Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The dark web is the seedy underbelly of the internet. Unlike the surface web, criminals, spies, freedom fighters, and hacktivists can operate anonymously on the dark web, making it a popular place for illicit activity. Legitimate internet users also use it to protect their privacy in a world where people are increasingly mistrustful of digital giants like Google and Facebook. But it’s very easy to accidentally view illegal, dangerous, and traumatizing material on the dark web.

Last week Netacea team members from the UK and across the US converged at RSA Conference, the biggest event in the cybersecurity calendar, at the Moscone Center in San Francisco. It was a pleasure to talk to so many likeminded security professionals at our booth, and an honor to be given a speaking session from which to spread the word about automated threats.

We’re told that multi-factor authentication is more secure than passwords, but in truth most MFA is susceptible to the same old threats, such as phishing and man-in-the-middle attacks. In fact, the widely championed advice to “use MFA, any MFA” could lead to a false sense of security and even more data breaches.

Phishing website links are commonly delivered via email to their respective targets. Once clicked, these websites often show a single webpage that outright asks for sensitive information like account login credentials, credit card details, and other personally identifiable information (PII). Recently, we have encountered an interesting phishing website containing an interactive component in it: a chatbot.