 Welcome back everyone. In the news, Robinhood, a stock trading application, had a security breach and lost the records of almost 7 million people. In the security incident, they claimed that unauthorized party socially engineered a customer support employee by phone and obtained access to certain customer support systems. It appears like they detected the incident only after the suspect asked for payment. And you might be thinking, okay, big companies get hacked all the time. Why is this interesting? Well, one of the most interesting things I think about this case is that Robinhood is revealing that social engineering was used. Most people, in a case like this, would expect technical systems to be hacked or just not secured properly, but Robinhood is making the claim that social engineering was used as the first step in the overall attack. And this is extremely common. So I wanted to talk about this case specifically because many people tend to overlook social engineering and how common it is in different types of attacks. We're not always looking at the technical vulnerabilities, although there could be a lot of them, especially if a system is very well locked down. Social engineering is really a way that a lot of people get footholds into networks. And really, social engineering starts by taking advantage of the person that they're talking to. Now it could be through trying to befriend them, associate with them. We don't know exactly how this one happened, but maybe if they were getting access to a customer support system, the social engineer probably called in saying that they were a support technician that forgot their password and couldn't get access. It's not really surprising that this is one of the ways that an attacker got into the network. What is surprising is that more people don't detect it and claim that they were socially engineered. What to do specifically about this attack? If you have an account with Robinhood or really any organization that gets attacked like this, the first thing you want to do is change your password. If the attacker is still in the network, there's nothing you can really do about it. But as long as you're changing your password, that's pretty much the most you can do until the organization remediates the situation. Second is make sure that all websites that you use are using different passwords. So if Robinhood's password is leaked, then you can be sure that all of your other accounts are still really secure. The third thing that you need to do is enable two-factor authentication on all of your accounts. At least if that two-factor is enabled, then if your password was leaked, then the attacker will have a much harder time getting into your account and will focus usually on easier accounts to access. Change your password, make sure all websites use a different password and enable two-factor authentication on every website that you possibly can. What's next? You've gone through, you've changed your passwords and everything. What can you expect to happen if your information was used in this breach? Well, first, you can expect a lot more email spam. Because email addresses were what was leaked, they're probably going to be released in a list and spammers are going to get that list and you are going to receive a lot more spam. Second, people will try to use those emails with password lists to try to log into other financial websites. So if you are using the same email address and password on another financial website, make sure you change all of those passwords as well. Third, financial themed emails claiming to come from Robinhood or other similar financial websites will start coming into your email box. The attacker already knows that this list is from Robinhood and they know that your email is on it. So what an attacker is likely to do is craft an email that looks like it's coming from Robinhood, send it to you asking for account transaction information or something like that and then whenever you click on it, they either steal your credentials, try to get your second factor authentication or just maybe initiate a transfer. Be very careful about any emails that you're receiving, especially financial related emails and don't click on anything. Anything that comes in about financial transactions, do not click on that email, go to your browser, go to the website directly, log in and see if you have any information. Never click on emails from financial institutions. This was a really interesting case because like I said, it's about social engineering. A lot of cases start with social engineering. That's really the research part of the case is people going around and socially engineering as many people as they can to collect as much information as they can eventually get access to systems and organizations and then you can access a lot of user information. So it's an extremely common technique. I'm glad that Robinhood at least admitted that that was the initial stage of the attack and then we'll see if any any technical vulnerabilities come out as this investigation goes on. If you are subject to this attack or anything similar, make sure you are changing your passwords, enabling two factor authentication and then especially after your email has been leaked, monitor your emails coming in. Do not trust any emails that look like they're coming from financial institutions. They're more likely to be fraudulent. So everyone take care, be safe and keep an eye out for social engineers. Thank you very much.