A personal encounter with email and other fraud, Google warns of email takeovers, and the U. S. telco industry continues to reel from the impact of a massive infiltration by Chinese hackers. This is Cybersecurity Today. I'm your host, Jim Love.
So nobody would spend a significant amount of money without us discussing it. But they asked for too much and they spent too little time on the description of the services and their fake, but otherwise everything else was unbelievably believable. A second invoice came in for another smaller amount the same week, and it actually had our accountant following up with the company to ask questions about the amount due again, it wouldn't have slipped through our approval process because we're cheap and everything gets questioned.
I mentioned there were three of these hack attempts last week. We got an email from one of our employees asking us to have their pay sent to a new banking number. It was very well done. So if you haven't done so, you might want to take a step back and review your own email approval processes. Maybe like you should have with your kids in an era of deep fakes, you might need the equivalent of a safe word. Love to hear your solutions and ideas about this. Please send them to me. Yeah, I know.
Session cookies, which keep users logged in without re entering passwords, are particularly vulnerable when devices are compromised. Once inside, attackers move quickly, changing the account credentials and recovery methods, effectively locking out the rightful owner.
They say to monitor for changes, review recent account activity and update your settings and enable added security measures, two factor authentication or physical security keys or pass keys for stronger protection. But this warning isn't limited to Gmail users. Session cookie theft, which allows attackers to bypass passwords and two factor authentication is on the rise on all email platforms.
, I've also been advising people to fully log out of their email sessions when they're done, leaving their email opener or checking those remember me boxes that extend the life of session cookies. Probably not a good idea regardless of how convenient it is.
As email remains the cornerstone of personal and professional communication. This has got to be a wake up call for users and corporate security people to help strengthen defenses, whether you're a Gmail user or on another platform, the proactive measures can save you from some devastating breaches. And the fallout continues as the scope of what can only be called the total infiltration of the U. S. telecom providers as telcos and regulators come to terms with the difficulty of how to evict Chinese backed hackers from their networks.
T Mobile, as we mentioned last week, fared better than other providers, thanks to its fully wireless 5G based network. With no legacy landline system, the company was able to quickly detect and block an attempted intrusion through a wireline partner. However, other providers are facing greater risks due to their reliance on older, more complex infrastructure.
And that's our show for today. You can find links to reports and other details in our show notes at technewsday. com. We welcome your comments, tips, and the occasional bit of constructive criticism at editorial at technewsday. ca. I'm your host, Jim Love. Thanks for listening.