Archive for September 28, 2022

An Email Based Invoice #Scam Involving @LifeOmic And @Zoho Is Making The Rounds

Posted in Commentary with tags , , on September 28, 2022 by itnerd

For the first time in a long time, I’m writing about something other than an extortion phishing scam. This scam involves health platform LifeOmic and Zoho. In short you get an email looking like this:

It claims to have been sent from Zoho’s CRM product and claims that you have a subscription for access to LifeOmic’s heath cloud that you have to pay. What the scammers are hoping for is that you’ll call the number and presumably the scammers will want to get access to your computer to do who knows what, or extract personal information from you.

There’s one sure way to tell that this is a scam:

The email address in use does not trace back to either Zoho or LifeOmic. So that alone should make you delete this email immediately upon receipt.

This part of the email caught my attention:

This is meant to reassure you that this isn’t a scam and that LiveOmic and Zoho are committed to preventing invoice scam. Except that this is an invoice scam. And unlike most scams that I have seen lately, the English used in this one is pretty decent. I had to hunt to find grammatical errors.

I tried calling the number, which by the way is something that you should never do, and I was greeted with cheesy hold music and a message telling me to stay on the line because all the scammers representatives were busy. I gave it five minutes and hung up. But that was enough to tell me that this was an active scam. But I was unable to get information as to their motives. But at the end of the day. it doesn’t matter as whatever their intentions are, they aren’t good. Thus if you see this email hit your inbox, delete it and move on with your day.

Leave a comment »

LinkedIn Unveils Canada’s Top Startups List For 2022

Posted in Commentary with tags on September 28, 2022 by itnerd

LinkedIn is releasing the Canadian edition of the 2022 Top Startups List featuring the companies attracting attention and top talent in 2022. 

Grounded in unique LinkedIn data, Top Startups is an annual ranking of the young, emerging companies attracting professionals who want to work there. The list reveals the companies that are forward-thinking and innovative around the future of work. These growing startups are successfully navigating through the current world of work at a time where there is economic uncertainty. 

LinkedIn’s methodology is based on growth and demand. The data to rank startups on the list is based on four pillars that are synonymous with successful startups: employment growth, engagement, job interest and attraction of top talent.  

2022 Top Startups Canada List

  1. Neo Financial 
  2. Ada 
  3. Fable 
  4. Shakepay 
  5. ApplyBoard 
  6. BenchSci 
  7. Cohere 
  8. Certn 
  9. Drop 
  10. Dapper Labs 
  11. Snapcommerce 
  12. Manifest Climate 
  13. Irwin 
  14. TealBook 
  15. Klue 

Methodology 

LinkedIn measures startups based on four pillars: employment growth, engagement, job interest and attraction of top talent. Employment growth is measured as percentage headcount increase over methodology time frame, which must be a minimum of 10%. Engagement looks at non-employee views and follows of the company’s LinkedIn page, as well as how many non-employees are viewing employees at that startup. Job interest counts rate at which people are viewing and applying to jobs at the company, including both paid and unpaid postings. Attraction of top talent measures how many employees the startup has recruited away from any global LinkedIn Top Company, as a percentage of the startup’s total workforce. Data is normalized across all eligible startups. The methodology time frame is July, 1 2021 through June 30, 2022.  

To be eligible, companies must be fully independent, privately held, have 50 or more full-time employees, be 7 years old or younger and be headquartered in the country on whose list they appear. We exclude all staffing firms, think tanks, venture capital firms, law firms, management and IT consulting firms, nonprofits and philanthropy, accelerators and government-owned entities. Startups who have laid off 20% or more of their workforce within the methodology time frame are also ineligible.  

About company insights 

*Company insights were sourced from LinkedIn Talent Insights. Data reflects aggregated public member data from active LinkedIn profiles in the relevant country and includes full-time employee profiles associated with the company on LinkedIn. All data points are measured among hires in the last year. We exclude members who identify as part-time or contractors. Headcounts are provided by the companies directly, unless otherwise noted with an asterisk. Those headcounts are based on LinkedIn data. The insights reflect data as of July 2022. Skills data was derived from measuring the most frequent skills among a company’s employees. Most common job titles represent the occupations that are most common within each company. Largest job function measures the function area most prevalent within each company.

  

Leave a comment »

Guest Post: Protect Your Elderly Loved Ones During Cyber Security Month

Posted in Commentary with tags on September 28, 2022 by itnerd

By Hank Schless, Senior Manager of Security Solutions at Lookout

With digital scams on the rise, it’s growing increasingly difficult to discern if an email, text message, phone call or website is legitimate or not. More people are reporting losing time and money due to online scams, and in particular, elderly individuals report falling victim. In 2021, over 92,000 victims over the age of 60 reported losses of $1.7 billion to the FBI’s Internet Crime Complaint Center (IC3). This is a whopping 74 percent increase over losses reported in 2020. The number one area of attacks were in tech support fraud, including identity theft and personal data breaches. 

Luckily, by taking a few key steps, people of all ages can reduce the risk of scams, and online fraud. In honor of Cyber Security MonthLookout has provided the below tips that family members can take to best protect parents and elderly family members from digital risks.  

  • Check the “sent from” email address: Real companies will send from their own domain. One easy way to check for authenticity is to make sure a company email isn’t coming from an address ending in “@gmail.com” or  “@yahoo.com”.
  • Go directly to the source: If you receive an email requiring action from you, usually involving private information like social security, birthday, bank information, or more, immediately call the company this message is reportedly from. 
  • Beware of urgency: Be wary of urgent demand or emails that require immediate action and divulgence of personal information. “Emergencies” can sometimes cause people to act without fully understanding the request or the implications of them, which make them a common tool for cybercriminals.
  • Watch for obvious misspellings and grammatical errors: Professional newsletters, notifications, and other email messages go through several rounds of approvals before distribution, so emails that include spelling errors and odd punctuation can be a sign of a scam.
  • Set Stronger Passwords 
  • Use  Two-Factor Authentication: This makes it harder for hackers to access your account, and will alert you to any potential hacking attempts.  
  • Password Changes
    Regularly change the password to your most important accounts. This will help prevent hackers from getting access. Make sure you use a combination of letters and numbers for the best protection. If your information has been compromised in a data breach, act immediately.
  • Install Security Software On Your Devices
    Security protection, like Lookout, will automatically monitor and identify scam URLs in email, text messages, and on the web and block you from threats that can do harm.

Leave a comment »

Threat Analyst Finds Wholesale Access Markets Skyrocket As Uber Breach Points To Trends Tn Easy Credential Acquisitions On The Dark Web

Posted in Commentary on September 28, 2022 by itnerd

The recent Uber breach is the perfect example of how easy it is for anyone to purchase credentials and access on the Dark Web. 

According to a new report from Cybersixgill, “Wholesale Access Markets (WAM) & Ransomware – A $10 Investment for Millions in Return,” 19% of ransomware incidents—access to a system logged in to the organization’s domain had been offered for sale on a WAM within 180 days before the attack. Which is quite scary.

You can find the report here and it is eye opening reading to say the least.

Leave a comment »

Guest Post: Almost 40% Of Businesses Lose Over $100,000 Per Cyberattack

Posted in Commentary with tags on September 28, 2022 by itnerd

Successful cyberattacks can cause significant financial losses and harm to businesses. According to the recent findings by the Atlas VPN team, 37% of companies lose over $100,000 per cyberattack on average. Besides the financial damages, businesses also ruin their reputation, lose corporate information, and experience disruption of partner operations.

After a successful cyberattack, less than $5,000 were lost in 14% of businesses. Between $5,000 and $9,999 were stolen from 8% of companies. Cybercriminals got away with up to $49,999 after cyberattacks on 16% of businesses. Overall, 24% of businesses lost between $50,000 and $99,999.

Furthermore, 22% of companies suffered significant losses starting from $100,000 up to $499,999. Cybercriminals stole even more money, between $500,000 and $999,999, from 11% of businesses. Lastly, 4% of companies claimed to have lost over $1 million after a successful cyberattack. Just 2% of businesses did not know the actual losses.

Cybersecurity writer at Atlas VPN Vilius Kardelis shares his thoughts on cyberattacks on businesses:

“Even though many businesses have invested more into cybersecurity lately, the most critical challenge is transparency. Companies are afraid to report incidents for fear of losing customer trust. However, that makes cyberattacks more dangerous and prevalent, causing significant damage to businesses.”

Consequences of cyberattacks

Besides the already mentioned financial losses, businesses often suffer additional damages after a successful cyberattack.

Nearly one-third (31%) of businesses experienced disruption of partner and customer operations and theft of financial information. Furthermore, more than one-quarter (28%) of companies suffered reputational damage and theft of financial information after a successful cyberattack.

About one-fourth (24%) of businesses had to deal with supply chain disruption. At the same time, another 23% of companies experienced obstruction of trading or business operations. Less than one-fifth (19%) of businesses suffered from the loss of business or contract, while money theft was present in 18% of companies after a successful cyberattack.

To read the full article, head over to: https://atlasvpn.com/blog/almost-40-of-businesses-lose-over-100-000-per-cyberattack

Leave a comment »

Fast Company Pwned By Hackers…. Forcing Apple To Disable Their Apple News Account

Posted in Commentary with tags on September 28, 2022 by itnerd

Online magazine Fast Company was the victim of a hack last night where their website was defaced. The website was taken down but you can see what that defacement looked like here. It appears the threat actors somehow gained login credentials that allowed them to access Fast Company’s Apple News account, which in turn allowed them to send out some vile and racist push notifications via Apple News. More on the latter in a moment. The threat actors also claimed to have accessed thousands of employee records, which they intended to share on a forum for trading information stolen in security breaches. If that’s true, that’s not good.

The company confirmed the hack took place via Twitter.

Apple reacted as well by turning off Fast Company’s Apple News account and saying this:

This story is sure to develop so if I learn more, I will share it here.

UPDATE: Mike Fleck, VP of Marketing for Cyren had this comment:

“As someone who has experienced a breach into a WordPress site, I can sympathize with Fast Company. After experiencing this, I have been a proponent of installing patches ASAP. It’s easy to rollback a patch if something breaks, it’s impossible to rollback a breach.”

“There is a tendency in the cybersecurity industry to focus on the latest technology like artificial intelligence. All organizations need to first master the basics. Know what systems you have, make sure they have the latest security patches, don’t use shared accounts, and enforce strong passwords and multi-factor authentication.”

Leave a comment »

Intuit Opens New Canadian Headquarters In Toronto

Posted in Commentary with tags on September 28, 2022 by itnerd

Intuit the global financial technology platform behind TurboTaxCredit KarmaQuickBooks, and Mailchimp, today announced the official opening of its new Canadian headquarters in Toronto’s downtown core. Located in ‘The Well’ at Front Street West and Spadina Avenue, the new space is Intuit’s first global site that has implemented the company’s workplace of the future design.

  • Intuit
  • Intuit
  • Intuit
  • Intuit
  • Intuit
  • Intuit

The modern, 116,000 square foot office was designed to optimize Intuit’s hybrid and diverse culture, while creating the ideal environment to co-create, make connections, and innovate. Design highlights include:

  • Blended neighbourhoods: A continuum of options ranging from quiet areas to active areas and open collaboration spaces.
  • Project rooms: Flexible spaces designed for teams that need both individual desks and collaborative furniture settings for longer term projects.
  • Library: Quiet zones that allow employees to focus without noise or distraction.
  • Prayer/meditation rooms: Private space for our staff to focus on their mental health and spiritual needs.
  • Social hubs: Spaces designed for social connections and wellness, such as an outdoor terrace, coffee stations, reflection areas, and an exercise area.

Toronto’s rapid growth as a key technology hub has made the city an attractive home base for innovators globally. In a recent global report, Toronto was ranked the third-largest tech hub in North America due to its depth of diverse talent.

For more information on joining Intuit, visit https://www.intuit.com/ca/careers/ to explore the opportunities across their platform.

Leave a comment »