Account takeover and concert ticketsWhat do the world's most famous pop star and account takeovers and data leaks have in common? What does this have to do with platform protection? Find out here!
Stealer logs: How hackers gain access to vehicle functions through stolen login dataTogether with ZDF WISO, we show how criminals can use stolen login data from stealer logs to locate, open and drive away cars.
Phishing #7: Social EngineeringIn this special edition of our phishing series, we explore social engineering. We show how it works in real life and how it can impact the digital world.
Phishing #6: Spearphishing, Watering-Hole Attack and Whaling AttacksDiscover the dangers of spearphishing, watering hole, and whaling. Learn how these phishing methods work and how to spot them.
Effects of Account TakeoverIdentity theft appears in fake contracts and hijacked accounts. We highlight the non-technical consequences of account takeover.
The invisible threat: How stealer malware steals your informationOur article explains stealer malware, which steals sensitive data. We explore its operation, infection origins, and provide tips on defense measures.
ProSBAcT Unites Identeco and StartUp Secure in Battle Against Account TakeoversStarting in June 2023, the project ProSBAcT begins with StartUp Secure of the FMER. We share goals, collaborations, and how ProSBAcT enriches our work.
Phishing #5: Malvertising, Https-Phishing und Evil TwinOur blog series on phishing continues. Learn about malvertising, HTTPS phishing, and Evil Twin, as well as how to protect yourself from these attacks.
Man-in-the-Middle Attacks: How do you protect yourself from the invisible threat?Man-in-the-middle attacks redirect connections to a website to eavesdrop on user input. Learn how to protect yourself.
World Password Day 2023 - Current RecommendationsWorld Password Day in May highlights the importance of strong passwords. NIST and BSI recommend passphrases, MFA, and regular checks for compromise.
Phishing #4: Pharming Attack, Browser in browser Attacks and Doc Clouding AttacksLearn about phishing types like pharming (redirection to fake websites) and doc clouding (attackers sharing links while posing as colleagues).
Multifactor Authentication (MFA): Only as strong as the weakest link in the chainIn this article we are discussing multifactor authentication. The different kinds will be explained, as well as some examples of possible attacks.
Phishing #3: Smishing, Vishing and Email Clone PhishingWe present three types of phishing attacks: smishing, vishing, and email clone phishing. The goal is to obtain information or install malware.
Verify Login Credentials to Protect against Credential-Stuffing AttacksOnline platforms must ensure high security standards to protect users from ATO attacks. A specialized service provider offers advantages.
Credential Stuffing: A Threat to Online Platforms and Their UsersCredential stuffing with leaked login data threatens web portals. Service providers offer secure solutions through regular checks for leaked credentials.
How often should you change your passwords?After choosing the right password, the question arises if and how often you should change your passwords.
Phishing #2: CEO Fraud, Corporate Phishing and Angler Phishing AttacksIn this second part of our series on Phishing CEO Fraud, Corporate Phishing and Angler are introduced.
Phishing #1: Email Phishing, Baiting and Search Engine PhishingAs the start of a series, this first article introduces email phishing, baiting, and search engine phishing, showing how users are deceived.
Deutsch
English
