---
title: "Cybersecurity Updates For The Week 12 of 2020 | Phish Protection"
description: "Cybersecurity Updates For The Week 12 of 2020: The cyber-world remains dynamic because of the many attacks that are launched on companies and individuals."
image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-12-of-2020.png"
canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2020/"
---

Quick Answer

The Security Incident Investigation and Response Department of Heimdal have discovered a new \[phishing scam that targets LinkedIn accounts\](https://heimdalsecurity.com/blog/linkedin-onedrive-phishing-campaign/?web\_view=true). In this attack, \_a malicious link embedded in a Microsoft Word document is shared via OneDrive\_. If a victim falls for the trick and clicks on the OneDrive link, then he gets redirected to the \*\*fraudulent OneDrive page\*\*. \_This page asks you to log in to your Microsoft account even if you already are logged in\_. Another page appears after the

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2012%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2012%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2012%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-12-of-2020%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/03/phishing-prevention-6443.jpg) 

_The cyber-world remains dynamic because of the many attacks that are launched on companies and individuals every day_. The following news headlines from the past week in cybersecurity shall help you better plan your [phishing prevention](/) strategy:

### Phishing Scam Targets Linkedin Accounts

The Security Incident Investigation and Response Department of Heimdal have discovered a new [phishing scam that targets LinkedIn accounts](https://heimdalsecurity.com/blog/linkedin-onedrive-phishing-campaign/?web%5Fview=true). In this attack, _a malicious link embedded in a Microsoft Word document is shared via OneDrive_. If a victim falls for the trick and clicks on the OneDrive link, then he gets redirected to the **fraudulent OneDrive page**. _This page asks you to log in to your Microsoft account even if you already are logged in_. Another page appears after the victim enters his details in the **credential-stealing form**, which is an error page.

To protect yourself from **phishing attacks** of this sort, you must incorporate specialized [anti-phishing solutions](/products/advanced-threat-defense/) such as DNS and HTTPS filtering. Although no cases have been reported so far, _people are still advised to remain vigilant and prepared_.

### Security Threat To NIH’s Record System

The Health and Human Services’ Office of Inspector General audit revealed that the [phishing protection](/) measures of the National Institutes of Health (NIH) are [not adequate to safeguard](https://www.inforisktoday.com/watchdog-finds-security-weaknesses-in-nihs-records-system-a-13918?&web%5Fview=true) its electronic health records system from prospective **phishing attacks**. Weaknesses in its access controls, contingency planning, and IT maintenance were pointed out. _The NIH had not updated its servers and software in addition to not deactivating outdated user accounts_.

However, they are now working to ensure [protection against phishing](/) by following NIST guidelines.

![Phishing prevention](https://media.mailhop.org/phishprotection/images/2020/03/phishing-prevention-6443.jpg) 

### Serious Hints At Phishing: Akamai CDN

The Akamai Content Delivery Network (CDN) recently conducted research where it found **over 2.4 million** people to be victims of some [1,221 phishing domains using Akamai’s network](https://www.securityweek.com/akamais-cdn-logs-uncover-emerging-phishing-attacks?&web%5Fview=true). Security researcher Or Katz from Akamai said that _these phishing attacks targeted these many people in just four months only_. A rise in attacks was seen during the festive season. _The research further revealed that attackers mostly target media and e-commerce_.

The research findings highlight the bleak [anti-phishing protection](/products/advanced-threat-defense/) measures that are in place and suggest that phishing is not moving out of the picture any time soon.

### Fake Tech Support Company Owner Penalized

A technical support call-centre company called Tech Support was formed by an Indian college drop-out Amit Chauhan and his friend Sumit Kumar in January 2019\. To date, [they have successfully conned](https://www.infosecurity-magazine.com/news/delhi-police-bust-call-center/) over 40,000 victims out of over Rs. 60 crores (**8 million USD**).

Their scam was discovered by a British victim Jim Browning in a YouTube video where Jim mentioned how Tech Support claimed to resolve technical glitches by sending **malicious pop-ups**. _The two cons from Gurugram (New Delhi in northern India) are now penalized under India’s IT Act_.

### \*\*\*\*Beware Of Sextortion Emails With A Friend’s Reference

Researchers from IBM X-Force Threat Intelligence recently discovered the newest tactic of **Raccoon attackers**. They are sending out emails to victims with [nude extortion pictures of a friend’s girlfriend](https://www.bleepingcomputer.com/news/security/malware-spread-as-nude-extortion-pics-of-friends-girlfriend/?&web%5Fview=true). This is, however, _a trick to make people curious enough to click on the attachment and grant permissions_.

Once permissions are granted, _the malware payload gets automatically downloaded and installs the Raccoon info stealer_. As per the updates from IBM X-Force **Threat Intelligence** researchers, the affected domain has been brought down. But people should still subscribe to [email phishing protection](/office-365-phishing-protection/) services to ensure their safety.

### \*\*\*\*Week-Long Cyber Attacks On Factum Magazine

The Factum Magazine had to [endure a week-long cyber attack](https://securityaffairs.co/wordpress/99245/hacking/revista-factum-under-attack.html?web%5Fview=true) for investigating on the lack of transparency of El Salvador’s government. The government had launched a **phishing campaign** on the magazine via a computer engineer from the University of Oriente, El Salvador.

Reportedly, t\_he attacks on the magazine were part of a more significant attack to discredit the media\_. **Anti-phishing** measures by Qurium’s forensics investigation located the attacker to be from the Universidad de Oriente (UNIVO). The university, too, cooperated to particular extentrity beyond which it chose to remain silent.

### Cyber Attack Hits ENTSO-E

The European Network of Transmission System Operators for Electricity (ENTSO-E), which regulates Europe’s electricity markets [underwent a cyber attack recently](https://www.cyberscoop.com/european-entso-breach-fingrid/). However, _the attack did not affect any critical control systems and only brought down the IT systems_.

ENTSO-E is now taking measures to ensure [protection from phishing](/) to reduce losses from this attack and stop such attacks from targeting them in the future. 

### Ransomware Hits Fort Worth ISD

[A ransomware attack hit the Fort Worth](https://www.keranews.org/post/fort-worth-isd-hacked-joining-other-texas-schools-towns-hit-ransomware-attacks?&web%5Fview=true) Independent School District last week. As they recover from the attack, _utmost care is being taken to ensure that the most effective [phishing protection](/) service is used_. Hopefully, things shall function normally from next Monday, but there are chances of that getting delayed. _They are asking teachers not to rely on computers for some time and go back to the old school ways of imparting lessons_.

Spokesperson Clint Bond said that he, too, has been affected by the attack along with other district teachers and staff. _The attack also brought down the district website_. But the district shall not succumb before attackers and **do not plan to pay** any ransom. No personal or financial information on employees of students has been compromised in the attack.

![What is spear phishing](https://media.mailhop.org/phishprotection/images/2020/03/what-is-spear-phishing-6443.jpg) 

### New Phishing Tactic Uses HIV Fear

After the COVID-19 trick, attackers are now using HIV test results to make people open **malicious email attachments** that ultimately install malware on users’ devices. The adversaries have sent out over 200 emails to employees of big pharmaceutical, health care, and insurance companies in North America with fake HIV test results. _These emails may not necessarily convince the victim that it’s an actual report but triggers his curiosity, which is all that is needed to fall for the trap_.

This scheme was first discovered by security firm Proofpoint who has already begun blocking all such fake emails sent to its client. But their **anti-phishing tools** cannot possibly save all users targeted by the attackers. _Hence being cautious at a personal level is the only effective defense mechanism_.

### \*\*\*\*Secret Sharing App Leaks Data

The secret-sharing app Whisper has [left a database unprotected online](https://www.zdnet.com/article/whisper-an-anonymous-secret-sharing-app-failed-to-keep-messages-profiles-private/?&web%5Fview=true) since its inception in 2012\. _This database without passwords can be opened by anyone and reveals the private information of users_ such as their nicknames, stated ages, ethnicities, genders, hometowns, group memberships, and location details. 

This database was found and reported by independent researchers Matthew Porter and Dan Ehrlich. It leaked information belonging to around **900 million users**. To [prevent phishing attacks](/products/advanced-threat-defense/), Whisper restricted access, and plugged the authentication security gap.

### Protect Your Organization

- [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/)
- [See how Phish Protection blocks threats in real time](/anti-phishing-tools/)

## Topics

[ Announcements ](/tags/announcements/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Intermediate 5m  Cybersecurity Updates For The Week 33 of 2022  Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[  Intermediate 6m  Cybersecurity Updates For The Week 41 of 2022  Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[  Intermediate 5m  Cybersecurity Updates For The Week 1 of 2021  Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[  Intermediate 6m  Cybersecurity Updates For The Week 1 of 2022  Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 12 of 2020","description":"Cybersecurity Updates For The Week 12 of 2020: The cyber-world remains dynamic because of the many attacks that are launched on companies and individuals.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2020/","datePublished":"2020-03-20T05:15:36.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-03-20T05:15:36.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1097,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/03/phishing-prevention-6443.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 12 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-12-of-2020/"}]}
```