Category: What’s New in Technology

The New Face of Phishing: Techniques, Targets and Prevention

Phishing Attacks Phishing is a major threat that keeps evolving and has now become a sophisticated and costly cyber risk facing businesses of all sizes. Previously linked to malicious links in an email, phishing is now powered by AI, automation, and social engineering. The attacks have become harder to detect; they are faster to execute; and they can be very damaging if successful. With many business processes happening online – such as payments, approvals, and customer engagement – the attack surface has expanded, and so has the creativity of cybercriminals.

The Changing Landscape of Phishing

Modern phishing is unlike the previous suspicious and poorly written emails, and today cybercriminals are using AI tools to do many things, including:

  • Generate perfectly written and personalized messages – attackers can now easily analyze company websites, social media profiles, public reports, and employee profiles to clone the tone, style, and communication patterns. Messages appear legitimate when they reference recent projects or internal updates.
  • Generate deepfake audio and video – with readily available AI voice-cloning tools, a scammer can easily impersonate CEOs or CFOs and request urgent wire transfers or credential access.
  • Bypass MFA using real-time phishing kits – these kits mirror login screens of popular business tools such as Microsoft 365 or Google Workspace. An employee enters credentials and authentication codes into the fake page, giving attackers instant access.
  • Launch automated hyper-targeted attacks – with automation, criminals can target specific departments using tailored messages relevant to their daily tasks.

High-Value Targets Inside Organizations

Phishing attacks are no longer random but very strategic:

  • C-Suite executives – executives are prime targets due to their authority and access levels. If an executive is compromised, their inbox can be used to authorize payments or request sensitive data.
  • Financial teams – the accounts department faces fake invoice scams, fraudulent banking instructions, and impersonated vendor messages.
  • HR departments – attackers send fake resumes loaded with malware. They might also pose as job applicants to access employee data.
  • Remote and hybrid workers – these workers use shared Wi-Fi, personal devices, and unsupervised collaboration tools. This creates a wider entry point for attackers.
  • Customers and partners – attackers impersonate brands and trick customers into submitting payments or sensitive information through fake lookalike pages.
  • IT admins and system engineers are also valuable as they have privileged access.

Modern Phishing Techniques

Emails remain the dominant delivery method, but attackers have diversified to:

  • Quishing (QR Code Phishing)
    QR codes are everywhere: on flyers, delivery packages, restaurant menus, conference badge,s and more. However, QR codes can lead to malicious sites or credential harvesting pages.
  • Search Engine Phishing or Malvertising
    Fake ads appear above legitimate brands on search results that a user can click on –thinking it’s a legitimate link.
  • Browser-in-the-Browser Attacks
    These are fake login pop-ups that replicate trusted login screens. An employee will enter their credentials, thinking it’s a legitimate site, and this goes straight to attackers.
  • OAuth Application Scams
    Here, attackers don’t steal passwords. Instead, they trick users into granting access to a malicious app. Once the access is granted, the attacker has total access.
  • Deepfake Calls and Video Messages
    These may come as high-pressure video calls or messages from an executive requesting urgent action, emergency payment, or private documents.
  • Fake Travel and Expense Scams
    Taking advantage of corporate travel, attackers clone legit travel sites in order to steal credit card and employee information.

Prevention Strategies Every Business Must Adopt

Phishing is a problem that can’t be eliminated but can only be significantly reduced through a combination of technical measures and human risk management.

Prevention requires a combination of technology, processes, and people.

  1. Build a Security-Aware Culture
    Training must be continuous, engaging, and realistic. It should be conducted via simulation and scenario-based learning.
  2. Strengthen Email Authentication
    Implement modern AI-based email filtering tools to help detect anomalies that human eyes miss. Include identity verification protocols like DMARC, SPF, and DKIM to reduce spoofing attacks.
  3. Adopt Zero Trust Security
    Implement the “never trust, always verify” approach. Access should be limited, monitored, and timed out automatically. High-risk actions should trigger additional verification.
  4. Secure Remote Work
    Implement VPNs, approved devices, endpoint protection, encrypted storage, and clear policies.
  5. Implement Multistep Verification for Financial Transactions
    Require verbal confirmation or dual approvals for high-value transfers.
  6. Monitor Vendors and Partners
    Keep in mind, there is a sharp rise in supply-chain attacks. Regularly verify domains, emails, and communication from suppliers and partners.
  7. Have an Incident Response Plan
    Be ready with a response plan in case of a breach. Acting quickly will reduce potential losses.

Conclusion

Phishing has transitioned into a sophisticated threat targeting the core operations of a business. New phishing variants reveal how attackers continually evolve their techniques. With the right awareness, technology, and processes, organizations can significantly reduce exposure.

6506148 B2 Patent: Nervous System Manipulation – Is it Real or Just Paranoia?

Imagine someone manipulating how you feel. Of course, no one wants that. But how about being manipulated unknowingly? This is exactly what is happening to your nervous system every time you switch on your TV or computer.

Well, at least according to the 6506148 B2 Patent.

The patent named “Nervous System Manipulation By Electromagnetic Fields From Monitors” was filed in 2001 and published in 2003. The patent was filed by one Hendricus G. Loss (perceived to be a fictitious person as no information about who he really is can be traced).

Is it Worth Any Attention?

We already know that the content displayed on TVs or even on the internet is created in such a way as to influence decisions, such as when making a purchase or standing behind certain beliefs.

The mind control subject has been a topic of discussion for a long time. Although initially considered a conspiracy theory, its reality has been observed in the content displayed by mainstream media.

But how about manipulation through the nervous system?

Science teaches us that the work of the nervous system is to carry messages throughout the body and control your senses. The nervous system, according to neuroscientists, is controlled by the brain.

Now, the brain is said to be a complex bioelectrical organ that produces electric fields.

That’s why it’s believed that you can rewire your brain through techniques such as listening to binaural beats. Scientists also claim to control brain functions with a technique that uses powerful electromagnetic radiation. This technique, known as Transcranial magnetic stimulation (TMS), can jam or excite particular brain circuits.

Think of how you are not allowed to use cell phones in some areas of a hospital or in an airplane (where some only allow use in airplane mode). This is so that the electromagnetic transmission of the phone does not interfere with critical electrical devices.

So if a brain is a bioelectrical organ, is there a possibility of manipulating it?

How it Happens, According to 6506148 B2 Patent

Here is a short excerpt from the patent abstract:

“Physiological effects have been observed in a human subject in response to stimulation of the skin with weak electromagnetic fields that are pulsed with certain frequencies near ½ Hz or 2.4 Hz, such as to excite a sensory resonance. Many computer monitors and TV tubes, when displaying pulsed images, emit pulsed electromagnetic fields of sufficient amplitudes to cause such excitation.

It is, therefore, possible to manipulate the nervous system of a subject by pulsing images displayed on a nearby computer monitor or TV set. For the latter, the image pulsing may be embedded in the program material, or it may be overlaid by modulating a video stream, either as an RF signal or as a video signal. The image displayed on a computer monitor may be pulsed effectively by a simple computer program. For certain monitors, pulsed electromagnetic fields capable of exciting sensory resonances in nearby subjects may be generated even as the displayed images are pulsed with subliminal intensity.”

The US Patent 6506148 B2 is a confirmation of the possibility to manipulate the nervous system. The patent includes 14 claims including how video can be used to manipulate the nervous system.

Is it just a conspiracy theory?

Well, it’s not easy to tell. But we can’t ignore the concerns raised in regards to electromagnetic fields (EMF). The EMF issue has raised so much concern that in May 2015, 190 scientists from 39 nations submitted an Appeal to the United Nations requesting the World Health Organization (WHO) adopt more EMF exposure protective guidelines.

Such concerns are an indication that the patent should not be ignored. It also goes to show that apart from your electronic devices recording, monitoring and watching everything you are doing, they can also influence living organisms’ feelings, perceptions, thoughts and behavior.

Switch off that Screen

Well, this is practically not possible. The dependence on these electronic devices is so high that we are practically immobilized if they were to be turned off. Electronics have become part of human attachment.

The age of the Internet of Things (IoT) doesn’t make it any better. Now that we are surrounded by electromagnetic emitting devices, the patent serves as an alert to the public of the possibility of what could happen if these technologies were used unethically.

Unfortunately, the technology is here to stay. The only option is to minimize the exposure from your EMF emitting devices. Therefore it’s not a bad idea to try something different: read a book, go hiking, take a walk or simply switch off that screen when you can.