Showing posts with label email. Show all posts
Showing posts with label email. Show all posts

Monday, June 12, 2023

Blackmail with Email, or The Employer's Lawyer Destroyer

Last month, Lewis Brisbois Bisgaard & Smith, one of the nation’s largest law firms, was rocked by the announcement that two top partners were starting their own boutique practice and taking as many as 140 colleagues with them.

The shock inside Lewis Brisbois’ downtown Los Angeles headquarters soon gave way to anger... over the weekend, Lewis Brisbois struck back.

In an extraordinary move, its management team directed the release of scores of emails in which Barber and Ranen used vile terms for women, Black people, Armenians, Persians, and gay men and traded in offensive stereotypes of Jews and Asians. In one fell swoop, the venerable firm managed to torpedo its new rival, destroy the defecting partners’ careers and send the legal establishment reeling. more
-----
“Say it with flowers,
Say it with mink,
But never, ever say it with ink."

Thursday, October 29, 2020

Microsoft Says Iranian Hackers Targeted Conference Attendees

Microsoft says Iranian hackers have posed as conference organizers in Germany and Saudi Arabia in an attempt to break into the email accounts of “high-profile” people with spoofed invitations. 

The targets included more than 100 prominent people invited by the hackers to the Munich Security Conference, which is attended by world leaders each February, and the upcoming Think 20 Summit, which begins later this week in Saudi Arabia but is online-only this year.

“We believe Phosphorus is engaging in these attacks for intelligence collection purposes,” said Tom Burt, Microsoft’s security chief, in a prepared statement. “The attacks were successful in compromising several victims, including former ambassadors and other senior policy experts who help shape global agendas and foreign policies in their respective countries.” more

Wednesday, March 27, 2019

Spybuster Tip #471 - Block People Who Track You via Email

Ugly Email is a Gmail / Firefox plug-in. When a tracker is detected, it shows the icon of an eyeball in the subject line to alert you that a tracker is hidden inside the email.

Blocked trackers include:
  • MailChimp
  • SendGrid
  • Drip
  • Mailgun
  • Streak
  • Bananatag
  • Yesware
  • Postmark
  • Sidekick
  • TinyLetter
  • MixMax
  • MailTrack
  • toutapp
  • Litmus
  • Boomerang
  • ContactMonkey
  • Cirrus Insight
  • Polymail
  • YAMM
  • GetResponse
  • phpList
  • Close.io
  • Constant Contact
  • Marketo
  • Return Path
  • Outreach
  • Intercom
  • Mailjet
  • Nethunt
...and Ulgy Email is soliciting suggestions for other email spies to add to the list. Ugly Email claims it does not store, transfer, transmit or save any of your data.

Thursday, July 26, 2018

Trust No One, or Life-locked

via Kreb's on Security...
Identity theft protection firm LifeLock — a company that’s built a name for itself based on the promise of helping consumers protect their identities online — may have actually exposed customers to additional attacks from ID thieves and phishers. 

The company just fixed a vulnerability on its site that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company.

The upshot of this weakness is that cyber criminals could harvest the data and use it in targeted phishing campaigns that spoof LifeLock’s brand. more

If you use LifeLock carefully check future emails using their name before clicking on anything. Also, check occasionally to make sure you haven't been unsubscribed. ~Kevin

Wednesday, February 14, 2018

Email Bugs Are Tracking You

Do you want to know exactly when a friend or colleague opens your email? How about where they are when they do?

Free services now allow us to do a little spying through the email we send. But it's raising some questions about privacy.

A growing number of people are using this technology. One More Company OMC, a company that makes software to detect this kind of email bugging, released a report last year. It says marketers put bugs in virtually all of the email they send.

But surprisingly, last year 16 percent of all conversational email-- the messages you send to friends, family and colleagues-- was also tracked. And that's up from 10 percent the year before. video more

---

Counter Measures for Users
Possible measures to restrict the functioning of tracking pixels:
  • Set browser and email settings to be as restrictive as possible such that external graphics are only supported after permission, and HTML emails are not supported. Appropriate firewall settings can also be used to do this.
  • Some browser extensions can be used to make tracking pixels visible.
  • Anonymous surfing with the Tor Browser or use of proxy servers to prevent the download of tracking pixels.
  • In order to prevent the collection of additional user data such as browser type or operating system, the support of scripts in the browser can be deactivated. This can however restrict other functions on the Internet under certain circumstances. more

Sunday, January 7, 2018

Corporate Espionage Alert - Whale Phishing in 2018

Phishing scams are becoming ever more sophisticated...

We need to focus on people patching and the human firewall,” said Anthony Dagostino, global head of cyber risk at Willis Towers Watson. “This requires more effective training and awareness campaigns to make sure people aren’t clicking on things...


We will see more whale phishing in 2018, where cyber criminals will target individuals based on things like their LinkedIn or Facebook profiles,” Dagostino told Insurance Business. “General counsel, chief financial officers and even board members are being very specifically targeted just for hackers to get certain information they have.

“It doesn’t necessarily have to be for a data breach – it’s really corporate espionage driven. They either want to get information on an up-coming acquisition, or future business plans that they can use for insider trading.” more


Saturday, May 13, 2017

Corporate Espionage Countermeasures Tips

via – American Greed Report
Corporate espionage schemes can occur when people already working for someone else infiltrate a company, or employees who've already left a company leave behind co-conspirators who send them data.

Some important steps companies can take:
  • Install technology that monitors everything going into your email system to determine if it's a legitimate message or if it's phishing or malware.
  • Monitor for what's going out of your email system as well by installing leakage control systems. These can, for example, tell whether data is being sent to Dropbox or personal Google, Amazon or Microsoft cloud accounts. They can also monitor for documents or spreadsheets going out.
  • Use whitelisting, which lets you specify which applications are approved to run on a computer system. Anything not on the whitelist won't run, which protects the network from malware and other harmful applications.
  • Consult with labor employment counsel to make sure your agreements on who owns intellectual property and prohibiting misuse or removal of such property are up to date. more

Wednesday, April 26, 2017

Former Fox News Host Sues Network for Allegedly Spying on Her

Andrea Tantaros, once a long-time fixture at the Fox News Channel, filed a suit on Monday alleging that the cable news network spied on her private communications

and utilized information it gleaned via surveillance in an intimidation campaign after she began having disputes with network management.

According to the complaint, Fox News, primarily at the instigation of Ailes and others who formerly worked in his secret “black room” operation, snooped inside of Tantaros’ email and recorded her telephone conversations. They then allegedly provided the information back to Snyder and others who repeated it back to Tantators via anonymous social media accounts in order to dissuade her from taking legal action against the network.  more

They Always Blame the IT Guys and the Cops – Shocking

Malicious software bought by a London Police Officer can remotely hack users...

One of the officers of UK’s Metropolitan Police Service was caught in possession of a malicious software used for infecting computers and smartphones after gaining physical access to them.

It’s unclear as of yet whether this software was bought for official or personal use, but it does raise a question that why would an MPS’s officer need to buy a malware that can do things like intercepting phone calls, turning on microphones and taking pictures remotely via the infected device’s camera. Especially if the use of this malware wasn’t allowed, which would make it illegal. more


Former Expedia IT tech gets 15 months in jail for insider trading, stealing information from execs...

“This was not a one-time lapse in judgement – this defendant used his technology skills to repeatedly invade the email accounts of Expedia executives so that he could enrich himself at the expense of others,” U.S. Attorney Annette L. Hayes said in a statement. “Even after he moved on to a better paying position at a different technology firm he continued his crimes, all while trying to make it look like other employees were at fault...

As a “senior IT support technician” based in San Francisco, Ly routinely had access to Hotwire and Expedia employee login information and devices. Ly used those credentials to break into company files to get information he later used in stock transactions....

Ly tried to cover his tracks by using login credentials of other employees when using the service to look at sensitive information... Ly’s acts didn’t end when he left the company in April 2015. Ly kept a company-issued laptop that could connect to Expedia’s network, and he used other employees’ login information to continue breaking into Expedia files and emails. more


Tuesday, February 21, 2017

Business Espionage: Operation BugDrop - Major Eavesdropping Operation Using PC Microphones to Bug Targets

Researchers have uncovered an advanced malware-based operation that siphoned more than 600 gigabytes from about 70 targets in a broad range of industries, including critical infrastructure, news media, and scientific research.

The operation uses malware to capture audio recordings of conversations, screen shots, documents, and passwords, according to a blog post published last week by security firm CyberX.

Targets are initially infected using malicious Microsoft Word documents sent in phishing e-mails. Once compromised, infected machines upload the pilfered audio and data to Dropbox, where it's retrieved by the attackers. The researchers have dubbed the campaign Operation BugDrop because of its use of PC microphones to bug targets and send the audio and other data to Dropbox.

"Operation BugDrop is a well-organized operation that employs sophisticated malware and appears to be backed by an organization with substantial resources," the CyberX researchers wrote. more (Heads up. This hasn't hit hard in the Western Hemisphere yet, but be prepared.) 

Spybusters Tip #832: First line of defense... Disable macros on your Word software. Don't turn it back on if prompted to do so by something arriving in your email. ~Kevin

Monday, November 28, 2016

3 Ways Corporate Spies Might Be Watching Your Business and How to Stop Them

Business is a game of constant competition, but the widespread emergence of covert surveillance and tracking tools has expanded the playbook. Now, industrial espionage has a new dimension.

In the corporate world, the practice is nothing new. In fact, it's been a marketing tactic for decades... But the digital age has given corporate spying a new face. And with the modern proliferation of web-based spying options, corporate surveillance is more sophisticated and covert than ever.

Today, corporate spies for hire carry titles like "Competitive Intelligence Analyst" and "Competitive Market Strategist." There are many lucrative opportunities for these workers. And they might be watching your business right now. Here are three of the ways they do it—and also how to dodge their efforts. more

Friday, November 18, 2016

Lawyers Should Not Bug Opposing Lawyer's Email

Alaska may have only about 2,500 active resident lawyers, but its bar ethics committee has become just the second authority in the country to weigh in on the practice of “bugging” the e-mail of opposing counsel.

The committee disapproved of this spy method in an opinion issued in late October, saying that it violated the Last Frontier’s version of Model Rule 8.4, which prohibits dishonesty and misrepresentation.

A “web bug” is a tracking device consisting of an object embedded in a web page or e-mail, that unobtrusively (usually invisibly) reveals whether and how a user has accessed the content. Other names for a web bug are web beacon, pixel tracker and page tag. more

Want to check who is secretly bugging you? Little Snitch for OSX does an excellent job and offers a free trial. Similar products exist for PC based computers. ~Kevin

Wednesday, October 12, 2016

Yahoo Email'ers Fed-Up with Hacking and Spying Find Forwarding Door Locked

After back-to-back revelations that hackers had compromised a staggering 500 million Yahoo Mail accounts and that the company had complied with a US government request to open incoming emails for surveillance, 

some users are having a hard time switching to any of Yahoo's competitors.

While it remains unclear how many users intend to leave over the privacy concerns and bad publicity, several told the Associated Press that their ability to do so has been hampered since the beginning of the month, when Yahoo disabled its automated email-forwarding option.

Those who had already set up their forwarding are unaffected, but those who wish to begin forwarding messages now are unable. more

Thursday, September 1, 2016

50% of Email Users Deserve the Problems They Create

Security experts often talk about the importance of educating people
about the risks of "phishing" e-mails containing links to malicious websites. But sometimes, even awareness isn't enough.  

A study by researchers at a university in Germany found that about half of the subjects in a recent experiment clicked on links from strangers in e-mails and Facebook messages—even though most of them claimed to be aware of the risks. more

Monday, August 1, 2016

Who Might Have Copies of Everyone's "Deleted" Emails?

The National Security Agency (NSA) has “all” of Hillary Clinton’s deleted emails and the FBI could gain access to them if they so desired, William Binney, a former highly placed NSA official, declared in a radio interview broadcast on Sunday.

Speaking as an analyst, Binney raised the possibility that the hack of the Democratic National Committee’s server was done not by Russia but by a disgruntled U.S. intelligence worker concerned about Clinton’s compromise of national security secrets via her personal email use.

Binney was an architect of the NSA’s surveillance program. He became a famed whistleblower when he resigned on October 31, 2001, after spending more than 30 years with the agency. more

Wednesday, January 13, 2016

From those wonderful people who like back doors...

US - A hacker appears to have broken into personal accounts of the nation’s top spy chief.

The reported teenager is part of the group that hacked into CIA Director John Brennan’s personal emails last year and is using the new access for pro-Palestinian activism. According to Vice Motherboard, which broke the news on Tuesday, the hacker claimed to have broken into a personal email and phone account of Director of National Intelligence James Clapper and his wife. more

Wednesday, October 28, 2015

Criptyque Launches Pryvate™, the First Fully Secure Communications Platform

Criptyque, the secure communications provider, today announced the launch of Pryvate™, the first all-encompassing and fully encrypted communications platform for mobile devices. Pryvate secures communication services across email, voice calls, conference calls, video calls and instant messenger to protect consumers and businesses from cybercriminals, intruders, corporate espionage, hackers and more.

The Pryvate application provides triple-layered security powered by top-of-the-line 4096-bit encryption, with AES 256-bit key management and DH key exchange. It offers truly seamless independent, network agnostic security combined with high quality of service at a low cost.

Initially available on Apple and Google Play stores, the service provides security by generating unique encryption keys on the devices of both users who communicate via the application. Once a key is used, a new key is created for every subsequent interaction and auto renew for every call, IM, message, session etc. Pryvate has no access to users’ encryption keys past, present or future: making it impossible to leak, hack, collaborate or give away keys, which makes all communication through Pryvate totally secure and impervious to hacking. more

Saturday, August 22, 2015

Thousands Of Ashley Madison Clients About To Learn (The Hard Way) That Most Employers Monitor Email

Upwards of 36 million email addresses were compromised when hackers infiltrated Ashley Madison, a site designed to help married people have affairs. Those email addresses, first released as an ungainly data dump, are now easily searchable on a number of different sites, leaving millions of people, some more famous than others, susceptible to personal and, it turns out, professional backlash.

Amazingly, tens of thousands of people, including more than 15,000 military and government personnel, decided to use their work email addresses to sign up for a dalliance, and if you’re wondering whether that puts them at any professional risk, the answer is almost certainly yes. A majority of American businesses monitor what their employees do online in some way or other, and they are not shy about cracking down on misbehavior.

According to a survey conducted by the American Management Association and the ePolicy Institute, more than one-quarter of employers have fired employees for misusing their work email addresses and more than one-third have fired workers for misusing the Internet. more

Friday, February 13, 2015

Private Investigators Are Being Nailed for Hacking

Private investigators may be the newest front for federal prosecutors in cracking down on the hacker-for-hire business.

In the coming weeks, a private investigator in New York is expected to plead guilty to charges of paying a so-called hacker-for-hire firm to steal email passwords and credentials, said three people briefed on the matter, who spoke on the condition of anonymity because no charges had been filed yet. The guilty plea would wrap up a nearly yearlong investigation by the Federal Bureau of Investigation and federal prosecutors in New York.

Separately, federal prosecutors in San Francisco on Wednesday announced the indictment of two private investigators and two computer hackers on charges that they illegally entered email and Skype accounts to gather information for matters they were working on for clients. Some of the illegally gathered information was intended to support a lawsuit, authorities said.

The identity of the private investigator in New York, who works for a small firm, could not be determined.
(more)

Sunday, January 25, 2015

Did Meanwell Mean Well, or... She Wanted the Cash, Man

New York Yankees general manager Brian Cashman has more than just on-the-field problems... his alleged former mistress, Louise Meanwell, is filing a lawsuit against the Yanks' front office man. 

The suit says that Cashman not only hacked and spied on Meanwell's e-mails, but he also contacted the woman's mother in an attempt to have Meanwell committed in order to cover-up his affair... 


Cashman's mistress is currently in court going through her own legal battles after she was arrested for attempting to extort Cashman for $15,000, and she allegedly stalked him as well after what is believed to be a 10-month fling occurred with Cashman.

It was only after Meanwell found out Cashman had another mistress and had no intention of getting a divorce from his wife that she threatened to blow the lid off their relationship.

This one just keeps getting weirder and weirder by the day.
(more)