Cyber Insights | March 2025

Welcome to this month's edition of Cyber Insights! In this issue, we bring you insights on the Facebook Copyright Scam, the latest security breaches, and valuable AI cybersecurity tips. Enjoy reading and stay secure!

Facebook Copyright Scam Alert: What You Need to Know

There's a new trick going around that tries to steal your Facebook account information. Here's how it works and how to stay safe:

The Scam Explained

You might get an email claiming your Facebook page broke copyright rules. The email looks real - it has Facebook logos (though they're slightly off if you look carefully) and seems urgent.

The email tells you to log in immediately to appeal this "violation" or lose access to your account. If you click the button in the email, you'll be taken to what looks like a Facebook support page asking for your login details.

What's Really Happening

Your Facebook page never actually violated any copyright laws. The whole thing is fake! The "support page" is controlled by scammers who will steal your username and password if you enter them.

How to Protect Yourself

• Be wary of unexpected emails, even when they seem legitimate. Facebook won't send threatening emails demanding immediate action.
• Always check your account status directly on Facebook through the official website or app rather than clicking links in emails.
• Pay attention to details like logos and spelling in emails claiming to be from Facebook. In this scam, the emails contain fake logos and sometimes misspelled words.

Remember: When in doubt, don't click - just go directly to Facebook.com to check your account!

NIPPON STEEL

Exploit: Ransomware

Industry: Manufacturing

Nippon Steel, the world’s fourth-largest crude steel producer, has allegedly fallen victim to a ransomware attack by the BianLian ransomware group. On Thursday, the group listed the Tokyo-based company on its dark leak site, claiming to have stolen 500 GB of data from Nippon’s U.S. division networks. BianLian asserts it has exfiltrated a wide range of sensitive information, including accounting records, client financial data, executives’ personal folders, file server data, production details and personnel files. Additionally, the group leaked personal contact information, such as direct phone numbers for the company’s C-suite executives. The breach is particularly challenging for Nippon Steel as it navigates a complex $15 billion merger with U.S. Steel.?

Read more here

GENEA

Exploit: Hacking

Industry: Healthcare

Leading Australian IVF provider Genea confirmed that an unauthorised third party accessed its data following suspicious activity detected within its systems. In a statement released last Wednesday, February 26, Genea revealed that it launched an investigation into the incident just days after the company experienced a phone service outage. As a precaution, some systems and servers were taken offline but are now being restored. The company is urgently investigating the nature and extent of the breach, including whether personal information has been compromised. Genea has assured patients that securing its systems remains a top priority as the investigation continues. The provider confirmed there would be “minimal disruption” to current treatments at nationwide clinics.

Read more here?

As we continue embracing Artificial Intelligence (AI) to strengthen our cybersecurity defenses, it's crucial to remember that cybercriminals leverage the same technologies. AI-powered cyber threats are becoming increasingly sophisticated, posing significant challenges for organisations everywhere.

Key Concerns:

• Automated Attacks: AI allows attackers to automate and rapidly scale their attacks, making them faster, broader, and more dangerous.
• Advanced Phishing: AI enables the creation of highly convincing phishing emails, significantly increasing the likelihood of successful breaches.
• Evasive Malware: AI-driven malware adapts quickly, bypassing traditional security methods and making threats more difficult to detect and neutralise.

What Can We Do?

• Leverage AI-Driven Defenses: Employ AI solutions capable of detecting and responding to threats in real time.
• Stay Informed: Keep learning about the latest AI advancements and understand their implications for cybersecurity.
• Encourage Collaboration: Foster a culture of collaboration and information-sharing within the cybersecurity community.

If you’d like help understanding or strengthening cybersecurity within your organisation, feel free to contact us for a complimentary consultation.

Your Data Is More Valuable Than You Think: Why You Need the Essential Eight

In this episode, cybersecurity experts Chris and Martin discuss the Essential Eight, its importance for your business, and how to get an assessment to kickstart your cyber security journey.

Listen to the full episode on?Apple, Spotify or YouTube.

If you would like to discuss your cybersecurity needs, book a complimentary consultation here