Week of December 20th, 2024

Week of December 20th, 2024

Welcome to Your Cybersecurity Recap: a bite-sized weekly newsletter by cybersecurity enthusiasts, for cybersecurity enthusiasts.

Here are this week’s top takeaways:

Second Gmail Security Warning Issued

As it issues a warning that a second wave of cyber threats against Gmail users is incoming from very persistent attackers, Google has detailed the specific attack methodologies involved and recommended actions that all 2.5 billion Gmail users employ to stay secure.

This second wave includes:

  • Invoice scams: This method involves scammers sending fake invoices to unsuspecting users, typically soliciting phone calls to dispute the “charges” and using this connection to convince victims to pay them
  • Celebrity scams: Over the past month, many of the most common scams popping up have involved famous people, either pretending to come from the celebrity themselves or claiming a given celebrity is endorsing a random product
  • Extortion scams: Victims receive emails with details on their home address, sometimes even including a picture of the location. There are a few versions of the messages. Still, they generally either include threats of physical harm or of releasing damaging personal material they say they acquired through a hack

These types of phishing attacks tend to become more prevalent during the holiday season. Guidance to mitigate phishing attack risks are as follows:

  • Carefully examine the email address, URL, and spelling used in correspondence. Threat actors use slight differences to trick your eye and gain your trust
  • Be careful what you download. Never open an email attachment from someone you don’t know, and be wary of email attachments forwarded to you
  • Set up multi-factor authentication on any account that allows it, and never disable it
  • Be careful with what information you share online or on social media. By openly sharing things like pet names, schools you attended, family members, and your birthday, you can give a threat actor all the information they need to guess your password or answer your security questions.

Google’s Gmail team has just issued its own advice, warning that “since mid-November, we’ve seen a massive surge in email traffic compared to previous months, making protecting inboxes an even greater challenge than normal.” The team says it “blocks more than 99.9% of spam, phishing, and malware in Gmail” for the platform’s more than 2.5 billion users. The company has also issued its own advice for users:

  • “Slow it down. Scams are often designed to create a sense of urgency and use terms like “urgent, immediate, deactivate, unauthorized, etc.” Take time to ask questions and think it through.
  • Spot check. Do your research to double-check the details of an email. Does what it’s saying make sense? Can you validate the email address of the sender?
  • Stop! Don’t send. No reputable person or agency will ever demand payment or your personal information on the spot.
  • Report it. If you see something suspicious, mark it as spam. You’ll make your Inbox cleaner and helping billions of others, too.”

Packetlabs Named a Clutch 1000 and G2 Feature of the Season

Packetlabs has been named a member of the Clutch 1000 and a G2 Feature of the Season.

Featured providers on Clutch represent the top 1000 companies out of 350,000 on the platform worldwide, ranked out of the following categories:

  • Diversity and scope of clientele
  • Portfolio of work
  • Competitive specializations
  • Considerable experience
  • Strong brand awareness and industry recognition

Thank you to each and every one of our clients who made this recognition possible!

We are equally honored to be featured in G2's Grid® Report for Vulnerability Assessment Services | Winter 2024/2025.

Grid® Reports provide a high-level overview of a service category, focusing on which organizations have the most satisfied clients and most considerable presence in the market.

Inform your next security investment today.

Recent Posts From Our Ethical Hackers

Every month, our ethical hackers work to provide free resources so that your team can continue improving your organization's security posture.

Here are just some of our recent posts:

To view or add a comment, sign in

More articles by Packetlabs

Explore topics