--- title: "Cybersecurity Updates For The Week 22 of 2021 | Phish Protection" description: "Cybersecurity Updates For The Week 22 of 2021: Phishing attacks have targeted organizations worldwide in the bygone week, and the headlines roar out to." image: "https://phishprotection.com/og/blog/cybersecurity-updates-for-the-week-22-of-2021.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-for-the-week-22-of-2021/" --- Quick Answer \*\*Phishing attacks\*\* have targeted organizations worldwide in the bygone week, and the headlines roar out to netizens to adopt the \[best phishing prevention practices\](/resources/phishing-prevention-best-practices/). Here are the latest phishing headlines from across the world to keep you abreast of the latest modus operandi of threat actors, so you are better equipped to keep your information assets secure. Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-22-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%2022%20of%202021&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-22-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-22-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-22-of-2021%2F&title=Cybersecurity%20Updates%20For%20The%20Week%2022%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%2022%20of%202021&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-for-the-week-22-of-2021%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2021/05/ceo-fraud-1561.jpg) **Phishing attacks** have targeted organizations worldwide in the bygone week, and the headlines roar out to netizens to adopt the [best phishing prevention practices](/resources/phishing-prevention-best-practices/). Here are the latest phishing headlines from across the world to keep you abreast of the latest modus operandi of threat actors, so you are better equipped to keep your information assets secure. ### \*\*\*\* Avaddon Ransomware Hits Acer Finance Acer Finance is a French financial consultancy firm offering financial planning, risk management, advisory, mutual funds, and analysis services. The Avaddon ransomware gang, which has been making the headlines frequently, _recently attacked Acer Finance and stole a vast expanse of its sensitive data_. _The adversaries have given Acer Finance 240 hours to comply with the ransom demands before they leak all of Acer’s valuable records_. Avaddon has posted personal documents, ID cards, and screenshots of folders with stolen data as proof of the attack. Avaddon claims to have stolen confidential data belonging to Acer Finance’s employees and clients. It also posted a note on its leak site informing the firm of the attack and the types of records it has in its possession. These include employees’ information, agreements, data from the secretariat, personal correspondence, payment forms, licenses, etc. The [ransomware gang](https://securityaffairs.co/wordpress/117991/cyber-crime/avaddon-ransomware-acer-finance-axa.html?web%5Fview=true) also warned the firm that nothing but the decryptor could decrypt their data. Acer Finance must also be ready with its [anti-phishing solutions](/) as Avaddon has forewarned a **DDoS attack** in case of non-compliance to ransom demands. ![Ceo fraud](https://media.mailhop.org/phishprotection/images/2021/05/ceo-fraud-1561.jpg) ### Graduating Students In US Lose $80-$1200 As Cap And Gown Supplier Undergoes Cyberattack Herff Jones is a famous U.S. company selling caps and gowns and hence frequented by graduating students. Recently, many students graduating from U.S universities ((Boston, Indiana, Maryland, Illinois, Houston, Delaware, Pennsylvania, Michigan, New York, Wisconsin, Arizona, Florida, North Carolina, California, etc.) have reported [fraudulent transactions](https://www.bleepingcomputer.com/news/security/herff-jones-credit-card-breach-impacts-college-students-across-the-us/?&web%5Fview=true) in their credit cards after using it at Herff Jones. The company had hitherto been unaware of the security incident and only began its investigations after the student reports started flooding social media. Beginning last Sunday, these reports continued throughout the week where _students warned fellow graduating students to look out for suspicious activities and illegal charges on their cards_. As a measure for [protection against phishing](/), students are canceling their payment cards. Meanwhile, Herff Jones has apologized to all customers for this security breach and shall notify all victims in due course. It has hired a leading cybersecurity firm to take charge of the investigation as part of its **phishing attack prevention** measures. ### Ransomware Hits Waikato District Health Board _A **ransomware attack** brought down New Zealand’s Waikato District Health Board_ (DHB) systems and its affiliates recently. The unknown ransomware is suspected of entering Waikato DHB’s system via an email attachment, and ironically, all IT systems except email have been impacted. As a result of the attack, clinical services and surgeries were disrupted, and the hospital staff has come down to [pen and paper](https://www.theregister.com/2021/05/19/new%5Fzealand%5Fhospitals%5Ftaken%5Fdown/?&web%5Fview=true) to keep things running. The hospital is taking all [phishing prevention](/) measures and working with government departments to get to the roots of this attack. As Waikato DHB endeavors to restore its systems, it has _decided against paying any ransom to the adversaries_. It has been suggested that patching systems might take time, but Waikato DHB will eventually get there. ### Phishing Attack Hits Domain Group _Domain Group, an Australian digital real estate business, underwent a **phishing attack** recently._ Domain Group’s CEO Jason Pellegrino stated that adversaries accessed the company’s administrative systems to trick people who had made a rental property inquiry. The company’s prospective clients were sent [emails asking](https://www.zdnet.com/article/domain-group-says-phishing-attack-targeted-site-users/?&web%5Fview=true) for a deposit to secure a rental property. Although the adversaries had a good scam going on, very few Domain Group customers were affected by the attack. _The firm pointed out that people are vigilant these days and verify the authenticity of an email before believing it_. As part of the measures to [prevent phishing](/) attacks, Domain Group has implemented additional security protocols and collaborated with external security experts. ### The Alaska Department Of Social Services And Health Undergoes Malware Attack _The Alaska Department of Health and Social Services underwent a malware attack recently_. Consequently, the DHSS website, the state’s vital records system, background check system, behavioral health, substance abuse management system, etc., were [brought down](https://www.govinfosecurity.com/alaska-health-department-services-affected-by-malware-attack-a-16708?&web%5Fview=true). However, third-party services such as data dashboards and vaccine appointment scheduling can still be accessed on covid19.alaska.gov. The department has initiated its [phishing attack prevention](/products/advanced-threat-defense/) measures and announced that the website would be down until further details about the attack are known. The DHSS has informed the concerned authorities and is doing everything possible to provide continued services to providers and beneficiaries. ### Beware Of Amazon Vishing Attacks Cybersecurity vendor Armorblox recently published two case studies on Amazon **vishing attacks** that speak out to online shoppers. In the first attack scheme, _the adversaries sent a malicious email with the subject Invoice: ID to around 9k users_. The email was from a Gmail account and used the same color markers as Amazon. The email informed users of an order placed from their account for a television and gaming console. It contained a contact number that connected users to a fake Amazon customer service staff. Talking to this person and giving away our order details, username, and credit card details would mean an accomplished mission for the scammers. In the second attack example that reached 4k inboxes, the attackers sent an email titled ‘A shipment with goods is being delivered from a seemingly genuine address.’ Like the former example, this email could bypass Microsoft Defender for Office 365 (MSDO) and Microsoft Exchange Online Protection (EOP) spam filters. It contained a $556.42 payment amount, an order number, and a phone number for the email recipients to place return requests. These [phishing emails](https://www.zdnet.com/article/fraudsters-employ-amazon-vishing-attacks-in-fake-order-scams/?&web%5Fview=true) come without any malicious links or attachments and therefore can bypass **spam filters** easily. Users must adopt [robust phishing prevention](/) measures and never call numbers that come attached in such random emails. ![Ceo fraud](https://media.mailhop.org/phishprotection/images/2021/05/ceo-fraud-1562.jpg) ### A Eufy Server Upgrade Makes Users’ Private Feeds Public Eufy home security cameras owned by the Chinese company Anker are widely used for home vigilance purposes. However, _a recent Eufy update caused much inconvenience to users and compromised their privacy_. An internal bug in Eufy’s updated software, which lasted for an hour before being detected and fixed, allowed users to view, zoom, pan, control, and access the home-video feeds of fellow Eufy users. The addresses, names, and other details of users could also be accessed. The security flaw lasted for an entire day, allowing users to get into the [private space](https://threatpost.com/eufy-cam-private-feeds/166288/?web%5Fview=true) of other Eufy users across the globe. Anker quickly fixed the issue and implemented measures for [protection from phishing](/) attacks, but the vulnerability has made its customers rethink their options. First spotted by a Eufy customer who had logged in to view his own camera’s live feed and saw another lady’s house footage instead, incidents like this are not uncommon for cloud-based home-security cameras. When users spot such **security malfunctions** in their cloud-based appliances, they must immediately shut down all connected gadgets to minimize risk to their private life and details. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 22 of 2021","description":"Cybersecurity Updates For The Week 22 of 2021: Phishing attacks have targeted organizations worldwide in the bygone week, and the headlines roar out to.","url":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-22-of-2021/","datePublished":"2021-05-26T11:00:27.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2021-05-26T11:00:27.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-22-of-2021/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":1197,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2021/05/ceo-fraud-1561.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 22 of 2021","item":"https://phishprotection.com/blog/cybersecurity-updates-for-the-week-22-of-2021/"}]} ```