Reusing passwords makes it easier for threat actors to gain access to your accounts. They may not actually be using it to take money. They may be impersonating you to scam others in your network. Today’s guest is Joel Hollenbeck. Joel is a cyber security executive with over 25 years experience in multiple disciplines. He is the CTO at Check Point Software Technologies and leads a global team of cyber security experts dedicated to understanding the challenges that customers face and helping them stay ahead of the ever-evolving threat curve.
“It’s also important to highlight the brands that are being used in phishing attempts. People are trying to steal your credentials to connect with your network” - Joel Hollenbeck Share on XShow Notes:
- [1:01] – Joel shares his background and his current role.
- [2:38] – Joel has teenagers at home and describes the challenges of communicating threats including one that wound up being an attack.
- [5:06] – His credit card company alerted him of fraud and he looked further into it.
- [6:29] – Threat actors have to constantly change up their tactics.
- [7:53] – The latest report shows that the number one brand that scammers are using is LinkedIn. They are trying to harvest accounts to get in under the radar.
- [9:06] – Brands themselves need to also be aware to keep their customers safe.
- [10:36] – Every major holiday, shopping event, or global event creates new opportunities for phishing attempts.
- [12:09] – Joel shares some of the information threat actors gather.
- [14:33] – A great many people don’t trust SMS messages.
- [16:30] – The reuse of passwords has been proven to be a huge mistake.
- [18:37] – Chris shares an experience with a password reset issue.
- [20:28] – Social media companies do not have a public facing customer service line.
- [22:46] – On the other end of the spectrum, there is the issue of being overwhelmed by multi-factor authentication.
- [24:18] – Product links on social media are also something to be wary of.
- [25:37] – Think of it as a risk assessment and know that sometimes it will feel very cynical.
- [26:59] – You don’t know if the person on the other end of a message is from the person you actually trust.
- [28:48] – Threat actors strive to gain access to high value accounts.
- [30:42] – Some LinkedIn or other social media account hacks, they will be used for simple phishing attacks. But some will be used for something very sophisticated.
- [33:06] – Awareness of these issues is critically important to try to stay ahead of scammers.
Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.
Links and Resources:
- Podcast Web Page
- Facebook Page
- whatismyipaddress.com
- Easy Prey on Instagram
- Easy Prey on Twitter
- Easy Prey on LinkedIn
- Easy Prey on YouTube
- Easy Prey on Pinterest
- Joel Hollenbeck on LinkedIn
- Check Point Security Website
Transcript:
Joel, thank you so much for coming onto the Easy Prey Podcast today.
Thank you for having me, Chris. It's definitely an honor to be here.
Thank you. Can you give myself and the audience a little background about who you are and how you got involved in cybersecurity?
Yeah, for sure. I'm Joel Hollenbeck. I'm the Director of Engineering here at Check Point Software Technologies. I have been doing 100% cybersecurity-focused roles for 25 years now. In fact, my first job was cybersecurity-focused. When I was 18 years old, I worked at the Federal Reserve Bank at St. Louis and did a lot of security work there.
I got into that, Chris, because I just had a computer system like many people my age back in the day. We had bulletin board systems and one of the fun things we did is we messed with the other's bulletin board systems. We will hack them and then the same people who we hacked will hack us back. It was a tight-knit group of people and we knew each other and this is part of the fun.
That gamesmanship, if you look at it that way, of how you breach a system and how you protect the system created this interest in me. I was already interested in computers so I thought I could make a lot of money doing this.
At that time, 25 years ago, of course, cybersecurity wasn't a term. In fact, security in the realm of IT wasn't anything that a lot of people took seriously. There were issues here and there, but it was more of a sideline discussion. It was truly the interest I had a heart from the beginning and I focused on that, as I said, 25 years ago. For the last 16 years, I've been here at Check Point Software Technologies following that passion and I love every day of it.
Before we start talking about getting into the meat of it, have you ever been a victim of a cybercrime?
I have indeed. Fast forward 25 years later, I have a daughter who is now 16; she’ll be 17 next week. I have a nephew who lives with me—he just turned 17. They have their own computer system, if you will. You can't monitor everything that everybody does on those systems every day. If I try to share some of my wisdom, of course, they're going to blow me off as, “Dad, that's silly.” “Uncle, that's silly.” It's a very serious challenge and sometimes it can affect the things you do here even in the house.
Unfortunately, on one of the systems where I happen to be logged into an Amazon account that belongs to me for the house—for my Amazon Prime subscription, and other things that we conduct business with Amazon—one of the kids, I guess, opened up a link that they got via email. That opened the door to a remote control attack or a RAT attack on that computer.
Unfortunately, the threat actors, in that case, were able to get onto the Amazon account that was logged in and started ordering stuff. They were very crafty about it. They knew what they were doing. This is what they did with this RAT: they weren’t trying to take control of the computer for any other reason than to go after Amazon accounts. It was clear that this was their particular forte.
They would order a gift card that couldn't be returned. Amazon didn't have any records either. They would spend it and within minutes, they would also order a small grocery item for my house. It will be under $10 on a separate order. Then the next order will be another gift card of an increasing amount and they will continue the cycle over and over. What they were trying to do, I found out later, is they're trying to stay under the radar and try to fool Amazon's fraud algorithm and try not to get captured there.
Luckily for me, I had several different filters out there. As I would advise everybody to do, have alerts on all your bank accounts and credit cards or you get text messages, emails, and so on and so forth because you're part of that fraud system.
My credit card carrier in this particular case kept sending me information about charges that were occurring on my account. I saw a few of them, they were really small amounts and it didn't concern me at that time, but I also got a fraud alert from the credit card company. I looked into it further, but by that time they had racked up somewhere along $400 in these gift card charges.
Amazon, in this particular case, wouldn't return the money either. I had to contact the credit card company. As long as I claimed it was fraud with the credit card company, they were able to recover the money and work it out with Amazon. I […] nothing. None of us—even me who I consider very cynical when it comes to emails, text messages, links, and stuff like that—can get breached like that. I'm logged into a system here and other people have access to it. It's a family computer and there you go. Certainly, mistakes are made, but none of us are invulnerable to the threat actors that are out there.
It happens to be a perfect lead into our discussion today about the report that Check Point has been putting out for a number of years on the brands that are being used for phishing attempts. Let's go ahead and talk through what the trends are in that arena.
Yeah, for sure. I guess a couple of things to start out with, of course, the threat actors and the phishers constantly have to evolve their tactics. They have this roll of decks, if you will, of ways to approach people. As they utilize those various methods to contact people, try to get them to click on the link, and open up an attachment, they will saturate that particulate methodology. People will be onto them and that particular approach.
For example, over time we've seen a lot of phishing moved from email to SMS. We believe this is because people have their guard up when they talk about email, but when they get an SMS, it may seem a little bit more personable. Some folks are maybe a little more trusting. I find that hard to believe […], but that's the reality of the world. People are more trusting of SMS for the moment and then we'll do another communication methodology.
That's what we see on the report for the longest time. There are a number of different brands that were used to try to send phishing attempts. For example, FedEx or DHL. You may get an email from one of them with a PDF attachment that the phishers are hoping you're going to open up. Of course, that PDF is malicious and is going to take over your computer.
Our latest report found that the number one brand currently being used by these phishers is LinkedIn. -Joel Hollenbeck Share on XOur latest report found that the number one brand currently being used by these phishers is LinkedIn. We believe that's because the threat actors are trying to harvest credentials for LinkedIn accounts. What they want to do with that afterward is use that to basically get under the radar with people's trust. They want to use those LinkedIn accounts for further phishing attempts and get the contacts that that account has on LinkedIn. This is a new methodology that they have done on other platforms and will do it again.
It's cyclic in nature, if you will. I think it's important to point out not only are these methodologies and these trends that we see in phishing, but it's also important to highlight the issues that we see out there in the brands that are being used for these phishing accounts in order to raise awareness, not only for the individuals out there. Be aware that you may get an email from DHL with a malicious attachment or what looks like it's coming from DHL from a malicious attachment.
We should also be aware now that people are going to try stealing your LinkedIn credentials to further their threat acting and phishing accounts out there. We also need to raise awareness of those brands as well. They're part of this community, and they need to protect their own brand and need to also help their customer so they need to communicate to those folks and help them know this is going on.
Do you think any of the moves towards the increase in LinkedIn has to deal with more people also looking for new jobs right now?
The phishers are going to look for any platform where they can try to get around people's trust issues. -Joel Hollenbeck Share on XI think it's part of it. The phishers are going to look for any platform where they can try to get around people's trust issues. They didn't trust emails so they moved to SMS, and with LinkedIn, they're going to go after close contacts of LinkedIn. Of course, to your point, there's a lot of activity on LinkedIn. Job markets are really hot and people are posting jobs out there, looking for experts in whatever field they are looking for, people are looking for jobs. I think that makes it ripe for a platform for phishers to apply. Certainly, I think that's a big part of it, Chris.
Let's talk about the SMS a little bit here. I've personally received the ones that are, to me, really poorly crafted. It was, “Hey, this is the wrong wireless carrier. Thank you for paying your bill. Here's your gift.” Which I thought just seems to be particularly poor, but how are people using SMS in terms of phishing?
There's a myriad of methods. I've got SMS phishing attempts referring to Ukraine—one of the hottest topics lately, which people are going to jump on—every major holiday for that matter, every major shopping event, there are a lot of phishing attempts. I've seen ones from Ukraine lately.
I also saw in recent times about Amazon, which is ironic because my Amazon was hacked by their computer takeovers I mentioned earlier, saying that an Apple product of a thousand dollars was purchased on Apple and they want you to confirm by clicking a link.
This is just yet another method that the phishers are going to try to use in order to get people to click on those links. For those of us in the industry, they're just recycling the same methodologies over and over again. The Ukraine attacks, for example, that I saw via SMS wanted you to open up a webpage which talked in a very, very similar language, Chris, to what we saw in the Nigerian Prince Scams of decades old.
Everything that was old is new again, over and over again in these phishing attempts. There's very little that's new, but that being said, I will give credit to the phishers. They are incredibly creative and are willing to put in the time in many cases in order to hit their mark.
Everything that was old is new again, over and over again in these phishing attempts. -Joel Hollenbeck Share on XThere's this low-level phishing attempt that seemed elementary. These are the ones where they'll send out millions and millions of messages that will get a very low return rate of under 1%, but they will still be able to make immense profit from doing that.
On the other end of the spectrum, of course, there's the sphere of phishing attempts where they might spend weeks, months, or even in excess of a year in certain cases where they'll be studying their targets and understanding their business transactions. They'll understand what bills might be coming up, and they'll use all those information to garner the trust of other victims to pretend to be somebody that they're not, send in emails, and try to get the person they're going after to do a financial transaction to an account that the phisher is on, or whatever the case may be. There are varying levels of detail there and the phishers are in it to win it. They make a ton of money doing this.
Another realm of this is ransomware. Ransomware gets into these environments and 90% of ransomware gets in via phishing. Ransomware is a huge problem. There's a lot on the line here. We can talk about this in simplistic terms and talk about the various methods that people are using, and to many of us in cybersecurity, we just say you just need to be more cynical, but there's a lot on the line, and a lot of businesses interrupted. In fact, our lives are interrupted as a result of this type of stuff.
Yeah, definitely. Are you seeing moves to other messaging platforms as well?
LinkedIn is its own messaging platform, and I think that this follows that trend. You have email, which is very broad and everybody has access to. As that becomes a diluted market, becomes oversaturated with phishers, and people become less and less trusting of their email.
In fact, I know many people that don't even read their personal email in their personal email accounts. They only go out there if there's a particular piece of information they get from that. For example, a receipt for something that they bought online and dumped it in there. They just don't read their personal email anymore.
As I mentioned earlier, people moved to SMS. I think that what you're seeing with LinkedIn is precisely that. People don't trust SMS messages or a great many people don't trust SMS messages. As their success rate on those platforms, email, and SMS wanes, they're going to move to something else. Quite frankly, and I hate to give you kudos, but I think LinkedIn is a brilliant move if you're efficient because these are close contacts, they are professionals, or that's the context of the communication methodology.
If they craft their messages right, they'll be able to reach out to people and I think it's underneath that barrier. If it's not LinkedIn, it's going to be something else. We've seen many phishing attempts on WhatsApp and other messaging applications. In fact, there's been phishing attempts or campaigns that we've seen on things like […], for example.
It doesn't matter what the platform is, the phishers are going to follow where they think they can get success. They're going to measure that success, and they're going to double down when they get it.
It doesn't matter what the platform is, the phishers are going to follow where they think they can get success. -Joel Hollenbeck Share on XI guess in some sense, particularly with LinkedIn ones, there are almost two sides to it. There's an account that's being compromised in order to perpetrate the attack and then people that are being targeted. We say it a ton on the podcast that everyone needs to be using a password manager and unique passwords and that helps, to some extent, accounts from being compromised. It's almost as if you have to be like, even if you think your account hasn't been compromised, check your messages once in a while to make sure weird outgoing messages aren't happening from your LinkedIn account.
Yeah, that's true too. I think that there are a number of things the individual consumer needs to undertake. We all have a responsibility in this, and I certainly advise that everybody uses unique passwords on each system. The reuse of passwords has been proven over and over again to be a huge mistake. If one is breached, they're going to get posted on websites. Then the threat actors have been able to reuse those credentials on other websites.
The reuse of passwords has been proven over and over again to be a huge mistake. -Joel Hollenbeck Share on XIn order to counter that, I suggest using unique passwords on every website. Certainly use multi-factor authentication everywhere that you can and demand it from financial institutions. When I say financial institutions, I'm going to broaden that, Chris. Of course, people are going to think of the banks first, and other folks like that, but even Amazon. You're doing financial transactions with them on a regular basis.
Certainly use multi-factor authentication everywhere that you can and demand it from financial institutions. -Joel Hollenbeck Share on XOftentimes you're going to store credit cards with them so they could charge your Prime account so that you can order things without entering your credit card every time.
Use MFA. Demand that you have MFA capabilities on those websites.
Set up alerts on them. It's something that I looked for on Amazon here recently. I have alerts for all my credit cards and bank accounts for transactions over one dollar. For example, I get SMS and email. I'd like the same thing from Amazon.
I have alerts for all my credit cards and bank accounts for transactions over one dollar. -Joel Hollenbeck Share on XI don't know precisely how Microsoft and LinkedIn are going to respond to this, but I certainly think that this is an opportunity for them to take into account those things as well. Are there facilities on LinkedIn where you can set it up, where you get an alert, and you get a text message whenever your password is changed? Or a login to your account comes from a new IP address or different geography, for example?
All of these things are potential examples of how organizations—and I don't want to pick on just Microsoft and LinkedIn—but how any organization so situated can help consumers be part of the solution to the security problems that we all face.
It's almost like we have to be careful even when those things are implemented. I remember one vendor, I got a text message from them saying, “Your password has been reset.” Or I think I got an email saying that my password was reset. I thought, “I didn't request it. I'm definitely not going to click on something. I don't want to necessarily trust that the password reset email is legitimate, definitely not going to click on anything from that.”
I went and ultimately ended up calling the company and someone had called in, provided fake credentials claiming to be me, and was starting the process to take over the account. The conversation was like, “OK, I've got some basic security on this account. How do we turn on more security on this account? I can't afford to have this account compromised.”
It was not the sort of thing where this entity did not make it easy to find out that there was more that you can do to lock down the account. They have internal mechanisms that you could do, but they were only available on request and they didn't publicize that you could do it. In some cases, you need to call the companies and say, “Hey, I want to enable extra security on my account. How do I do that?
Yeah, it's a really good point and the average consumer isn't going to have access to those either. If you're talking about you're an Amazon customer or a Netflix customer, those are low-touch consumer-facing organizations. They wouldn't take my phone call with regards to fraud, for example, and LinkedIn isn't going to take your phone call. Maybe I should say that's unfair because I don't know that to be the case. I suspect that LinkedIn isn't going to take my phone call to talk about my account security over there.
I think it's pretty safe to say any social media platform does not have a public-facing customer service number that will actually help you. I'm willing to make that statement and broaden it. If they're wrong, then they can contact me and I'll update my notes.
One-hundred percent. That's the point now. I'm presuming that you had an issue with the domain and your registrar. You’re able to contact them. It’s a little bit more high-touch. I'm glad that you got that customer service, but I don't think that's the standard fare even for domain administration unless you're spending a lot of money where you get that level of high-touch.
To your point, it's great to know that sometimes there are security tools that are behind the scenes that we may not be aware of, but awareness is a double-edged sword. Of course, if we make all the threat actors aware that those tools are available, they're going to try to find ways to go around them. If the consumers don't know about them, then how are they going to be leveraged effectively?
At the end of the day, it's up to the organization in the backend to implement them. I don't know that I trust. The thing I'll mention is security by obscurity. I don't know that that's what they're doing, but if they were hiding the tools because they didn't want to make them known so they can't be breached, I don't think that's a good long-term plan either.
I think it's a vote of no confidence that they trust the security controls that they have built in at the end of the day. It's an opportunity to take a look at what tools and what processes do we need to put in place in order to make sure that these accounts aren’t taken over and that domains aren't stolen from Chris Parker. Those are the things that need to be taken to look at and address rather than hiding those tools, if that's indeed what they were doing.
Yeah, I won't disclose what type of vendor it was because I don't want it.
No, I totally understand. I wouldn't either. These are the things that you need. Again with the Amazon, LinkedIn, whatever the services are certainly the financial ones where you get those alerts. It saved me. I definitely encourage everybody else to do that right from their bank account and their credit reports online.
On the other end of the spectrum, of course, there's a cost of that. We get oversaturated with all these notifications and are we paying attention to them? Maybe, to your point earlier, some of those could be phishing attempts as well.
Some of this is just security awareness 101 as well. I don't click on links in SMS messages that I get. I try not to click on links in emails. I advise people, especially when you talk about some of the more contextual things. Every holiday, for example, there's going to be phishing attempts that try to get you to purchase brand name X or whatever the hot thing of the day is and phishers are going to take advantage of that.
When you get emails like that, what they're trying to do is they're trying to create a sense of urgency. They're trying to take advantage of your emotions for that given holiday and trying to get you to take advantage of a deal that's literally too good to be true.
When you get an email like that, whether it's for Christmas, […] the day, or whatever the particular topic is, they're trying to get you to click on that link before you think too critically about it. Is this a look-alike domain? Is it spelled right? Is my grammar correct in the email and all those things?
Again, my advice is don't click on any of those links. If there's a product that you want to buy, whether you see it in email, or you see it on TikTok—for example, my daughter brought me TikTok and she saw a product advertising there and she wanted to get it. I was pulling up the website on TikTok. I was like, “Let's take a pause. Let's go to our favorite search engine and search for the particular product, find it there on a trusted website that we could find, and we'll transact business that way rather than going through a link that's being advertised to teenagers.”
This is the same thing that we should do with those emails that we get. Ensure that you're on a trusted brand website—you’re not on a look-alike domain, and just be incredibly cynical about those things. When I talk about this quite often, Chris, I describe it as you have to have a healthy sense of everything that is going on. You have to take a pause when you get these things.
I think the reality of the cybersecurity world that we face today is literally cynicism. I hate to encourage people to be cynical, but you have to have the cynicism to survive in the world that we're in today—online at least.
You have to have the cynicism to survive in the world that we're in today—online at least. -Joel Hollenbeck Share on XI think it's just a matter of realizing that there's risk. It's a risk assessment. I don't look at it as being cynical, but rather risk assessment. What are my risks associated with clicking on this link versus the benefits of it?
Yes, it's going to take me a little bit more time if I go to my favorite search engine and search for a product there versus click on the link, but the risk is going to a site that's going to steal my credit card information or worse: I click on a link that's going to compromise my computer.
To me, it's a matter of risk assessment. We make those risk assessments while walking down the street every day. We're not going to walk into a dark alley at night with a bunch of suspicious figures in it, so why would we do the same thing online?
Yeah, I agree with you and I think that for those in cybersecurity or are familiar with the concepts, it could be that healthy skepticism. I think for the vast majority of targets, it's a phishing attempt. However, I'm not sure that they take into account the things that you mentioned.
I don't necessarily do that full risk assessment, which is why I encourage them to be extremely cynical and don't trust anything they get. They even ask the point about these latest trends that we're seeing with LinkedIn. They're like, “What about messages that I get from friends and family?” You hate to tell some people in your life that you can't even trust them. It's not that you don't trust those people. It's that you don't know that the person on the other end of that message is who they represent themselves to be and that the link is something that that particular person meant to send you.
I don't think that that's a good way of going through life, generally speaking, but when it comes to electronic communications, if you're trying to protect your computer, your system, your accounts, and your personal identifiable information, you have to be cynical about those links, about those attachments, and be extraordinarily careful. That's kind of the world that we live in and I think that that's the advice we have to give to people with regards to handling the processes of those messages.
With the increase of LinkedIn being used as a vector for phishing, is it part of a broader trend towards more spear phishing, more targeting, or do you think it's more just the flavor of the day?
I think it's both. We talked about the one end spectrum of the mass phishing attempts that are out there and then we talked about spear phishing. I think we're going to see both of those things on LinkedIn. I think you're going to see mass phishing attempts and attempts to launch ransomware into additional environments. They're also going to take high-value accounts, if you will.
First of all, they're going to try to take over the domain LinkedIn accounts as much as they can. For those high-value accounts, if you're able to get C-level accounts or other executive-level accounts, the threat actors are smart and they've done this for many years. I suspect that they're categorizing them. They're categorizing them into high value and they're categorizing them into the ones that can be used for the mass broadcast phishing attempts that are out there.
Yeah, we definitely saw that with Twitter. The hack, I think it was last year, where Musk's account—his account was not necessarily hacked directly, but a backend. There were all those cryptocurrency posts from high-value accounts. “Send me bitcoin and I'll double it.”
I suspect that you'll see the same motivation is there on LinkedIn that if I'm getting correspondence from someone who's a C-level public figure, “Oh, I'm going to read this. I'm going to click on it. I'm going to take it with a level of urgency that I might not on some other type of communication.”
For sure, and I think on some of those accounts, for example, just like we see in some of the really sophisticated spear phishing, the threat actors are going to start reading through the messages that were sent and received by certain accounts on LinkedIn, and they're going to see if there's an opportunity to do a little spear phishing with that account.
They're going to read how they regularly transact business, who they transact business with, under what circumstances, and how they regularly exchange, for example, attachments via LinkedIn. They're going to leverage that to make the most profit from it.
By far, of course, when you talk about volume, most of the accounts are simply going to be used for the mass broadcasting of official attempts under the cover of somebody that you know semi-closely in a professional circle. There will be a great many that are used for extraordinarily sophisticated spear phishing, so watch out.
I know with romance scams it's very common, so that the dating platform isn't aware of what's going on, that the scammers will try to move people over to WhatsApp, or SMS, or some other sort of messaging platform. Do you see the same sort of thing in the spear phishing attacks on LinkedIn or they kind of linger in those accounts for longer times?
It's a good question. I think it's yet to be seen though, Chris. I don't think we have enough data to know precisely how they'll operate in that space.
When you talk about the romance scams, this has been something that's going on for quite some time. Of course, consumers have demanded them that their algorithms and their methodology should do a better job of filtering out those scammers. People are on websites to date people, not to be phished by scammers. People get understandably upset when they get inundated with that type of activity.
What LinkedIn is going to do here, what tools they already have in place, and how they're going to leverage them given these trends certainly isn't known to me yet. It's definitely an interesting question and I think it warrants more investigation and more research by the threat researchers and certainly by LinkedIn to understand what that's going to look like.
It's a sad day when a professional platform has to go to a dating platform for algorithm advice.
Yeah, for sure. Look at it this way too: Microsoft has one of the largest cybersecurity businesses in the world in terms of income. It's not that they're without the talent, without the tools, they certainly have, and I'm sure that they're doing a ton of stuff that just isn't known to us quite yet.
This is something that needs to be advertised by LinkedIn, by Microsoft and, of course, we need to talk about it in the context of podcasts such as yourself to get the word out to people that are on LinkedIn so that they have awareness of this issue and also, of course, to make sure that this is known in the news to folks like Microsoft and LinkedIn so that they're doing something about it.
If you were to prognosticate here, what platform, what website, or what brand do you foresee as being the next kind of rising star in your guys’ list?
That's a really good question, and I think that my crystal ball in terms of that is a little bit foggy at the moment. I think that what we could look for is we could look for a lot of the collaboration platforms to be heavily targeted by the threat actors. We talked about email and SMS earlier, but email, there's been this trend for the last couple of years where people are moving more and more to SaaS-based collaboration tools, whether it's Slack or Teams. Even Zoom has a lot of these capabilities built in.
I think that we're going to see a lot of those collaboration tools now targeted again for the same reasons, because it's a little bit more trusted. If I get a message on Teams, maybe I don't have the same guard up as I have when I'm looking at my personal Gmail account, because Teams are 90% professional, at least with regards to how I use it. I think that the threat actors—and they already are—but I think that's going to continue to trend in that direction where those collaboration tools are utilized.
That's interesting. We'll have to check back next year and see if Slack is moving up the list, not that I'm rooting for that. I'm definitely rooting for everybody to somehow go down the list and that there will be no number-one player.
Yeah, let's hope.
Do you guys put out the report quarterly, or is this a once-a-year report on the brand phishing?
This has been published quarterly for quite some time now. It will be interesting to see what the results are later this year as things trend. I think that this is the most valuable on a quarterly basis because it allows you to kind of see where the phishers are going and what's in their head. It also betrays where they're not having success as they start moving off to some of these platforms and moving away from particular scams.
Got you. And we'll definitely include a link in the show notes to where people can download the report. I know the URL is a little bit squirrely and hard to read, so we'll put that in the show notes. We were also talking beforehand—can you tell me what sort of information they can find on blog.checkpoint.com and research.checkpoint.com?
Those are the two main websites. Of course, Check Point has been in the security industry for 30 years now. It's our only focus. All we do is cybersecurity. Our own threat researchers, which we refer to as CPR—Check Point Researcher—do a ton of research.
We're publishing articles on a weekly basis on the research.checkpoint.com site and on the blog.checkpoint.com site, we're publishing more consumer-facing information, such as this brand phishing attempts report. A lot of great information. A lot of good security awareness will certainly encourage folks to keep up with that information.
Awesome. If people want to find you on social media, are you posting about cybersecurity-related stuff?
I am, and maybe somewhat ironically, LinkedIn is the number-one platform of those cybersecurity advice […] on that. Of course, I go to in-person events all the time. I am on LinkedIn under Joel Hollenbeck. My account has not been taken over at this point, Chris.
If anyone receives a message from you asking for $100, that's definitely a scam?
Yes, definitely. Don't take me up on that.
Joel, thank you so much for coming on the Easy Prey Podcast today.
Thank you for having me, Chris. It's been a pleasure.