<span style="font-family:"Open Sans";color:#333333">Strategies to make awareness stick</span><o:p></o:p></li><li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0 level1 lfo3">
<span style="font-family:"Open Sans";color:#333333">Brainstorming activities for planning your custom "Human Firewall"</span><o:p></o:p></li></ul>
<p class="MsoNormal"><b><span style="font-family:"Open Sans";color:#333333">This webinar will help you take your awareness program to the next level.</span></b><span style="font-family:"Open Sans";color:#333333"><br>
<br>
<b>Date/Time: Thursday, March 22nd at 2:00 PM ET </b><br>
<b>Register Now:</b> <a href="https://attendee.gotowebinar.com/register/5050817056946768130?source=CHN">
https://attendee.gotowebinar.com/register/5050817056946768130?source=CHN</a> </span>
<o:p></o:p></p>
<p><span style="font-family:"Open Sans";color:#333333">Warm Regards,<br>
Stu Sjouwerman<br>
Founder and CEO<br>
KnowBe4, Inc</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px;border-radius:6px">
<p class="MsoNormal" align="center" style="text-align:center;background:#676767">
<span style="font-size:18.0pt;font-family:"Open Sans";color:white;letter-spacing:4.5pt">Quotes of the Week</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal" align="center" style="text-align:center"><i><span style="font-family:"Open Sans";color:#333333">"I would like to thank everyone involved in Three Billboards, and everyone who's ever looked at a billboard."</span></i><span style="font-family:"Open Sans";color:#333333">
- Sam Rockwell, getting a 2018 Best Supporting Actor Oscar<br>
<br>
<i>"I just want to thank everybody I've ever met in my entire life."</i><br>
- Kim Basinger, receiving the Oscar for Best Supporting Actress, L.A Confidential (1997)<br>
<br>
<i>"Don't ever become a pessimist... a pessimist is correct oftener than an optimist, but an optimist has more fun, and neither can stop the march of events."</i> - Robert A. Heinlein - Writer (1907 - 1988)
</span><br>
<o:p></o:p></p>
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="1" width="100%" align="center">
</div>
<p class="MsoNormal" align="center" style="text-align:center"><br>
<strong><span style="font-family:"Open Sans";color:#333333">Thanks for reading CyberheistNews</span></strong><span style="font-family:"Open Sans";color:#333333"><br>
But if you want to unsubscribe, you can do that <a href="http://newsletter.knowbe4.com/a/1022/click/727/2101618/486ae771c748e753c0a203927ab7bc2af91a1576/c6d3f9aed783cb61c1c1c6ca74bddcd983748657" target="_blank">
<span style="color:#F16824;text-decoration:none">right here</span></a><br>
<br>
<strong><span style="font-family:"Open Sans"">You can read CyberheistNews online at our Blog</span></strong><br>
<a href="https://blog.knowbe4.com/cyberheistnews-vol-8-11-alert-a-really-difficult-phishing-scenario-thats-very-hard-to-beat">https://blog.knowbe4.com/cyberheistnews-vol-8-11-alert-a-really-difficult-phishing-scenario-thats-very-hard-to-beat</a>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px;border-radius:6px">
<p class="MsoNormal" align="center" style="text-align:center;background:#676767">
<span style="font-size:18.0pt;font-family:"Open Sans";color:white;letter-spacing:4.5pt">Security News</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">Social Engineering, Not Zero Days</span><span style="font-family:"Open Sans";color:#333333"><br>
<br>
Most cyber attacks are not matters of sophisticated, never-seen-before zero days. That happens, but it's not the norm. What is the norm is social engineering. Users fall victim to criminal hackers who abuse their trust.<br>
<br>
We often think of these tactics as being the exclusive province of common criminals, but in fact they're the dominant form of attack in cyberspace. It's thought that the state actors who recently intruded into sensitive German government networks got in by
phishing.<br>
<br>
That's because social engineering is effective. And of course on the other end the petty crooks see the same efficacy. Homeowners in Australia's state of Victoria were recently victimized by phishing emails in which the sender impersonated a realtor asking
for payment of fees due. Hundreds of thousands were lost.<br>
<br>
Today, awareness training is a must-do piece of your IT security puzzle. Story at CSO:<br>
<a href="https://www.cso.com.au/article/634433/social-engineering-new-norm-hacking/">https://www.cso.com.au/article/634433/social-engineering-new-norm-hacking/</a>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">Words Frequently Misused (by Phishers)</span><span style="font-family:"Open Sans";color:#333333"><br>
<br>
Social engineering extends even to the names given malicious files. Attackers will include words likely to be attractive to the target in the hope of inducing the target to open the file and download the maliciously crafted document.<br>
<br>
The SANS Institute looked at a large number of phishing emails and compiled a set of words that appeared as bait in attachment file names. The list doesn't of course amount to a collection of indicators, but it's suggestive.<br>
<br>
Users who are looking closely at filenames may be warier than most, and the attackers seem to want an extra layer of persuasion and plausibility. See the interesting SANS list here:<br>
<a href="https://isc.sans.edu/forums/diary/Common+Patterns+Used+in+Phishing+Campaigns+Files/23403/">https://isc.sans.edu/forums/diary/Common+Patterns+Used+in+Phishing+Campaigns+Files/23403/</a>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">DHL Shipping Phishing Attack Serves A Keylogger</span><span style="font-family:"Open Sans";color:#333333"><br>
<br>
Fake shipping notices purporting to be from DHL are in circulation. The phishing emails include an attachment whose payload is a keylogger. The text is old-school with poor English usage and grammar. That should put trained and aware users on their guard.<br>
<br>
Training can help employees see through text like this: "Attached is the Original Shipping documents and BL as assigned to deliver to you. Notification for shipment event group 'Picked up' for 10th March 2018." See MyOnlineSecurity for more:<br>
<a href="https://myonlinesecurity.co.uk/fake-dhl-shipment-notification-delivers-a-password-stealer-keylogger/">https://myonlinesecurity.co.uk/fake-dhl-shipment-notification-delivers-a-password-stealer-keylogger/</a>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">Mining Is The New Black: CryptoJacking Polyvalent Malware Via Email</span><span style="font-family:"Open Sans";color:#333333"><br>
<br>
Cryptojacking malware has so far tended to concentrate on one particular cryptocurrency, but that seems to be changing. Palo Alto Networks warns that it's observed a polyvalent cryptojacking attack that's equally capable of pilfering Bitcoin, Ethereum, Litecoin,
and Monero.<br>
<br>
"ComboJack," as the miner is called, works against the user's clipboard. It takes advantage of users' propensity to copy and paste addresses rather than go through the trouble of retyping the each time they're needed. The malware looks for wallet addresses
in the clipboard and replaces them with the address of the criminals' wallet.<br>
<br>
This technique has been used by the Evrial Trojan and CryptoShuffler malware. It's now being employed against a range of e-currencies. Most of the victims of ComboJack have so far been in the US and Japan. It's delivered through phishing.<br>
<br>
The malicious payload is carried in a PDF file attached to the email. That PDF contains an embedded rich text file that carries an exploit for CVE-2017-8579, a known vulnerability that had previously been used to deliver FinFisher spyware. See Security Week:<br>
<a href="https://www.securityweek.com/combojack-malware-steals-multiple-virtual-currencies">https://www.securityweek.com/combojack-malware-steals-multiple-virtual-currencies</a>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">Social Media Phishing Rises</span><span style="font-family:"Open Sans";color:#333333"><br>
<br>
Phishing related to financial institutions has long been the norm. This may be changing, however. While banks are still targeted, increasingly criminals are experimenting with phishing campaigns that seek to compromise social media.<br>
<br>
These attempts seem to be prompted by the increasing involvement of social media in financial transactions, but also as a kind of way station en route to further, more directly lucrative attacks. Alert your employees to the likelihood that phishing will take
on an increasingly social character. Security Brief has more information:<br>
<a href="https://securitybrief.com.au/story/social-media-phishing-rise-as-attackers-experiment-tactics/">https://securitybrief.com.au/story/social-media-phishing-rise-as-attackers-experiment-tactics/</a>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">Finally Some Business Email Compromise Busts</span><span style="font-family:"Open Sans";color:#333333"><br>
<br>
Business email compromise (BEC)—also known as CEO Fraud—continues to be a problem for both large and small organizations. In business email compromise, a scammer impersonates a company official in an email that directs employees to transfer large amounts of
money to bank accounts controlled by the bad guys.<br>
<br>
Sometimes the criminals are caught. Police in France and Belgium have arrested seven conspirators in a BEC scheme that netted them some €1.2 million.<br>
<br>
The losses in a BEC scam can be high, particularly when they involve fraudulent wire transfers, and they easily cross national boundaries, which can make recovery difficult. In this case the suspects arrested were for the most part Romanian, their targets Belgian
and French. See the story in Security Week:<br>
<a href="https://www.securityweek.com/two-scammers-five-mules-arrested-bec-bust">https://www.securityweek.com/two-scammers-five-mules-arrested-bec-bust</a>
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">What Our Customers Are Saying About Us
</span><span style="font-family:"Open Sans";color:#333333"><br>
<br>
Happy Customer: "The entire purchase process was smooth and our Account Manager was terrific! I was pleasantly surprised when the Customer Success Manager reached out to me and wanted to know how to help. Your company must be a wonderful place to work!" - N.E.,
IT Systems<br>
<br>
Happy Customer: "I wanted to tell you that we are very satisfied with the training and phishing service we have got from your company!" - M.R., HR & Records Management Specialist
</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">Interesting News Items This Week</span><span style="font-family:"Open Sans";color:#333333"><br>
<br>
Cyber attacks becoming No. 1 business risk:<br>
<a href="https://www.helpnetsecurity.com/2018/03/07/cyber-attacks-business-risk/">https://www.helpnetsecurity.com/2018/03/07/cyber-attacks-business-risk/</a><br>
<br>
Inside the Profitable Underworld of Ransomware:<br>
<a href="http://www.govtech.com/security/Inside-the-Profitable-Underworld-of-Ransomware.html">http://www.govtech.com/security/Inside-the-Profitable-Underworld-of-Ransomware.html</a><br>
<br>
Russia’s Fancy Bear Hacks its Way Into Montenegro:<br>
<a href="http://www.balkaninsight.com/en/article/russia-s-fancy-bear-hacks-its-way-into-montenegro-03-01-2018">http://www.balkaninsight.com/en/article/russia-s-fancy-bear-hacks-its-way-into-montenegro-03-01-2018</a><br>
<br>
Schools Teach 'Cyber Hygiene' to Combat Phishing, Identity Theft:<br>
<a href="https://www.edweek.org/ew/articles/2018/03/07/schools-teach-cyber-hygiene-to-combat-phishing.html">https://www.edweek.org/ew/articles/2018/03/07/schools-teach-cyber-hygiene-to-combat-phishing.html</a><br>
<br>
Cyberspace is the New Battlespace:<br>
<a href="https://www.lawfareblog.com/cyberspace-new-battlespace">https://www.lawfareblog.com/cyberspace-new-battlespace</a><br>
<br>
Ransomware Trends to Watch in 2018:<br>
<a href="https://www.recordedfuture.com/ransomware-trends-2018/">https://www.recordedfuture.com/ransomware-trends-2018/</a><br>
<br>
FBI Director tells Boston College gathering that cyber threats ‘coming at us from all sides.’:<br>
<a href="https://www.bostonglobe.com/metro/2018/03/07/fbi-director-tells-boston-college-gathering-that-cyber-threats-coming-from-all-sides/yD3vfr0JbJDN083jZVjEqL/story.html">https://www.bostonglobe.com/metro/2018/03/07/fbi-director-tells-boston-college-gathering-that-cyber-threats-coming-from-all-sides/yD3vfr0JbJDN083jZVjEqL/story.html</a><br>
<br>
An unconventional spam campaign has been delivering unusual cryptocurrency-stealing malware to American and Japanese users:<br>
<a href="https://www.helpnetsecurity.com/2018/03/06/cryptocurrency-stealing-malware/">https://www.helpnetsecurity.com/2018/03/06/cryptocurrency-stealing-malware/</a><br>
<br>
‘Technology alone can’t defeat cybercrime’ in the UK:<br>
<a href="https://portswigger.net/daily-swig/technology-alone-cant-defeat-cybercrime">https://portswigger.net/daily-swig/technology-alone-cant-defeat-cybercrime</a><br>
<br>
UK National Cyber Security releases useful InfoGraphic to reduce cybercrime:<br>
<a href="https://www.ncsc.gov.uk/white-papers/common-cyber-attacks-reducing-impact">https://www.ncsc.gov.uk/white-papers/common-cyber-attacks-reducing-impact</a><br>
<br>
Digging Deep: New Crypto-Mining Scams Silently Steal Millions:<br>
<a href="https://securityintelligence.com/news/digging-deep-new-crypto-mining-scams-silently-steal-millions/">https://securityintelligence.com/news/digging-deep-new-crypto-mining-scams-silently-steal-millions/</a><br>
<br>
Vulnerability In Robots Can Lead To Costly Ransomware Attacks:<br>
<a href="http://www.hackbusters.com/news/stories/2756489-vulnerability-in-robots-can-lead-to-costly-ransomware-attacks">http://www.hackbusters.com/news/stories/2756489-vulnerability-in-robots-can-lead-to-costly-ransomware-attacks</a><br>
<br>
Prepared in cooperation with the CyberWire research team. </span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px;border-radius:6px">
<p class="MsoNormal" align="center" style="text-align:center;background:#676767">
<span style="font-size:18.0pt;font-family:"Open Sans";color:white;letter-spacing:4.5pt">Cyberheist 'Fave' Links</span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<p class="MsoNormal"><span style="font-size:18.0pt;font-family:"Open Sans";color:#F16622">This Week's Links We Like, Tips, Hints and Fun Stuff</span><span style="font-family:"Open Sans";color:#333333">
</span><o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo4">
<span style="font-family:"Open Sans";color:#333333">Women Are Awesome - International Women's Day 2018:<br>
<a href="http://www.flixxy.com/women-are-awesome-international-womens-day-2018.htm?utm_source=4">www.flixxy.com/women-are-awesome-international-womens-day-2018.htm?utm_source=4</a></span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo4">
<span style="font-family:"Open Sans";color:#333333">Peugeot exploits the characters of the well known Wacky Races TV series for their new 208 model. Fun:<br>
<a href="https://www.youtube.com/watch?v=FcnsRrXzBC0&feature=youtu.be">https://www.youtube.com/watch?v=FcnsRrXzBC0&feature=youtu.be</a></span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo4">
<span style="font-family:"Open Sans";color:#333333">Burger-flipping robot begins first shift:<br>
<a href="http://www.bbc.com/news/av/technology-43292047/burger-flipping-robot-begins-first-shift?SThisFB">http://www.bbc.com/news/av/technology-43292047/burger-flipping-robot-begins-first-shift?SThisFB</a></span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo4">
<span style="font-family:"Open Sans";color:#333333">Facts about daylight saving time, why it was introduced and why it no longer makes any sense today:<br>
<a href="http://www.flixxy.com/daylight-saving-time-doesnt-benefit-anyone.htm?utm_source=4">http://www.flixxy.com/daylight-saving-time-doesnt-benefit-anyone.htm?utm_source=4</a></span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo4">
<span style="font-family:"Open Sans";color:#333333">7 techniques to remember ANYTHING [InfoGraphic]<br>
<a href="https://hosteddocs.emediausa.com/quickquid7techniquestorememberanything.pdf">https://hosteddocs.emediausa.com/quickquid7techniquestorememberanything.pdf</a></span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo4">
<span style="font-family:"Open Sans";color:#333333">An eagle-eyed person in the picturesque seaside town of Porto Cesareo, Italy, managed to capture a trio of McLarens on video, including a Senna with a little camouflage still on it. The new hypercar is still
rare enough that seeing one anywhere is very special:<br>
<a href="https://www.motor1.com/news/234819/mclaren-senna-spy-video/">https://www.motor1.com/news/234819/mclaren-senna-spy-video/</a></span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo4">
<span style="font-family:"Open Sans";color:#333333">Meet Boston Dynamics Jumping Robot Handle:<br>
<a href="https://www.youtube.com/watch?v=-7xvqQeoA8c&feature=youtu.be">https://www.youtube.com/watch?v=-7xvqQeoA8c&feature=youtu.be</a></span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo4">
<span style="font-family:"Open Sans";color:#333333">Every winner of the Academy Award for Best Cinematography from 1927 to 2016 - a 8-minute journey into film history:<br>
<a href="http://www.flixxy.com/every-best-cinematography-winner-oscars-1929-2018.htm?utm_source=4">http://www.flixxy.com/every-best-cinematography-winner-oscars-1929-2018.htm?utm_source=4</a></span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo4">
<span style="font-family:"Open Sans";color:#333333">For the kids: Squirrel Taking A Joy-Ride In A Model Airplane:<br>
<a href="http://www.flixxy.com/squirrel-taking-a-joy-ride-in-a-model-airplane.htm?utm_source=4">http://www.flixxy.com/squirrel-taking-a-joy-ride-in-a-model-airplane.htm?utm_source=4</a></span><o:p></o:p></li></ul>
<p class="MsoNormal" style="margin-left:.5in"><o:p> </o:p></p>
<ul type="disc">
<li class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1 level1 lfo4">
<span style="font-family:"Open Sans";color:#333333">Oh, who *is* that Stu guy? A video-crew followed me for a day at BlackHat:<br>
<a href="https://www.youtube.com/watch?v=YUwG4EXCESA&feature=youtu.be">https://www.youtube.com/watch?v=YUwG4EXCESA&feature=youtu.be</a></span><o:p></o:p></li></ul>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:800px">
<div class="MsoNormal" align="center" style="text-align:center">
<hr size="1" width="100%" align="center">
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:400px;float:left">
<p class="MsoNormal" style="line-height:9.0pt"><span style="font-size:7.5pt;font-family:"Open Sans";color:#676767">FOLLOW US ON:
<a href="http://newsletter.knowbe4.com/a/1022/click/727/2101618/12f6f18bb2280eb257fda0ee104ee0a8a9355394/c6d3f9aed783cb61c1c1c6ca74bddcd983748657" target="_blank">
<span style="color:#F16824;text-decoration:none">Twitter</span></a> | <a href="http://newsletter.knowbe4.com/a/1022/click/727/2101618/35c8d23f428e99808212e79c497c5c7904ccc19f/c6d3f9aed783cb61c1c1c6ca74bddcd983748657" target="_blank">
<span style="color:#F16824;text-decoration:none">LinkedIn</span></a> | <a href="http://newsletter.knowbe4.com/a/1022/click/727/2101618/665fd8e8468a0fa0d279b30bd4c7ba97f04517dd/c6d3f9aed783cb61c1c1c6ca74bddcd983748657" target="_blank">
<span style="color:#F16824;text-decoration:none">Google</span></a> | <a href="http://newsletter.knowbe4.com/a/1022/click/727/2101618/947165ed658284c668dbae4f407761b5796d0745/c6d3f9aed783cb61c1c1c6ca74bddcd983748657" target="_blank">
<span style="color:#F16824;text-decoration:none">YouTube</span></a></span><o:p></o:p></p>
</div>
<div style="margin-top:5.0pt;margin-bottom:5.0pt;max-width:400px;float:right">
<p class="MsoNormal" align="right" style="text-align:right;line-height:9.0pt"><span style="font-size:7.5pt;font-family:"Open Sans";color:#676767">Copyright © 2014-2018 KnowBe4, Inc. All rights reserved.</span><o:p></o:p></p>
</div>
</div>
</td>
</tr>
<tr>
<td style="padding:0in 0in 0in 0in">
<div>
<p class="MsoNormal" style="background:black"> <o:p></o:p></p>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="100%" style="width:100.0%;display:table !important">
<tbody>
<tr style="display:table-row !important">
<td width="20%" style="width:20.0%;padding:0in 0in 0in 0in;display:table-cell !important">
<p class="MsoNormal"> <o:p></o:p></p>
</td>
<td style="padding:0in 0in 0in 0in;-ms-text-size-adjust: 100%;-webkit-text-size-adjust: 100%;display:table-cell !important">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:8.0pt;font-family:"Arial",sans-serif;color:#666666">This email was sent to
<b><a href="mailto:sage@mveca.org">sage@mveca.org</a></b> by <b><a href="mailto:feedback@knowbe4.com">feedback@knowbe4.com</a></b><br>
<br>
33 N Garden Ave, Suite 1200 Clearwater, FL 33755 USA<br>
<o:p></o:p></span></p>
<div>
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:8.0pt;font-family:"Arial",sans-serif;color:#666666"><a href="http://newsletter.knowbe4.com/a/1022/one_click_unsubscribe/727/2101618/c6d3f9aed783cb61c1c1c6ca74bddcd983748657"><span style="color:black;border:none windowtext 1.0pt;padding:0in">1-Click
Unsubscribe</span></a><o:p></o:p></span></p>
</div>
</td>
<td width="20%" style="width:20.0%;padding:0in 0in 0in 0in;-ms-text-size-adjust: 100%;-webkit-text-size-adjust: 100%;display:table-cell !important">
<p class="MsoNormal" align="right" style="text-align:right"><span style="font-size:8.0pt;font-family:"Arial",sans-serif;color:#666666"> <o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
</div>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>