Since the dawn of commercial emailing in the 1990s, cyber sleuths have been trying to one-up each other in gaining access to the accounts of famous people. It makes sense, in a cynical way, that people would want to pry into the private lives of the rich and beautiful to try to expose some dark or embarrassing secret. Somewhat interestingly, the motivations for these hacks are as much getting material for blackmail as they are securing bragging rights among the hacker community.
In 2015, a 23-year-old Bahamian man hacked into the email accounts of 130 celebrities and stole the unreleased movie and TV scripts, tapes, explicit images and even the upcoming album of a “famous A-List Celebrity”. How did he do this? The old-fashioned way that we’ve been telling you about for years: phishing.
Apart from gaining access to data via an injected virus, the perpetrator also sent fake automated text messages to the celebrities, making it look like their account had been hacked and asking for their passwords to secure their account. The players may change, but the game (essentially) remains the same.
Speaking of the players changing, the rich and famous will certainly always be a prime target, but the share of these email attacks directed at ‘ordinary’, non-famous people has increased dramatically. Yes, we the unfamous (not to be confused with ‘infamous’) have been for years flying under the radar. Call it ‘security via obscurity’. So what happened? Why are we all unfamous people being targeted?
We can assign some blame to the professional data brokers (e.g., ZoomInfo and LinkedIn), as they are not only the reason why we get more spam email, but also they provide the basic informational underpinning of an attack (e.g., company, title within the finance department). It is relatively easy now for anyone to find a newbie finance or HR person within a large bank or financial institution who could be lured into giving up a password for a sensitive system. In fact, this newer type of attack (a.k.a. spear phishing) has, of course, proved to be a lot more lucrative than trying to blackmail Pauly Shore into paying you not to make public the release of his comeback movie script.
And, it should be noted that with all the remote learning that has occurred during the pandemic, it suddenly seems all of these foreign-originated cyber-lure emails are better written and, dare-I-say, grammatically correct! No longer does odd phraseology or British spelling easily give away the scheme.
All the targeting of us non-famous people has been getting some traction in the e-security realm. In a recent survey we conducted, 79.9% of professionals rated email security at top of mind; 85% of legal professionals and 68% of insurance professionals!
Another interesting tidbit from this survey was that an important “emerging interest”, according to survey respondents, includes the ability to anticipate e-crimes in progress and thwart them before the steal; and being able to better control content of documents and email even after the send. This was just the topic we covered in Tech Essentials last week on our column on pre-crime.
It must be said now that RMail AI™ not only automates email encryption for security of HIPAA related email from within its partner offerings for the legal and insurance sector – or for any user with Outlook, Gmail or a web email, but also now adds “in-the-moment-of-sending” email encryption compliance. Both transmit email encrypted via RPost Registered Email™ messages, adding additional value; tracking timestamped delivery and opening, proving pre-and-post placement correspondence content to protect against E&O issues, and providing a message-level audit record of fact of email privacy compliance. This is powerful stuff for us non-famous people!
Frank Sentner, principal of Sentwood Consulting, and an InsurTech guru of 45 years stated at a recent event that the latest versions of RMail also sufficiently address emerging security needs: “I’m pleased to see that RPost continues to innovate to this day, for the benefit of many in insurance and other industries.”
Please contact us to discuss how you can get started with RMail so as not to join the growing list of non non-famous people who are the victims of cyberattacks.
January 27, 2023
January 20, 2023
January 13, 2023
January 06, 2023
December 30, 2022