Here’s a security scenario that’s all too common: A company suffers from a cyberattack, then responds to it promptly and alerts its customers, warning them to change their passwords. But the company remains vulnerable through the very means it uses to alert those customers: Email. In fact, attackers can exploit that vulnerability using email that pretends to be a security warning from the company, targeting customers and wreaking even more damage.
For example, on May 31, popular cloud-based password manager OneLogin announced that it had suffered a serious security breach, and it updated its report the next day with a few more details.
Leave a reply