" skim Archives - LuxSci

Posts Tagged ‘skim’

SPF and DKIM: The State of Domain-based Email Authentication – Part 1

Friday, September 1st, 2017

Recent reports on cyber-security threats in the healthcare sector by Verizon, Symantec and Ponemon consistently make several observations:

  • Email-borne malware is on the rise, with such malware delivered via spam or phishing;
  • Small-to-medium sized businesses (from all sectors) have the highest rate of email-delivered malware;
  • Most breaches are caused by negligent employees or contractors.

These conclusions are hardly surprising as email is now an increasingly common part of communications with protected health information (PHI) frequently exchanged amongst employees and patients within a practice, between medical providers, and medical providers and their business associates. The concern for the healthcare industry is the potential violation of the HIPAA privacy rule caused by email-related (and other) breaches, leading to disruptions from loss of data, compliance audits and possibly hefty fines.

No Phishing

We wrote about obvious measures medical providers can take to avoid HIPAA non-compliance in email exchanges such as opt-out email security. That addresses only one aspect of the threat landscape, though – the protection of PHI in email exchanges. Another aspect is more sinister, as it deals with external, malignant actors. These actors use various spoofing techniques to trick patients or employees of a medical practice to react incautiously, often impulsively, to emails supposedly coming from valid sources. These often lead to identity theft, where the damage is more far-reaching as the information given up is more long-lived and more widely used and cannot just be erased like revoking a misused credit card.

Read the rest of this post »

Ebola is Infecting Computers; How to Protect Yours

Monday, October 20th, 2014

Spam and Virus FilterNo, your computer can’t catch the actual Ebola virus… its not even airborn yet.  However, we are finding that criminals are taking advantage of the hype and scare and curiosity over Ebola to infect people’s computers more easily.

This is commonly being done via email.  There are four prevalent types of email going around now that are meant to infect your computer:

  1. A fake report on the Ebola virus — when you click the link to read more, your Windows machine is infected with a virus that can collect and steal your personal information.
  2. A fake email from telecommunications provider that contains an important “Ebola Presentation” for your to download and view.  If you do it, you install malware that can allow others to remotely control your computer, access your web cam, log what you type, etc.
  3. Fake emails talking about an “Ebola Cure” which contains a malware attachment and which asks you to forward the news on to your friends.  The malware records your keystrokes and downloads additional malware on to your computer
  4. Fake emails about Ebola news and lists of “precautions”.

There are many other types of attacks and attack vectors that are being and can be exploited.  We will go over many of these, below, and how to protect yourself from them.  You should be very wary of any email received about Ebola, even if it appears to be from a friend.  You should be especially wary of opening any attachments sent through email, unless you have good confidence that they are malware-free.

Read the rest of this post »