--- title: "Cybersecurity Updates For The Week 18 of 2021 | Phish Protection" description: "Phishing prevention best practices can be identified when studying the recent attack trends and creating or looking for anti-phishing solutions accordingly." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-18-of-2021.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-18-of-2021/" --- Quick Answer \[Phishing prevention best practices\](https://www.duocircle.com/content/protection-from-phishing) can be identified when studying the recent attack trends and creating or looking for \*\*anti-phishing solutions\*\* accordingly. This week's phishing headlines serve the purpose of identifying security measures by highlighting the most significant cyber incidents throughout the week Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-18-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2018%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-18-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-18-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-18-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2018%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2018%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-18-of-2021%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/04/anti-phishing-protection-3853.jpg) [Phishing prevention best practices](https://www.duocircle.com/content/protection-from-phishing) can be identified when studying the recent attack trends and creating or looking for **anti-phishing solutions** accordingly. This week’s phishing headlines serve the purpose of identifying security measures by highlighting the most significant cyber incidents throughout the week ### Cyber Incident At Matthew Clark Bibendum _Alcoholic beverages and soft drinks distributor Matthew Clark Bibendum (MCB) recently underwent a cybersecurity incident that brought down its IT systems_. The two constituent businesses Matthew Clark and Bibendum said that they are handling all customers and suppliers manually for all UK and Ireland customers. The Dublin-headquartered C&C Group owns MCB, and its IT systems haven’t been affected by this incident. MCB, on the other hand, was quick to implement its cybersecurity [response plan](https://portswigger.net/daily-swig/drinks-giant-c-amp-c-group-subsidiary-shuts-down-it-systems-following-security-incident?&web%5Fview=true) and shut its system to contain the attack. MCB is taking [phishing prevention](https://www.duocircle.com/email/phishing-protection) measures now and has extended its call-center capability to complete orders manually. It also informed law enforcement and the Information Commissioner’s Office. _The company is also informing customers and suppliers of the breach_. MCB has, however, refrained from commenting further on the incident. ### Data Breach At Eversource Leaks 11k Customers’ Data _New England’s latest and largest energy delivery company, Eversource, underwent a data breach recently_, which exposed the **personal details of 11,000** Massachusetts-based customers. These details included their names, phone numbers, addresses, account numbers, social security numbers, and service addresses. The breach was detected in an internal [security review](https://www.bleepingcomputer.com/news/security/eversource-energy-data-breach-caused-by-unsecured-cloud-storage/?&web%5Fview=true) at Eversource, where they discovered a misconfigured cloud data storage folder. _The unsecured cloud storage servers could be accessed by anybody online_. _Eversource has found no evidence of the data being acquired or misused by unauthorized parties_. But it is nonetheless informing and warning customers to watch out for **phishing emails**. Eversource is ensuring [protection against phishing](https://www.duocircle.com/email/phishing-protection) by providing one year of free identity monitoring to its customers. The folder, too, has been secured. ![Anti phishing protection](https://media.mailhop.org/phishprotection/images/2021/04/anti-phishing-protection-3853.jpg) ### MI5 Launches New Education Campaign Of British Linkedin Users Off late, the professional networking space _LinkedIn has been taking the limelight in cybersecurity headlines for the fake profiles and data exfiltration incidents launched there_. Considering this threat factor, the British security agency MI5 has taken the initiative to educate UK nationals on the risks associated with **malicious LinkedIn profiles** via its campaign ‘Think Before You Link.’ _Over time, atleast 10,000 UK nationals have experienced some fraud related to fake LinkedIn profiles_. These fraudulent profiles are usually linked to hostile states. MI5 realizes the implications of losing their (British citizens) sensitive information to such malicious actors. Therefore, it has launched the [education campaign](https://www.darkreading.com/attacks-breaches/foreign-spies-target-british-nationals-with-fake-social-media-profiles/d/d-id/1340767?&web%5Fview=true) _Think Before You Link_ to inform and train UK nationals on _avoiding disclosing personal details_ to foreign spies on LinkedIn. LinkedIn, too has welcomed this [anti-phishing protection](https://www.duocircle.com/email/phishing-protection) measure undertaken by MI5. ### Over 750,000 Users Download Malicious Billing Apps _The Joker malware is infamous for getting past Google Play defenses and making fraudulent apps available in Google Play_. This latest research by cybersecurity firms McAfee and Trend Micro track down nine such fraudulent billing apps under the threat actor Etinu. These [malicious apps](https://thehackernews.com/2021/04/over-750000-users-download-new-billing.html?&web%5Fview=true) are Barber Prank Hair Dryer, Clipper, and Scissors; Keyboard Wallpaper; Cool Girl Wallpaper/SubscribeSDK, PIP Photo Maker, Pop Ringtones for Android, 2021 Wallpaper and Keyboard, Keyboard Wallpaper, PIP Camera, and Picture Editor. The apps have been downloaded **over 750,000 times** in the Arabian Peninsula and Southwest Asia before they were identified and removed. These billing fraud apps get into Google Play in the first place using versioning. _They then steal SMS messages, device information, and users’ contact lists and make unauthorized purchases_. The user details compromised in the process include the phone number, carrier, IP address, SMS message, IP address, network status, country, etc. All those users who believe that they have unknowingly installed any of these malicious apps must pay heed to [phishing prevention tips](/content/phishing-prevention/), look out for unauthorized transactions and be analytical before downloading apps, even from the official app store. ### Dating App ManHunt Undergoes Breach _The website of the twenty-year-old online dating app for men, ManHunt, was compromised by [malicious third parties](https://www.infosecurity-magazine.com/news/dating-service-suffers-data-breach/?&web%5Fview=true) recently_, which has exposed the personal details of about 7700 of its Washington-based users. ManHunt’s account credential database was leaked in the incident, which contained user details such as email addresses, usernames, and passwords. As part of its measures to [prevent phishing](/) attacks, ManHunt imposed a password reset for all users. _It also hired a team of external cybersecurity experts to investigate the breach_. Fortunately, no card details, messages, user images, or other profile-related information was compromised in the incident. ### Flixonline, The New Netflix Variant You Need To Stay Away From A malicious Netflix variant is circulating among Android users, which promises users two months of free premium Netflix subscription. But in reality, it’s the _**malware FlixOnline** getting into users’ devices and spying and controlling their Whatsapp_. Upon installation, FlixOnline asks users for overlay permissions (Battery Optimization include) as it helps to ensure that the device doesn’t auto terminate the software to save power. _The malicious app intercepts all Whatsapp chats and auto-responds to them_ by sending a text promoting the same ‘two months of free Netflix’ scam. The message contains a link to a [fraudulent Netflix website](https://cyware.com/news/flixonline-poses-as-netflix-to-steal-whatsapp-conversations-data-a0ef3286) that aims to steal victims’ credit card credentials. _There has been a sudden surge in the spread of wormable Android malware like FlixOnline_. A seemingly harmless app that delivers what it promises can also be **secretly spying** on our Whatsapp and financial apps. Users must avoid reacting to messages from sources and take necessary measures to _protect yourself from phishing_. ![Anti phishing protection](https://media.mailhop.org/phishprotection/images/2021/04/anti-phishing-protection-3854.jpg) ### Major Cybersecurity Incident At Codecov Codecov is a San Francisco-based company making software auditing tools for developers to test the efficiency of their codes. In the latest incident, _cyber adversaries have compromised one of Codecov’s software development tools_. Now they are using automation to access, copy and steal hundreds of Codecov networks. The attack has expanded ever since the threat actors are using Codecov to compromise other software development program makers and technology service providers such as IBM. _Such an invasive approach is sure to help adversaries gain access to thousands of restricted systems_. While the likes of IBM have reported no code alterations, they are yet to comment whether access credentials to their systems were compromised. After the FBI took over the case, several victims (including private securing firms) have been notified about the Codecov incident. However, the silver lining is that even Codecov users who were [seemingly unaffected](https://www.reuters.com/technology/codecov-hackers-breached-hundreds-restricted-customer-sites-sources-2021-04-19/) by the incident are adopting [phishing protection](/) measures. Experts say that the efforts involved in the Codecov incident are similar to that of the 2020 SolarWinds attack. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 18 of 2021","description":"Phishing prevention best practices can be identified when studying the recent attack trends and creating or looking for anti-phishing solutions accordingly.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-18-of-2021/","datePublished":"2021-04-26T10:41:46.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-04-26T10:41:46.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-18-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1112,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/04/anti-phishing-protection-3853.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 18 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-18-of-2021/"}]} ```