.webp?width=2169&height=526&name=Compass%20regular%20transparent%20website%20(1).webp "Compass IT Compliance Logo")
-1.webp?width=2169&height=620&name=Compass%20regular%20transparent%20website%20smaller%20(1)-1.webp "Compass IT Compliance")
Bypassing Multi-Factor Authentication via Prompt Bombing
by Kelly O’Brien on April 27, 2022 at 1:00 PM
.jpg)
It is the middle of the night, and you have finally fallen asleep, only to be awakened by the constant beeping of your phone. Bleary-eyed, you look at your phone to see it is prompting you to agree to log in on one of your accounts. You half wonder if you are dreaming and may instinct …
Receiving a Scam Text… From My Own Phone Number
by Nicholas Foisy on March 30, 2022 at 5:00 PM
.jpg)
Throughout my years working in the IT security and compliance field I have had the opportunity to learn about dozens of different social engineering attack strategies that malicious actors will utilize to achieve their goals. This past weekend, I had the unique opportunity to witness …
‘Tis the Season – Don’t Fa La La to Holiday Scams
by Kelly O’Brien on December 1, 2021 at 2:30 PM
As another holiday season quickly approaches and holiday gift lists are started, the scammers are also looking to deck the halls during one of their favorite times of the year. As many begin planning for shopping and holiday festivities, unscrupulous scammers are presented with ample …
Combating Cognitive Bias to Mitigate Social Engineering Attacks
by Peter Fellini on April 9, 2021 at 1:00 PM
“When dealing with people, remember you are not dealing with creatures of logic, but with creatures bristling with prejudice and motivated by pride and vanity” – Dale Carnegie In this quote, American writer and lecturer Dale Carnegie touches upon the topic of cognitive bias.
Situational Awareness – How Strong Are Your Spidey Senses?
by Peter Fellini on September 17, 2020 at 3:15 PM
How aware are we of our surroundings? What is happening around us that we are not aware of? Being more cognitive of our surroundings at work and at home can bring a lot of positive results to our corporate security posture.
Examples of Effective Vishing Attacks
by David Bienkiewicz on March 4, 2020 at 2:00 PM
Vishing (not to be confused with phishing) is a form of social engineering that attempts to manipulate an individual to give an attacker personal information like usernames and passwords, credit card information, and social security numbers via the telephone. The attacker will call an …