SouthBridge Consulting Blog

It’s the holiday season, and you know what that means: lots of gift-giving and online shopping. Regardless of what you and your family celebrate this holiday season, you should be prepared to handle the influx of phishing attacks which always surface around this time every year, including both the usual methods and the more sophisticated ones.

For millions of people, the rubber ducky is a benign reminder of childhood. Depending on when you were a child, the rendition of Sesame Street’s Ernie singing “Rubber Duckie, you’re the one,” is ingrained in your mind every time you hear the term. Unfortunately, the Rubber Ducky we are going to tell you about today has only fond recollection for people who are looking to breach networks they aren’t authorized to access or deliver malware payloads that are designed to cause havoc. 

It probably isn’t a question you’ve put much thought to, but tell me: who do you think feels the greatest impact from card skimming schemes, where a payment card’s data is captured so a cybercriminal can make use of the card’s associated account? While it isn’t a good situation for anyone, some are impacted more than others.

WhatsApp is one of the world’s most popular messaging applications. With over 2 billion users, WhatsApp is known for its relative security, as it is one of the few messaging applications that offers end-to-end encryption. A modified version of WhatsApp, called YoWhatsApp, has been reportedly deploying malware.

How often do you get emails from individuals claiming to be working with a business who wants to do business with yours or sell you a product, completely unsolicited and even perhaps a bit suspicious? These types of messages can often land small businesses in hot water, as it only takes one phishing email landing in the wrong inbox at the wrong time to put your business in jeopardy.

Anyone who has a mailbox or an email knows all about junk mail. We all receive Publisher’s Clearing House entries, calls about your car’s extended warranty, promotions for items and events that you swore that you discontinued by typing “STOP”, and just needless spam that you waste your time going through and deleting. We receive unsolicited messages every single day.

If you are a frequent reader of our blog, you know all about phishing scams. They are emails and messages sent that are designed to extort money and gain access to computers and networks for nefarious purposes. The popular IT support company Geek Squad, a subsidiary of Best Buy, is the latest company caught up in such a scam. Let’s take a look at how the scam works and how you can avoid becoming its next victim.

Phishing attacks can be scary to deal with, especially since it is not unheard of for staff members to not even know they are looking at one. To make sure your staff can identify and respond to phishing attacks in an appropriate way, we’ve put together this short guide to help you along the way.

The world is full of people who would try to take advantage of your organization and its employees—or, in less gratifying words, scammers. They will do everything they can to try to fool your company and make a quick buck doing so. How can you make sure that the countless messages and phone calls you receive on a daily basis aren’t crooks trying to scam you out of house and home? It all starts with a little awareness.

There are countless cybersecurity threats out there, many of which wait until very unfortunate times to strike. One such time is over extended weekends or holiday breaks, when many companies shut down operations longer than the usual two-day weekend. In fact, this is such an issue that the Federal Bureau of Investigation and CISA have issued warnings in response to them.

The holiday season is a time for merriment and good cheer, but hackers have historically used it to take advantage of peoples’ online shopping tendencies. Phishing scams are always on the rise during the holiday season, so you need to take steps now to ensure that you don’t accidentally put yourself at risk—especially with voice spoofing emerging as a threat for Amazon orders.

Have you ever wondered what it takes to hire a hacker to perform a specific task? Thanks to the findings of Comparitech, we can get a look into the average pricings of various hacking services that can be found on the Dark Web. While we would never condone ever taking advantage of such services, it’s a fascinating look into the business of cybercrime, and one that can give you an idea of just how easy and accessible it is for hackers to make your life difficult.

There are always going to be those who want to use your hard-earned data and assets to turn a profit. One of the emergent methods for hackers to do so is through twisting the “as a service” business model into network security’s worst nightmare. This type of security issue is so serious that Microsoft has declared that Phishing-as-a-Service is a major problem.

What would you say if we told you that someone could buy access to your organization’s network for a measly $1,000? Well, this is the unfortunate reality that we live in, where hackers have commoditized the hard work you have invested in your organization. A study from KELA shows that the average cost to buy access to a compromised network infrastructure is insignificant at best, which is why it’s more important than ever to protect your business as best you can.

Have you ever wondered how hackers manage to pull off incredible feats like bombarding networks and servers with so much traffic that they simply cannot function? None of this would be possible if not for botnets. But what is a botnet, and why is it important for your organization to understand? Let’s dive into the details.

Data breaches have become all too common for small businesses over the past several years and when it seems like there is a solution to one problem, something even worse pops up. Part of a comprehensive risk management strategy is identifying problems and doing what you can to keep them from affecting your business. Let’s take a look at the major cybersecurity threats small businesses are facing in 2021 and what you can do to keep them from hurting your business.

We know, we know; you’re probably sick of seeing ransomware in headlines, and so are we, but we cannot stress enough how important having an awareness of it is for any business owner. A new study has found that businesses infected by ransomware who choose to pay up experience a different type of fallout--one that is a major cause for concern and a stark reminder that there are no guarantees with ransomware. Ever.

The first half of this year has seen its fair share of ups and downs, especially on a global scale. With a global pandemic still taking the world by storm, it’s despicable that hackers would take advantage of the opportunity to make a quick buck using phishing tactics. Yet, here we are. Let’s take a look at how hackers have turned the world’s great misfortune into a boon, as well as how you can keep a lookout for these threats.

You’ve probably heard by now, a Russia-based hacking collective by the name of DarkSide targeted Colonial Pipeline, a company that supplies nearly 45 percent of the fuel used along the Eastern Seaboard of the United States, with a ransomware attack. Not only does this hack have an effect on fuel prices and availability, it highlights just how vulnerable much of the nation’s energy infrastructure is. Let’s discuss the details of the hack and the raging discussion about cybersecurity that’s happening as a result. 

There is an entire litany of stereotypes that are commonly linked to the term “hacker”… too many for us to dig into here, especially since they do little but form a caricature of just one form that today’s cybercriminal can take. Let’s go into the different varieties that are covered nowadays under the blanket term of “hacker,” and the threat that each pose to businesses today.