--- title: "Cybersecurity Updates For The Week 3 of 2020 | Phish Protection" description: "Cybersecurity Updates For The Week 3 of 2020: It seldom happens that the dynamic world around us witnesses a day without any activities. Particularly, in the." image: "https://phishprotection.com/og/blog/cybersecurity-updates-week-3-of-2020.png" canonical: "https://phishprotection.com/blog/cybersecurity-updates-week-3-of-2020/" --- Quick Answer It seldom happens that the dynamic world around us witnesses a day without any activities. Particularly,\_ in the world of cybersecurity, it is almost impossible for nothing significant to happen in a day\_. But how to keep abreast of all these \[anti-phishing solutions\](/) we must adopt against adversaries on a daily basis? As mind-boggling as this might seem, we are here to simplify things for you. The following is a list of the latest headlines from the world of cybersecurity, Share [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-3-of-2020%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cybersecurity%20Updates%20For%20The%20Week%203%20of%202020&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-3-of-2020%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-3-of-2020%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-3-of-2020%2F&title=Cybersecurity%20Updates%20For%20The%20Week%203%20of%202020 "Share on Reddit") [ ](mailto:?subject=Cybersecurity%20Updates%20For%20The%20Week%203%20of%202020&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fcybersecurity-updates-week-3-of-2020%2F "Share via Email") ![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2020/01/phishing-protection-7583.jpg) It seldom happens that the dynamic world around us witnesses a day without any activities. Particularly,\_ in the world of cybersecurity, it is almost impossible for nothing significant to happen in a day\_. But how to keep abreast of all these [anti-phishing solutions](/) we must adopt against adversaries on a daily basis? As mind-boggling as this might seem, we are here to simplify things for you. The following is a list of the latest headlines from the world of cybersecurity, handpicked by our team to fit your interests. ### Ransomware Attack Hits Foreign Exchange Firm Travelex [The foreign exchange firm Travelex recently got hit by a ransomware](https://in.reuters.com/article/us-britain-travelex-idINKBN1Z70VS) called **Sodinokibi**, which locked all its systems, compelling its employees to use pen and paper to serve its thousands of customers. _It has caused a global blackout on its online currency exchange services_. Travelex provides forex services for the customers of HSBC, Barclays, Virgin Money, and the banking arms of British retailers Tesco and Sainsbury. _Although Travelex is now trying to restore the systems it lost to the ransomware attack on January 2nd this year_, it has caused chaos in the lives of those who were on NewYear Holidays or business trips. While the companies associated with Travelex have extended apologies to their customers, the parent company of Travelex, Finablr Plc, says that they do not expect to suffer monetarily because of this attack. Travelex, for its part, says that they haven’t found any evidence of **data theft** yet. _Travelex has a broad user base spread across 70 nations, and this attack has made their shares suffer significantly._ Travelex is now doing everything to ensure [protection against phishing](/products/advanced-threat-defense/) by employing computer specialists and external cybersecurity experts who are working on isolating the virus. The VP for cybersecurity at a British web services firm, Nominet, Stuart Reed calls this attack on Travelex the “worst-case scenario” of ransomware crippling organizations. However, the silver lining amidst all this is that the other six brands under Finablr, namely, UAE Exchange, Xpress Money, Unimoni, Remit2India, Ditto, and Swych are unaffected and functioning normally. ### Phishing Attacks Target Cloud-Stored Data Of Users In the latest phishing innovation, [attackers have targeted Office 365 users](https://cyware.com/news/attackers-pick-up-nasty-phishing-tactic-to-gain-full-access-to-users-data-stored-in-the-cloud-eaefb105), whereby an email with a spoofed link reaches the user. First spotted in early December 2019, the phishing scheme takes the email recipients to a fake login **page resembling Office 365** titled ‘login.microsoftonline.com’. _This link silently pushes an app named officesuited\[.\]com after notifying Microsoft to forward the authorization token produced by a successful login from the target user_. The user then gets a prompt, requesting app permissions to read email, contacts, OneNote notebooks, access your file, read/write to your mailbox settings, sign in, read the user’s profile, and maintain access to data. Once the user commits the blunder of granting the requested permissions, the attackers can continue to access the account even after the user has changed the password. ![Phishing protection](https://media.mailhop.org/phishprotection/images/2020/01/phishing-protection-7583.jpg) The attackers are defying [phishing prevention software](/) by creating an app that uses information stolen from a genuine organization. Furthermore, they are also exploiting the‘add-ins’ feature of Outlook that can be installed from a file or URL from the Office store. What makes the app undetectable is the fact that it can be seen only by the system administrator responsible for managing user accounts. However, Microsoft had already disabled the app on December 19, 2019\. _To ensure protection from phishing attacks, Microsoft continuously looks out for new variations of the app and will disable them as soon as they spot these apps_. Besides, Office 365 administrators, too, are on guard and are actively looking for suspicious apps installed on their Office 365 environment. ### Ransomware Hits Contra Costa County Library System [A ransomware attack recently hit the Contra Costa County Library System](https://www.govtech.com/security/Bay-Area-Library-System-Suffers-Ransomware-Attack.html) with its 26 branches. They indirectly notified the public about the attack in a Facebook post where they said that _they are undergoing a “network outage” because of which all the 26 branches of the library are suffering_. On the system’s website, the message reads: “Our network is currently down and patrons are unable to login at this time. We are investigating the issue and will establish service as soon as possible.” The officials engaged in [anti-phishing protection](/office-365-phishing-protection/) at the county library system are trying to determine the data compromised in the breach so that they can protect the identities of all their residents. They have notified that the infected servers have been brought down and that the library services would operate normally now. The Contra Costa County Library officials have taken this attack very seriously and are incorporating **phishing prevention best practices** to ensure that no such malware can attack them in the future. The library collects names, addresses, phone numbers, e-mail addresses, and birth dates from its members. Earlier, they used to collect driver’s license information as well but have refrained from doing so for the past year. No driver’s license details now exist in their customer records. Hence, we can assume that no other information such as Social Security Administration numbers stands a chance of being compromised because of this attack. The library has further notified that no personal details of members have been lost as the database containing library card accounts and transactions was not affected in the attack - nonetheless, _they advise members to keep checking their financial statements from time to time_. ### Alomere Health Lost Almost 50,000 Patient Details To Data Breach The Minnesota-based community-owned and non-profit general medical and surgical hospital, [Alomere Health recently underwent a data breach](https://cyware.com/news/minnesota-hospital-breach-impacts-personal-and-medical-data-of-50000-patients-9eaec0ec), which has put the personal and medical information of **around 49,351 patients** of the hospital at stake. Alomere Health has been marked as one of the top 100 hospitals by Thomson Reuters for two consecutive times, and a phishing attack of this magnitude is sure to affect its reputation. The hospital said that it first noticed illegal access to one of its employee email accounts between October 31, 2019, and November 1, 2019\. And then, a second unauthorized access activity was reported on November 6\. Some patient information is assumed to have been compromised from that account, which includes patient details such as their names, addresses, dates of birth, and medical information such as record numbers, health insurance information, treatment information, and diagnosis information. In some cases, the Social Security numbers (SSNs) and driver’s license numbers, too, were compromised. The hospital started informing its patients about the data breach on January 3, 2020. The hospital administration immediately took investigative measures and reviewed the emails and attachments in the accounts to understand the impact of the attack. The hospital started notifying its patients of the security breach incident on January 3, 2020\. _To [prevent phishing](/) attacks in the future, the hospital has installed stricter security measures for all the Alomere Health employee email accounts_. They have also extended free credit monitoring and identity protection services to all patients. ### Once Again Tiktok Found With Security Flaws The Chinese app with the maximum number of downloads is once again in the headlines because of a **security flaw**. _The US army and navy have boycotted TikTok on the grounds of stealing user information and spying on Americans_, but Tiktok has refuted the accusations all along. Now, a new set of [security flaws have been detected within the app](https://www.nytimes.com/2020/01/08/technology/tiktok-security-flaws.html). These are: - It allows attackers to send messages with malicious links to TikTok users. Clicking on these links would enable an attacker to control user accounts, including uploading videos or gaining access to private videos. - It allows attackers to retrieve personal information from TikTok user accounts through the company’s website. - Yet another flaw allows attackers to use a link in TikTok’s messaging system to send users messages that seemingly are from TikTok. TikTok claims that it had fixed the flaws by December 15th after learning about them on November 20th, but people are still skeptical about the app’s [phishing prevention](/) measures. It seems that the world is on one side and _TikTok on the other because TikTok authorities continuously keep talking about their commitment to security while the world goes on finding faults in their security measures_. The head of TikTok’s security team, Luke Deshotels says that they are earnest about protecting their users’ details and that no incidents of customer records being compromised in a breach or an attack have been reported as yet. Among other vulnerabilities with the app is its susceptibility to a type of attack that **injects malicious code** into trusted websites. _The app is also accused of illegally collecting personal information from minors_. It further violated the Children’s Online Privacy Protection Act (COPPA) that states that websites and online companies must direct children under 13 to get parental consent before their personal information could be collected. ### Google To Pay $7.5 M In Settlement For G+ Data Breach [Google has recently proposed to pay $7.5 million as a settlement](https://cyware.com/news/google-reaches-75-million-settlement-over-google-data-breaches-c74d42d5) fund to settle class-action lawsuits filed against it regarding the data breach of personal information of over ten million Google+ users. \_ Google had announced the shutdown of Google+ by August 2019 because of a bug in its system that has exposed the personal data of over 5,00,000 users since 2015\_. The information at stake included the full names, email addresses, birth dates, gender, profile photos, places of residence, occupation, and relationship status of the users. Besides, Google, in December 2018, also revealed another bug in a Google+ API that exposed data from **52.5 million user accounts**. This flaw did not disclose users’ financial data, passwords or Social Security numbers, but it did compromise the other sensitive details such as their names, ages, email addresses, and occupation. Since Google+ continues to operate, Google has proposed this settlement amount to pay for class claimants and attorney’s fees and costs. Google would pay for its weak system by allowing persons with Google+ accounts between January 2015 and April 2, 2019, to submit claims if their non-public information was exposed. ### Ransomware Hits Pittsburg Unified School District While the schools in the Pittsburg Unified School District were on winter break, [attackers hit their systems with ransomware](https://www.securityinfowatch.com/cybersecurity/news/21120541/hackers-hit-calif-school-district-with-ransomware-attack) that has led to the shutdown of the district’s email and server. Janet Schulze, who is the superintendent, informed that the infected servers were immediately brought down. Schulze also informed that _the school officials were working with two external information technology firms and lawyers and found no evidence of any compromise of personal details_. Most schools in the district were to reopen on the 7th of January, and they will probably have to teach without laptops and the Internet. ![Phishing email prevention](https://media.mailhop.org/phishprotection/images/2020/01/phishing-email-prevention-7537.jpg) The school district continues to work in collaboration with [phishing protection](/) services and has said that not much has been found out so far, so they will refrain from disclosing things until something concrete has been figured out about the attack. ### Erie Town Undergoes BEC Scam [A loss of more than $1.01 million struck the town of Erie](https://cyware.com/news/town-of-erie-reports-bec-scam-that-resulted-in-loss-of-over-1-million-5c7ec591) recently. Induced by a business email compromise (BEC) scam, _the attacker impersonated a person working for SEMA construction in the scheme_. This person requested for a change in payment information for the building contract of Erie Parkway Bridge. The administrator of Erie Town, Malcolm Fleming said that they received an email requesting a change in the form of payment from a person who had been working with them for the construction work on Erie Parkway Bridge since October 2018\. _The staff at the town made a quick check to ensure email phishing prevention, but they couldn’t verify the authenticity of the form with SEMA Construction_. Nonetheless, they accepted the form and updated the payment method. The payment was made on October 25, 2019. They came to know about this fraud only on November 5 when the bank notified them of the fraud attempt. They had to repay SEMA for the Erie Parkway Bridge on November 15, and this time they used physical checks. A total **loss of $1.01 million** was incurred in this episode. _They removed the fake contact form from their website and switched to the manual mode of payment for some time_. They are also working on hiring accounting and finance managers. _The scam is now being investigated by Erie’s police department and the Federal Bureau of Investigation_. ### ATM Skimmer Penalized For Theft Of Over $400,000 Bogdan Rusu, a member from a gang of **ATM skimmers** hailing from Queens, New York, was recently [penalized for committing bank fraud and stealing](https://www.zdnet.com/article/atm-skimmer-sentenced-for-fleecing-400000-out-of-new-jersey-banks/) over $400,000 from banks across Massachusetts, New York, and New Jersey. On average, _it takes less than 20 minutes to hack an ATM, and with the help of skimmers (a combination of card reader and camera), it becomes all the more easy to get card numbers and PINs_. These details are then used to create replicas of the card to use them in fraudulent transactions. Rusu and his gang have been compromising ATMs across the US from August 2014 to November 2016, robbing countless people and banks from different areas. It has been reported that a total of over **$390,141 was stolen** from victim bank accounts by this group of skimmers. Several arrests have been made following an investigation by the police departments throughout Massachusetts and Boston. Rusu was sentenced to five years in prison, followed by three years of supervised release, while 11 other skimmers have pleaded guilty. ### Cyber Attack Warning Used To Launch Cyber Attack An attacker played his cards well and launched a [phishing email attack by taking advantage of the recent warnings](https://www.bleepingcomputer.com/news/security/microsoft-phishing-scam-exploits-iran-cyberattack-scare/) from the U.S. The U.S. government has been notifying people to stay on guard for cyberattacks from Iran. In the scheme concocted by the attacker, _he sends out phishing emails where the mail appears to be from Microsoft MSA_ and has the following as its subject: “Email users hit by Iran cyber attack.” This email warns users that an Iranian cyber attack hit the servers of Microsoft and that they need to take immediate action if they wish to restore their accounts. The email informs users that as an **anti-phishing measure**, Microsoft was compelled to protect its users by locking their email and data on Microsoft’s servers. And to regain access to this locked data, the recipient has to log in again. _This email could get through the spam filters of Outlook spam filters_. Once a user clicked on the ‘Restore Data’ option, he shall be redirected to a phishing landing page impersonating the login form of Microsoft. However, this is not the legitimate Microsoft site. Upon entering the login credentials, the hacker gets access to these details and then can use them for other more severe attacks. Hence, _you need to be vigilant while dealing with strange emails that ask you to log in to your accounts out of the blue_. Examining the URLs of the attached links, too, is a simple and effective way to **protect yourself from phishing**. ### Protect Your Organization - [Learn how phishing attacks work and how to spot them](/learn-what-is-phishing/) - [See how Phish Protection blocks threats in real time](/anti-phishing-tools/) ## Topics [ Announcements ](/tags/announcements/) ![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) [ Brad Slavin ](/authors/brad-slavin/) General Manager Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base. [LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) ## Protect your inbox from phishing attacks Real-time email security with 60-day free trial. No credit card required. [Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) ## Related Articles [ Intermediate 5m Cybersecurity Updates For The Week 33 of 2022 Aug 22, 2022 ](/blog/cyber-security-news-update-week-33-2022/)[ Intermediate 6m Cybersecurity Updates For The Week 41 of 2022 Oct 21, 2022 ](/blog/cybersecurity-news-21-oct-2022/)[ Intermediate 5m Cybersecurity Updates For The Week 1 of 2021 Jan 1, 2021 ](/blog/cybersecurity-updates-for-the-week-1-of-2021/)[ Intermediate 6m Cybersecurity Updates For The Week 1 of 2022 Jan 7, 2022 ](/blog/cybersecurity-updates-for-the-week-1-of-2022/) ```json {"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]} ``` ```json {"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}} ``` ```json {"@context":"https://schema.org","@type":"BlogPosting","headline":"Cybersecurity Updates For The Week 3 of 2020","description":"Cybersecurity Updates For The Week 3 of 2020: It seldom happens that the dynamic world around us witnesses a day without any activities. Particularly, in the.","url":"https://phishprotection.com/blog/cybersecurity-updates-week-3-of-2020/","datePublished":"2020-01-16T12:54:19.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2020-01-16T12:54:19.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/cybersecurity-updates-week-3-of-2020/"},"articleSection":"intermediate","keywords":"Announcements","wordCount":2501,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2020/01/phishing-protection-7583.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}} ``` ```json {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Intermediate","item":"https://phishprotection.com/intermediate/"},{"@type":"ListItem","position":4,"name":"Cybersecurity Updates For The Week 3 of 2020","item":"https://phishprotection.com/blog/cybersecurity-updates-week-3-of-2020/"}]} ```