Inkit logo
Products
DocGen

Create documents in total privacy

paper icon
Records Management

Set records management policies

folder icon
Workflows

Automate workflow processes

flows icon
Digital Signature

Elevate the security of your digital signatures

signature icon
Solutions
By Industry
Financial Services

Generate, store, and share your financial documents

money icon
Government

Zero Trust security for your government agency

Government icon
Healthcare

Store and share your patient data securely

health icon
Utilities

Document generation and file-sharing solutions

lightning bolt icon
Customers
Developers
Documentation
Guides
WelcomeFeaturesSigning UpQuickstart
SalesforceCreating TemplatesGenerating DocumentsUsing the API
API Reference
integrations icon
API Change Log
bars icon
API Status
computer icon
Libraries & SDKs
squares icon
Resources
Insights

Get in the know with articles about Inkit

panels icon
Press

Get the latest new about Inkit

book icon
Encryption

Protect your information with end-to-end encryption

encryption icon
Salesforce

Learn how Inkit integrates with your Salesforce account

salesforce small logo
Contact Us
Inkit logoBook a Demo
hamburger icon
Home
Products
DocGenRecords ManagementWorkflowsDigital Signature
Solutions
Financial ServicesGovernmentHealthcareUtilities
Documents
Guides & DocumentationAPIs ReferenceAPI StatusAPI Change LogLibraries & SDKs
Resources
InsightsPressEncryptionSalesforce
Contact Us
Insights Home
November 20, 2024
November Insights: What Does a Hacker Eat for Dinner?
Industry Deep Dives
Information Security
DocGen
github iconlinkedin iconfacebook iconX icon
TABLE OF CONTENTS
1
Phish and Ships Becomes a Popular Scam Ahead of Black Friday Cyber Monday
2
Buyer Beware
3
Can You Trust That DocuSign Invoice?
4
Delta Sues for $500 Million, CrowdStrike Counter Sues
5
China Tapped the Tappers
6
Are Apple Smart Glasses Coming Soon?
7
The Internet Archives Makes Comeback from Third Cyber Attack This Year
8
Time is Running Out For Google 2FA
9
FAQs
Final Takeaway
SHARE THIS ARTICLE
github iconlinkedin iconfacebook iconX icon
Loading the Elevenlabs Text to Speech AudioNative Player...

This month, hackers are serving up ‘phish and ships’ – as dubbed by Human Security’s Satori Threat Intelligence and Research team – which involves bad actors infecting legitimate websites and luring shoppers to purchase fake products that will never arrive. Forbes and other publications have issued an active list of websites to avoid just ahead of Black Friday and Cyber Monday.

In other news, DocuSign has inadvertently become a tool for scammers through its API environment; meanwhile, Delta and Crowdstrike battle in court to the tune of $500 million in reparation costs due to a major outage in July.

With so much fake content pushed over the airways, it’s important to take the time to find the truth. Without further ado, here’s a brief roundup of the stories I’m following this month.

Phish and Ships Becomes a Popular Scam Ahead of Black Friday Cyber Monday

Human Security’s Satori researchers warn online shoppers to be wary of fake websites.

With “tens of millions of dollars” stolen from “hundreds of thousands” of web users, Forbes and other publications have issued a warning to shoppers on popular browsers like Chrome, Safari, and Firefox. Although Google has removed known websites from search results, fraudulent web shops are still active on social media and messaging platforms.

Buyer Beware

Check out Forbes’ active list of infected webshops.

By infecting legitimate websites with a malicious payload, hackers have driven traffic to fake web shops with fake product listings at attention-grabbing prices. Using real meta-data, the product listings go undetected by Google and other companies, and once the consumer clicks on the item link, they’re redirected to websites controlled by the threat actor.

Key Takeaway

Online shoppers are warned to exercise caution when browsing Google Chrome, Safari, and Firefox.

Failure to comply with document requirements can have serious consequences. These can include legal fines, damage to your reputation, and disruption of your operations.

— Is your organization compliant?
Learn More about Document Requirements

‍

Can You Trust That DocuSign Invoice?

DocuSign, Inc. is an American company providing document management services.

Fueled by the familiarity and credibility of DocuSign, hackers have been exploiting unsuspecting businesses with fake invoices generated by legitimate DocuSign accounts. With unauthorized access to DocuSign’s API, hackers can create and send documents that appear to be genuine invoices or payment requests. For these recipients, who are often employees in accounts payable or finance departments, the only form of protection is to check invoice details versus actuals since the branding on the invoice may appear legitimate at first glance.

Key Takeaway

Read your invoices carefully – they may be fake.

“Inkit’s steadfast prioritization on data security, providing the best possible variable costs, and having a rockstar support team has made this partnership exceptional.”
— Aaron Williams, Head of Asana for Nonprofits
Learn More About DocGen at Inkit

Delta Sues for $500 Million, CrowdStrike Counter Sues

Delta has sued CrowdStrike for the IT outage earlier this year.

Following a massive IT outage that led to 7,000 canceled flights in less than a week, Delta Air Lines has sued for over $500 million in damages – including $380 million in lost revenue and $170 million in costs – claiming a breach of contract and negligence on the part of Crowdstrike. 

The cybersecurity provider has filed its own suit against Delta saying “any damages suffered by Delta following the July 19 Incident are the result primarily of Delta’s own negligence.”

Key Takeaway

Delta and Crowdstrike will battle in court following a major IT outage.

airforce logo
“The assurance of data security is mission-critical to our everyday operations. The Inkit platform has provided us the single, all-inclusive solution we needed to maintain control and privacy over our information.”
Learn More About DocGen at Inkit
Black vital logo
“Using Inkit’s on-demand document generation and retention policies has proven to be highly successful for us. We’re using the API to generate application and adverse action notices. The platform provides us development and cost savings over implementing a custom solution.”
— Ed Cody, COO at Vital Card
Learn More About DocGen at Inkit
Black bird logo
“Inkit has enabled us to streamline our back office and collections, reducing program spend by up to 94%, while maintaining the flexibility to integrate with our existing apps and tools.”
— Jordan Hill, Product Manager at Bird Global
Learn More About DocGen at Inkit

China Tapped the Tappers

Chinese hacking group hacked the wiretapping systems of Verizon, AT&T and Lumen Technologies.

According to U.S. federal authorities, a Chinese-backed hacking group known as "Salt Typhoon" may have accessed sensitive information about ongoing U.S. investigations. By targeting major U.S. telecommunications companies’ wiretapping systems used for government intelligence collection capabilities, the hacking group has collected intel from Verizon, AT&T, and Lumen Technologies. The investigation is ongoing, and all affected parties declined to comment.

Key Takeaway

U.S. investigations compromised as Chinese hacking group infiltrates major telecom companies’ wiretapping systems.

Trusted by Those Who Put Privacy First

Experience the leading secure document generation platform. See Inkit in action.

Book a Demo

All-in-One Solution for DocGen

Automate your document generation with Inkit. Get unparalleled control, security, and end-to-end encryption to help you scale.

Book a Demo

Records Retention & Archival on Auto-Pilot

Automate records retention compliance, safeguard documents, and destroy files based on your organization’s policies.

Book a Demo

End-to-End Encryption

Get peace of mind with our zero-access security to safeguard your private information.

Book a Demo

Easy & Secure Digital Signatures

Streamline your agreement process with Inkit. Create custom workflows to request and collect digital signatures.

Book a Demo

Are Apple Smart Glasses Coming Soon?

Apple releases information on its latest smart glasses initiative.

Apple releases information on its latest smart glasses initiative.

‍

Codenamed “Atlas”, Apple has begun collecting feedback from internal stakeholders regarding the development of augmented reality (AR) smart glasses. Keeping everything in-house is fairly typical for Apple, which allows the company to test the waters with internal focus groups while officially staying silent on development plans.

Key Takeaway

Apple releases sparse intel about an upcoming AR smart glasses device.

Book a Demo with Inkit

The Internet Archives Makes Comeback from Third Cyber Attack This Year

Encrypt your systems to avoid breaches of sensitive data.

Following up on the ongoing saga of the Internet Archive attacks, the nonprofit digital library recently announced that its Wayback Machine has been restored and that the service has begun saving pages from October 9th – when the service was taken down – onward.

Key Takeaway

The Internet Archive resumes service after suffering a breach of PII and then a sustained DDOS attack. The cyberattacks appear to be unrelated and completely coincidental.

Time is Running Out For Google 2FA

Open a second Gmail account to mitigate the impact of breaches

Google has released guidance to create a second Gmail account and configure two-factor authentication immediately. While this won’t stop breaches from happening, it ensures business continuity through a backup repository of emails.

Key Takeaway

Create a second Gmail account for a reliable backup of business emails.

Book a Demo with Inkit

Spotlight Picks

Insights, strategies, and stories shaping the future of your industry.

Upcoming Webinars you Won't Want to Miss

Dive Deeper into the topics shaping cybersecurity and compliance in 2025. Join our experts for actionable insights and live Q&A sessions.

RELATED ARTICLES
February Insights: The Rules are Changing. No More Do-Overs
Read
January Insights: Your 2025 Survival Guide
Read
December Insights: Lessons From 2024
Read
Up Next
github iconlinkedin iconfacebook iconX icon
February 28, 2025

February Insights: The Rules are Changing. No More Do-Overs

AI risks, regulatory crackdowns, and Zero Trust shifts—2025 leaves no room for error. Stay ahead of breaches, data laws, and compliance changes.
Industry Deep Dives
January 17, 2025

January Insights: Your 2025 Survival Guide

2025 begins with AI threats, Zero Trust strategies, and evolving cyber risks. Equip yourself with insights and tools to lead confidently this year.
Industry Deep Dives
December 31, 2024

December Insights: Lessons From 2024

Lessons from 2024: AI-driven threats and quantum shifts reshaped cybersecurity. Stay ahead in 2025 with strategies for leaders like you.
Industry Deep Dives
Inkit logo
Secure Document Generation (SDG)
github iconlinkedin iconfacebook iconX icon
Platform
DocGen
Records Management
Workflows
Digital Signature
Company
Contact Us
Careers
Media Kit
Solutions
Financial Services
Government
Healthcare
Utilities
Document Streaming
Developers
Documentation
APIs
Libraries & SDKs
API Status
API Changelog
Resources
Insights
Encryption
Salesforce
DocRetention
Downloads

© Inkit Inc. All rights reserved.

Terms
Privacy
Legal
Site Map
Accessibility
We use cookies to enhance your browsing experience, serve personalized ads and content, and analyze our traffic. By clicking “Accept”, you agree to the use of cookies as detailed in our Privacy Policy and Cookie Policy.
PreferencesDenyAccept
Privacy Preference Center
When you visit websites, they may store or retrieve data in your browser. This storage is often necessary for the basic functionality of the website. The storage may be used for marketing, analytics, and personalization of the site, such as storing your preferences. Privacy is important to us, so you have the option of disabling certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may impact your experience on the website.
Reject all cookiesAllow all cookies
Manage Consent Preferences by Category
Essential
Always Active
These items are required to enable basic website functionality.
Marketing
These items are used to deliver advertising that is more relevant to you and your interests. They may also be used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the website operator’s permission.
Personalization
These items allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features. For example, a website may provide you with local weather reports or traffic news by storing data about your current location.
Analytics
These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues. This storage type usually doesn’t collect information that identifies a visitor.
Confirm my preferences and close