F-Blog: Phishing, Social Engineerung & Awareness

What's new?

Our cybersecurity blog keeps you up to date on the topics of phishing, social engineering and awareness and informs you about innovative solutions in the field of IT security.

Security Awareness

Video conferencing tools – what is a blessing to one is a curse to another

Reading time: 4 During the pandemic with the new type of a corona virus, many companies sent their employees to work from home or ordered so-called mobile working. Now that the initial escape from the office has subsided, many companies want to enable their employees to continue working from home. But which tool is the right one?

Alexa can use security holes for phishing attacks

Alexa, do you hear or phish yet?

Reading time: 2 For some years now, so-called smart speakers have been conquering our homes. They are supposed to make our everyday life easier by playing our favourite music, reading out recipes or maintaining digital shopping lists. But what do they eavesdrop when they shouldn't actually be listening?

A bad phishing awareness campaign damages the internal IT security.
Security Awareness

Customer fail story: Fail with phishing simulations – or celebrate success

Reading time: 6 Cybercrime has evolved: Through smuggled ransomware and following public shaming, companies are blackmailed to pay ransom or to hand over sensitive information. For many companies it is therefore more important than ever to increase security awareness. However, a lot of things can go wrong.

Sodinokibi attacks often start with a phishing email.
Security Awareness

Sodinokibi – when data is encrypted and published

Reading time: 2 Backdoor programs and ransomware such as Emotet and Ryuk, which ensured that the Justus Liebig University, among others, went offline in 2019, do indeed steal data from time to time. However, they focus on encryption and "ransom" by companies. However, Sodinokibi ("REvil") steals sensitive data every time it is infected - and increases the pressure.

An absence note can help hackers to prepare  their next phishing attack.
Security Awareness

The e-mail absence note as a threat for IT security

Reading time: 2 Who doesn't know them - e-mails from business partners with the information that the counterpart is unresponsive at the moment, frequently with the indication from when to when, and to whom one can someone turn instead. In itself a helpful tool for both sides - but is it really wise to set up such an absence note?

Successful security awareness trainings require certain components.
Security Awareness

Security awareness trainings: 5 must-haves for your success

Reading time: 4 The goal of security awareness measures is to support employess of a company in defending themselves against cyber attacks such as phishing attacks. This includes various training and education measures aimed at sensitizing users to topics related to the security of IT systems and providing basic knowledge.