Nic Allen

Infographic showing 2024 US phone scam losses ($25 B), senior impact, top scam types, and Beacon’s free risk-score solution.

Phone and text scams cost Americans $25B in 2024 alone. @gtgonline.bsky.social built Beacon to fight back. Submit any unknown or sketchy number, and receive an immediate risk score.

beacon.gtg.online

#Cybersecurity #ScamPreventions #SecuritySky #CyberInnovation #StaySafeOnline

Infographic showing 2024 US phone scam losses ($25 B), senior impact, top scam types, and Beacon’s free risk-score solution.

Phone and text scammers cost Americans $25B last year.

@gtgonline.bsky.social built Beacon to fight back: submit any unknown or sketchy number, instantly receive a risk score; free, no tracking.

beacon.gtg.online

#Cybersecurity #GTGBeacon #ScamPrevention #Infosec

#cybersecurity #scamprevention #gtgbeacon #digitaltrust | Nic Allen | 31 comments A few weeks ago, one of my nieces forwarded a screenshot of a text message she received. It claimed to be from a recruitment assistant at Indeed, promising an enticing part-time or full-time remote jo...

My niece received a fake job offer claiming to be from Indeed. She immediately checked with me. Not everyone has a cybersecurity expert to consult, so we built Beacon. Quick, reliable scam checks for everyone. More on LinkedIn:

www.linkedin.com/posts/nicall...

#Cybersecurity #ScamPrevention

Caller Beware: How Phone Scammers Use Fear Against You Understanding the "Process Server" Phone Scam and Staying Protected

Receive a scary call about unpaid bills or legal trouble? A common phone scam is probably targeting you. I wrote about how to spot it, and what we're doing to help stop it at @gtgonline.bsky.social with Beacon.

open.substack.com/pub/thenical...

#PhoneScam #FraudAlert #CyberSecurity

Smishing Scams: How Text Messages Became the New Cyber Threat Protecting Yourself from Fraudulent Text Messages

Smishing, scams delivered via SMS, are sneakier than ever. Fake toll bills, bogus delivery notifications, fake account alerts… scammers are stepping up their game.

open.substack.com/pub/thenical...

#CyberSecurity #Smishing #OnlineSafety #Phishing #Awareness

Small Business Cybersecurity: Keeping it Simple for Safety Why simpler cybersecurity tools offer stronger protection, and how your SMB can adopt them today.

Complex cybersecurity doesn't always equal better security, especially for small businesses.

thenicallen.substack.com/p/small-busi...

#Cybersecurity #SmallBusiness #SimplifySecurity

How a Single Letter Could Cost Your Business Everything The Critical Importance of Email Security and Proactive Cybersecurity Measures

One sneaky letter swap in a domain nearly killed a business overnight. Cyber threats like typosquatting are getting smarter and scarier, especially for SMBs.

Proactive cybersecurity isn't just IT, it's survival.

thenicallen.substack.com/p/how-a-sing...

#CyberSecurity #EmailSecurity

The Forgotten Frontier of Cybersecurity Why Protecting Consumers from Email, SMS, and Phone Fraud is Critical

Cybersecurity often fails to protect personal accounts from email, SMS, and phone scams, exposing retirees, young adults, and even enterprises to risks.

It's time we work on closing this gap.

thenicallen.substack.com/p/the-forgot...

#Cybersecurity #FraudPrevention #ConsumerProtection

Beyond DMARC: Next-Generation Email Security Why SPF, DKIM, and DMARC Alone Won’t Protect Your Organization from Advanced Email Threats

SPF, DKIM, and DMARC aren't enough to stop advanced email threats. It's time for email security to evolve.

thenicallen.substack.com/p/beyond-dma...

#EmailSecurity #Cybersecurity #ThreatIntelligence

Email Security Needs More than SPF, DKIM, and DMARC Why Traditional Email Security Protocols Fall Short Against Sophisticated Attacks

Email security isn’t solved by SPF, DKIM, and DMARC alone. Attackers are evolving, and so should our defenses.

substack.com/home/post/p-...

#Cybersecurity #EmailSecurity #Phishing #SPF #DMARC #InfoSec

There has been a great response in our first week of running this campaign.

Please continue submitting those #smishing and #scammer phone numbers so we can analyze them!

gtg.online/report

Scammer Number Submission Form GTG.Online is launching a new Phone Scammer Registry to help combat fraudulent calls and text messages. Your cooperation can help protect others from scams and unwanted communications. Please enter th...

Is anyone else tired of getting smishing text messages and scam calls daily? If you are and can spare a few seconds when they're received, please add them to our Phone Scammer Registry. We're not just interested in stopping phishing; we want to stop #scammers everywhere.

gtg.online/report

I’d love to hear from fellow IT and cybersecurity professionals: What pivotal shifts have you witnessed in your organizations? How are you adapting to new threats and opportunities? /end

Adapting isn’t just a technical upgrade; it’s a cultural shift. It requires us to challenge old assumptions and continuously learn, experiment, and refine our security practices. 6/7

Over my years in the field, I’ve seen firsthand how embracing such transformation creates opportunities to build more resilient systems. It’s a challenging journey but also a chance to lead the charge in redefining cybersecurity. 5/7

4/ This pivot forced the cybersecurity world to evolve. New attack vectors, rapid threat detection, and innovative risk management practices became essential. Patching systems wasn’t enough; companies had to reimagine their entire approach. 4/7

Microsoft’s shift to Azure wasn’t merely a product update but a fundamental IT infrastructure and security rethinking. Moving to the cloud meant facing new vulnerabilities while unlocking new levels of agility. 3/7

Take Microsoft as a case in point. Not long ago, their core business was built on Windows and Office. But as cloud computing emerged, the game was about to change. 2/7

Change isn’t just constant in IT and cybersecurity; it’s accelerating. If we don’t pivot, we risk being left behind by emerging threats and evolving technology. 1/7

To that end, we're looking for beta testers for our new anti-phishing product, Verify. Let me know if you're interested in signing up. I promise you you can bring your checklists with you. I'll probably have one myself. /end

#GTGOnline #InfoSec #Phishing #CyberSecurity #Checklists

Modern InfoSec isn't about adherence to a process; it's about developing cohesive systems that can catalog, identify, and connect threats and then use that information, along with historical trends, to develop meaningful strategies and responses. @gtgonline.bsky.social is developing this. 6/7

If we do this correctly, we can develop deeper intelligence, promote adaptability, and create true resilience against adversaries who are no longer simply following a script. Checklists have their place, but they're not transformative and allow us to be complacent because "we have a plan." 5/7

Let's look beyond predetermined steps and start looking to be proactive. Instead of relying on a linear process, we must design systems that anticipate shifts in the threat landscape and ensure that our defenses can work dynamically. 4/7

We need to reimagine InfoSec. Look at threats holistically instead of a scenario that requires that a series of boxes get checked. Again, love the dopamine, but that doesn't solve problems. The post in question drove home the idea that the industry doesn't seem to have any forward vision. 3/7

Checklists are a baseline and helpful to ensure that obvious items aren't missed. However, relying on them as a primary safeguard in cybersecurity seems incredibly counterintuitive. They can prevent common mistakes, but they're not the transformative measure the individual made them out to be. 2/7

Clipart of a checklist with items marked off, indicating that they have been completed, and a pencil next to one.

🧵
I was on LinkedIn today and came across a post that frustrated me. It started as an anecdote about checklists and how they're beneficial. I get it. Checklists are great; give me that dopamine hit! Then, it was tied to how they can make organizations more resilient in cybersecurity. 1/7

No, that is not how you exit Vim.

Email is the cornerstone of digital business identity. Taking steps to verify authenticity, prevent compromise, and build trust in every interaction is essential. Protect sensitive data and safeguard your reputation by securing your inbox.

#EmailSecurity #CyberSecurity #InboxProtection

Cloudflare’s developer domains increasingly abused by threat actors Cloudflare's 'pages.dev' and 'workers.dev' domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other malicious...

Attackers are using corrupted Word docs to bypass filters, tricking users into scanning QR codes that steal credentials. Smarter email security is key to combat these creative tactics. Stay informed and protect your business. #CyberSecurity #Phishing

www.bleepingcomputer.com/news/securit...

Image from Krebs Security article highlighting the top 5 gTLDs that are attracting scammers along with their ranks, the number of cybercrime domains reported and the year over year change from 2023 to 2024.

Phishing attacks are surging, with new gTLDs like .shop and .xyz fueling a 40% rise. These domains are cheap and easy targets for scammers. Staying ahead means proactive monitoring, validating communications, and uncovering attack patterns to secure your organization against evolving threats.