For the thousands of school districts forced to begin the 2020/2021 school year with online learning, due to COVID-19, the frustration has been whipped into a frenzy due to slow websites and complete outages. Most of these problems are due to inadequate provisioning of capacity, but many events are the result of cyber-attacks.

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) division announced a final directive this week that requires all individual federal civilian executive branch (FCEB) agencies to “develop and publish a vulnerability disclosure policy (VDP) for their internet-accessible systems and services and maintain processes to support their VDP.”

A Business Email Compromise scam occurs when a fraudulent email is sent to a company or individual, and the email appears to be from a legitimate business resource or person, often varying from the legitimate email address by just a letter or two.

It is very disheartening to think that one quick mistake can lead to hours and hours – days in fact, of lost time trying to recover what was stolen from you so quickly and sold at such a minuscule amount, comparatively speaking. And that is just on the personal identification front. Imagine if those credentials came linked to a business? The damage that is incurred goes beyond one individual and can destroy multiple lives with job loss, lawsuits, and so on.

An eruption of Zoom-themed phishing attacks over the Spring and Summer of 2020 has been uncovered by researchers at INKY. Most of the attacks are aimed at stealing credentials to services like Outlook and Office 365 by directing users to spoofed login pages.