This Week in Security News: Tax Scams and Spam Emails

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how criminals can use tax deadlines for social engineering schemes and redirection URLs in spam emails to sidestep spam filters.

Read on:

Beware Tax Scams and Sextortion Blackmail Attempts as Email Scams Worsen

Criminals often use the April 15th tax filing deadline in the United States for social engineering schemes to make victims share their credentials, money and personal information – costing 12,000 victims a total of $63 million in 2018.

Singapore Updates Guidelines on Data Breach Notifications and Accountability

Expected to be part of the upcoming amendment to Singapore’s data protection law, the new guidelines state that businesses must take no more than 30 days to investigate a suspected breach and notify the authorities 72 hours after completing their assessment of the breach.

Celebrating the Next Generation of Technology Innovators

Trend Micro and its venture capital arm Trend Forward Capital held a pitch-off competition for ambitious start-ups, where office automation company Roby won the $10,000 Forward Thinker Award.

Millions of Instagram Influencers Had Their Private Contact Data Scraped and Exposed

A massive AWS-hosted database containing contact information of millions of Instagram influencers, celebrities and brand accounts was found online exposed and without a password, allowing anyone to look inside.

Trickbot Watch: Arrival via Redirection URL in Spam

Trend Micro discovered a variant of the Trickbot banking trojan using a redirection URL in a spam email to sidestep spam filters that may block Trickbot at the onset.

Florida Governor Announces Cybersecurity Review Following Election Hacking Revelations

The state of Florida will conduct a cybersecurity review into election security for every county in the state after it was revealed two counties were hacked during the 2016 election.

Ryuk Ransomware Shows Diversity in Targets, Consistency in Higher Payouts

Ransomware’s persistence is best embodied by a relatively new breed of ransomware, Ryuk, which has been making waves recently with multiple incidents occurring over the past year.

TalkTalk Admits New Failings in 2015 Data Breach Notification

UK telecom company TalkTalk has admitted that it failed to notify 4,545 customers affected by the cyberattack in 2015 that exposed personal details of more than 150,000 customers.

Cyberextortionists Wipe Over 12,000 MongoDB Databases

Over the past three weeks, over 12,000 MongoDB databases have been deleted, with attackers from hacking group Unistellar demanding ransom in return for their restoration.

What are some of the warning signs of spam that you look for in your emails? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.