highest bidder, and use those to enable the exact kind of masquerade attacks, spoofing attacks, phishing attacks you

masquerade attacks, spoofing attacks, phishing attacks you re describing. more concerningly we see agencies of government for example the national security agency which has "security" in its name actually using this same paradigm to weaken our own infrastructure. we've seen them go to standard bodies to spy on them and look for vulnerability and rather than fix those standards, correct those flaws, they leave them in and try to exploit them and in other cases look at where they can introduce them make them less zure overall

you are not that far off when you say phishing attack.ost common way to get malware on systems is to use phishing, sending e-mails to fool people into going to sites hosting malware. sometimes they will target high-level executives in the company to get them to install malware. once that's installed a number of different things can be done. destructive malware, which essentially destroys all the information on the hard drive, makes the machine inoperable, and simply deletes everything it finds. there's spyware that tries to observe what the user is doing, capture keystrokes or files. botnet, all different kinds of malware can be used to extract information. >> there's speculation that the james franco and seth rogen movie that somewhat ridiculously has them as leaders in a plot to assassinate the leader of north korea, it's said they got north korean hackers to attack them. the fbi is suggesting this might not be the case, and is a broader phishing expedition. should the world be afraid of seth rog is really the question hereen. -- afraid

the fbi is suggesting this might not be the case, and is a broader phishing expedition.orld be afraid of og is really the question hereen. >> it makes a good question that there is a movie -- a good story that there is a movie coming out, so north korea is doing it. not a lot of specific information is tied to that. generally speaking, all companies are being targeted. anyone with viable information, sensitive information, cardholder information, all the mosthes we have seen, make large companies very lucrative targets for attackers. so it's not unreasonable to think it would go beyond sony. >> chris eng, thank you very much. speaks out, the latest to weigh in against spotify. the new threat to the music industry, next. watch this streaming on your tablet, phone, bloomberg.com, or your apple tv or amazon fire tv. ♪ >> time for bloomberg television "on the markets." get you caught up on where stocks traded today. a little bit of a rally pushing the dow jones industrial average to an all-time high, 102 points up. 60%.500 up 0. >> you are watching "bloomberg west." i am cor

. >> so these are called phishing scams. i know you said you got one the other day. online order. now that it's the holidaying securities are warning about a slew of scam e-mails. they can infect your computer and, gayle, be careful, steal your personal information. 'tis the season for clicking and shipping. hundreds of millions of gifts are being shopped for online. that's the most ever but with the shopping bonanza comes a variety of e-mail scams, exploiting shoppers. >> it's seasonal. they'll use the season to take advantage of you. >> reporter: claire rosenschlag. >> everybody's all excited. they're shopping they're shipping, and scammers love this. >> reporter: online orders are tracked by confirmations and delivery updates. scammers posing as retailers, banks or shipping companies produce e-mails that look real. order confirmation status notification, or package undeliverable. if you click on these links or if you open the attachment, there's a good chance that you're putting malware and spyware onto your computer. it can sit there door manl and take your key s

people that you think are going to have this level of access, that is who you then target for spear phishingpear phishing is when a hacker sends an e-mail to a specific person that seems to come from a legitimate colleague. >> and because it is from someone i know, i open the e-mail and the subject makes sense, i then click on the attachment and that is critical, right? >> right. so now you are going to a web page that i designed. and as you notice, as it renders here, it will look legitimate. >> reporter: but that website is installing malicious software and in seconds the target's computer is under the tacker e- the hacker's control. >> and look at that. now my computer is showing up on your computer and can you see exactly what i'm up to. >> exactly right. >> reporter: the hacker can read e-mails and look at projects, reports, budget and pictures and even record your every key stroke. >> so in real-time, i see exactly what you are typing on your screen and this is how get passwords. >> reporter: this is a simple version of what appears to be a much more elaborate scheme in the case of son

and building societies issued a joint declaration to deal with the multimillion pound crimes of phishing courier fraud, when people are called by criminals posing as police officers or bank employees and asked to hand over bank cards and pin numbers to assist fraud inquiries. i have worked with age uk, the alzheimer's society, and call blocker manufacturers to build a scheme to protect the most vulnerable in society from that crime, but dcms ministers are too busy to discuss it. it seems that they are able to block my nuisance calls, so will the prime minister help the vulnerable to do the same? >> will certainly ensure that ministers meet the gentleman if necessary. >> the 2010 conservative manifesto promised an economy in which not just our standard of living, but everyone's quality of life would rise steadily and sustainably. why in the last year have wages grown by the smallest amount since records began? >> i am delighted that after four and a half years, the labour party wants to debate the economy at prime minister's questions. this is a golden day for us. it means we can talk abo

sometimes they will go further and do a spear phishing attack which targets high-value people withinompany. -- to getto try them them to install malware. once that malware is installed. , there is destructive malware which is what the fbi is warning malware which destroys all the information on the hard drive and makes the machine inoperable. it simply deletes everything it finds. there is spyware that tries to observe what the user is doing and capture making keystrokes or files. and differentt types of malware. that theis speculation james franco/seth rogen movie has them as leaders of a plot to assassinate the leader of north korea. that theynotion brought north korea's hackers to attack them, the fbi is warning that maybe this is not the case and this could be a broader fishing expedition -- exposition. what do you think? this, should the world be afraid of seth rogen? >> it depends on how you want to look at that one. story that there is a movie about this so it must be north korea. in truth, i don't think there has been specific information that has come out yet that has tied t

crdito robadas es la forma ms comn de robo, tambin este pendiente de la pesca de datos conocido como phishingnde los estafadores envan un correo electrnico hacindose pasar por una empresa o institucin financiera con el objetivo de obtener informacin, recuerde que la mayora de las empresas legtimas no envan correos electrnicos solicitando datos, para evitar caer en una estafa cibernetica se recomienda: insertar grafica 1. instale un antivirus en su computadora. 2. procure utilizar una tarjeta de crdito en lugar de dbito. 3. ponga un cdigo de seguridad en su clave de wifi en casa 39, que la gente use sitios, que si son legtimos, que so tiendas conocidas, no diferentes links que salen cuando uno est haciendo compras. es muy importante que: insertar grafica 1. evite utilizar computadoras pblicas. 2. si compra desde celulares o tabletas, instale una aplicacin de seguridad. 3. evite hacer click en enlances que vengan en correos electronicos. juanfra --hoy consumidores encontrarn excelentes precios en muchos productos, pero es importante mantener la calma y ser cauteloso antes de ingresar datos pers

the way to prevent it is number one, use anti-virus anti-phishing software.change passwords when you hear something is happening. be careful what you're clicking on. most important than anything else is update your systems. when you get that security message that says update now, what do we all -- we always do it. i know you do it. >> update now, yep. >> we remind ourselves later, right? we click that remind me later. they should ban that button from the internet and update update update. >> hemu nigam, thank you. great insights. we appreciate it. >>> oh, what a night as we get ready to say good-bye to 2014 we'll take a look back at the year that was. stay with us right here on msnbc. we'll be right back. ooh! ooh! >> want a life vest? (vo) nourished. rescued. protected. given new hope. during the subaru "share the love" event, subaru owners feel it, too. because when you take home a new subaru we donate 250 dollars to helping those in need. we'll have given 50 million dollars over seven years. love. it's what makes a subaru a subaru. not all toothbrushes are

anti-phishing. firual. vpn. encryption is a huge thing. any file you store on the cloud, if you can encrypt that file -- neil: what does that mean? what the hell you talking about? >> basically, the files you have themselves are password protected. let's say the email provider is breached, the files you might have on there actually require a password to get to them. as long as you're doing all that -- neil: how long do you change those passwords. here at fox they're telling us, every other week, change your password. god bless them. if you can crack this network, you hit a home run. it better not resemble anything you did in 1988. what did you do? [laughter] every three months is good. every six months is fine. every year, at a minimum you have to do that. and any cloud service that you upload your data to. multi factor authentication. user name and password. a text message as an extra 1-time password. these extra layers of password protection generally will keep the bad guys out. generally. neil: bad guys, at your point are getting so sma

examples we've seen and, unfortunately, consumers have seen it as well, is very traditional retail phishingthey send it to you, we couldn't complete this transaction. please click here to give us information. you go to click on walmart, you're supposed to download a document, when you download the document, they infect your computer. liz: i want to keep this up. everyone look at this. it has the logo. it looks very professional. but if you check on some of these things, you'll find misspellings, grammatical errors. look at the last line, deducted before you order was booked. it should have been your order. what happens if you press open and open this file? >> you're actually letting the criminals install software or malicious software, malware as we call it, on your and you're the. they'll mine your hard drive for passwords. they get the keys to your online kingdom. liz: what else should we be looking for? again, this is a hackers heaven. i don't think you can depend on the retailers to protect you at this point. what are the other tricks you've seen owe out there that people should look fo

the hackers get in through a phishing attack, some attachment that has malware.wire diagram of who is who. you identify the system administrator. when you're at work and you have a computer problem, you call i.t. the person you get is the system administrator or somebody with administrative privileges who can look throughout the entire network. once they identify that person or people, they steal those credentials and use it to download. that doesn't explain why over the course of what would have been months to steal this amount of data, no real system administrator asks the question, where is all of this data going and why? >> tom fuentes, it's a fascinating situation over there if in fact it's relatively easy to go in there and steal this information. >> well, it is. and to continue fran's point, the fbi goes to who are the people that the company recently fired, particularly if they were system administrators because oftentimes these companies are lax and don't terminate their password. they are disgruntled but have complete access, the keys to the kingdom and

lost their jobs and reputations because the fbi improperly raided our form in this now discredited phishingiti expedition. very tough language. and you can see why. because these defense attorney's clients and in case david gannick the former trader have been through quite a lot as this case has unfolded in recent years. >> let's bring in simon hobbs as we count you down to the close and the u.k. and across continental europe. >> the german bund has hit a fresh record low today. 0.6711%. partly because there is still this talk that european qe. the ecb's chief economist was hinting that at in washington and the slovakian member of the council suggesting that the overwhelming majority of the council is in favor of qe. and also the situation in greece is aiding that issue. and you could also argue that this threat of qe is limiting the fallout from greece. however having said that you have the yields of spain and italy and portugal rising slightly. the bigger deal in greece itself is the prime minister today nominated a former commissioner to be the new president. immediately the other five o

of people you think are going to have this level of access, that's who you then target for spear phishing>> that's when a hacker spends an e-mail to a specific person that seems to be come flg a legitimate colleague. >> i look at it. because it's from someone i know, i open the e-mail. then the subject makes sense so i click on the attachment. and that's critical, right? >> right. so now you're going to a web page that i designed. as you'll notice, as it ren dors here, it's going to look legitimate. >> but that website is installing malicious software and in seconds, the target's computer is under the hacker's control. >> oh, look at that. >> this is -- >> and now my computer is showing up on your computer. you can see exactly what i'm up to. >> exactly right. >> the hacker can read e-mails, look at projects, reports, budgets, picture, even record your every key stroke. >> so in real time, i see exactly what you're typing on your screen. and this is how we get passwords. >> both the fbi and the experts who we brought in basically said the malware was so sophisticated that 90% of american

agent who visited his home after the phish began monitoring his posts and also against elementary schoolseatening possibly to go in and have a major mass shooting. >> brown: let's look at one post he sent to his wife. there's one way to love you, but a thousand ways to kill you. i'm not going to rest till your body is a mess, soaked in blood and dying from all the little cuts. now, strong stuff, clearly. the argument from his lawyer today was what? that this is protected somehow? >> right, he made the same argument he did at trial and on appeal before the case got to the supreme court, and that is, under the federal law that he was charged under, this law hawklawmakes it a crime to trant interstate or foreign commerce any communication that expresses a threat to inflict bodily harm on another person. >> brown: in this case, over the internet. >> exactly, the internet is interstate commerce. his lawyer argued today as they did previously that this law requires a subjective intent to threaten, and that he did not have that. that these posts were really cathartic for him, that he was trying

it gets through our tablets through phishing email. you don't know you have a rat until they take remote control. time to clean up the rats. liz: we have to fight smarter. thank you for joining us in the conversation. jason, yak man asset management partner. gary, snoopwall ceo and peter barnes live in washington, dc. we are 49 minutes away from the closing bell. as i told you, we're holding on to the gains with the markets here. we've added on about four points to the dow gains at least since this news broke that north korea is suffering major internet outages. coming up, forget new year's resolution like losing weight and counting calories, how should you grow your portfolio? we have our traders at the ready, and charlie gasparino on what they think will happen in the new year and how you can profit from it. millennials are arguably the fastest growing segment when it comes to spending money on travel. with all the choices out there right now, where do millennials like to rest their heads? upon whose pillows? best western believes it

two of them are on the island and will be transported to a phish hospital. we have some pictures that were given to us by the indonesian government waiting by divers the chief of search and rescue for the city who is very involved in this. he told us that this belief is that most of these bodies are still on the fuselage strapped to their sheets and will require drivers to go under the plane to recover most of the bodies. it is his belief and others belief here many are strapped to their seats in the fuselage t. water is not that deep. it's about 100 feet most. it's very shallow. it is very rough and making the search and rescue difficult. there are so many sad stories. it gets to you after a while. we hope we can give them support as citizens of the world. also this man lost his sister brother, two nieces and a nephew. we talked to him about what he is going through. listen. >> when we had the information, firstly, of course we hoped our family members were safe and thought of nothing, until yesterday morning an afternoon, we still hoped we would get a mira

assuming phishing? >> it's all over the place. we have heard they are microsoft, lion's club, they will say anything if they think they can get into your computer. of course they will hold your hostage computer or try to give you money to release it -- try to get money from you, i should say. if someone calls you and you don't know who they are, even if you think you know who they are, don't give them control of your computer. you call them. that's the only way. >> thank you, michael. >>> coming up, caught on video. a veteran busts a man. the confrontation in the case of stolen valor is next. >>> i'm cheryl jennings. coming up at 5:00, a dramatic fall and even more dramatic recovery in a story you will see only on abc 7 news tonight. how the window washer who fell nearly a dozen stories is doing. and surprising news about his injuries. >>> also, some changes coming to oakland. the new ruling that could keep the circus out of town. a remote that lives on your phone. more wi-fi in more places. a movie library you can take wherever y

. >>> from protecting yourself against email fibbing scams to a phishing scams and county down had youat happened this week. here is what is worth repeating. >> very traditional retail machine this is example from walmart. they send it to you. we couldn't complete this transaction. click here to give us information so we ship it to you. you go to click of course and you're supposed to download a document. when you download the document they infect your computer. liz: hold on a second. >> all sorts of nefarious things. >> it is a worldwide customer we're after. it is not so u.s. focused anymore. jeep is exploding around the world for us and cherokee. >> we're trying to use data from the report to just help figure out how we can make our business model more transparent. we want customers to understand exactly what they get when they buy a ticket on spirit airlines and what they should expect. what they want is a surprise. don't think you will get a t-bone steak when you buy a hamburger. >> we're not a typical retailer. we don't report results as it relates to any particular season or met

that would be very difficult for them to get operatives here, but through remote access trojans and phishingre people become victimized from the inside out. and if we get a little smarter -- this is kind of a wake-up call to all of america to start to harden our networks in ways that sony didn't do. sony had silos where different parts of organization were separate, and the csio who left in september said he had a hard time connecting and seeing his entire network. that's a problem, and we've got to let that not occur on critical infrastructure. adam: do you think we'll see something like this in the near future? >> i'm predicting that 2015's going to be the year of the remote access trojan. we're going to see that in oh areas, and -- other areas, and the best thing we can do is start to clean up our network, create policies for our employees, use encryption and be prepared because they will attack again. adam: lee, let me finish up with you on all of this. you're going to have lines, i would imagine, outside the theater today. is this going to be a hit film, and would you recommend sony inc

>> accidentally gave your password away in a phishing attack, sometimes it's the weakest link in theiate it. i'll be right back. philosophy i? >>no. not exactly. to attain success, one must project success. that's why we use fedex one rate®. >>their flat rate shipping. exactly. it makes us look top-notch but we know it's affordable. (garage door opening) (sighs) honey, haven't i asked you to please use the.... >>we don't have a reception entrance. ship a pak via fedex express saver® for as low as $7.50. >>> in sydney, australia, an outpouring of public grief amidst the standoff. in the mid morning for the two hostages killed unconfirmed stories of their heroic final moments. tori johnson on the right reportedly grabbed the gunman's weapon and reports that katrina dawson, the 38-year-old lawyer shielded her pregnant friend from the gunfire. that deadly lone wolf attack is the most likely attack to take place on u.s. soil in large part because they are extremely difficult to police and prevent. cnn's chief national security correspondent jim sciutto has more. >> reporter: lone wolf att

the highest bidder and use those to enable the exact kind of masquerade attacks, spoofing attacks, phishing attacks you are describing. more concerningly, we see agencies of government, for example, the national security agency, which has secured the name, actually using this same paradigm to weaken our own infrastructure. we've seen them go to bodies and spy on them and look for vulnerabilities and rather than fix those standards, rather than correct those flaws, they leave them in to try to exploit them and in other cases look at where they can introduce them to make them less secure overall in certain vulnerabilities where they did not exist before so they could exploit them and gain access. we can understand the intentions for why they might want to seek to do this. it would give them access in novel places, places previously denied, but at the same time the same vulnerabilities can be used against the american , american people, allies and other citizens around the world. but also google has had a pretty big presence here. it's not just about google. it is about every american service

they send out phishing e-mails that make it feel more american.e ominous as well. certainly a new group of perpetrators we hadn't looked at before. for insiderdicate trading that hacking is the new black when it comes to doing this? iswhat we have seen prosecutors have really cracked down on all kinds of insider trading. there were a series of cases that involved old fashion ways of scraping information through connections and network. this may be one way in which you replace that. you could get sensitive m&a information. you can target the right officials. you can do it in a way that makes it much much harder for the fbi to trade. they couldn't discount the information that was being sold and wasn't being handed over to some entity like a hedge fund. >> perhaps is there anyone pointing to some collusion within these companies as well? >> it does seem like one possible target for this kind of information would be some of the people involved in the deals. it could be possible they are doing this to see the other side's hand. is thing this does show

we see that when the e-mail service provider industry was being attacked years ago, we saw phishing andspam increase immediately. it's that -- having the infrastructure to permeate the crimes that you want to commit, that you know you're going to be able to monetize quickly and i don't think other groups are as organized as the russian speaking bad guys we deal with. >> my answer to your question would be it depends on global economic shifts. why i think eastern europe is the center of cyber crime is partially network effect and also the internet is a -- makes everyone a target equally like globally, so you can target someone across the world just as easy as you can target someone nearby, and also they don't have a silicon valley. so the reason silicon valley works is the network effect of investors and companies and talent, and so they have a similar business network there, and so if -- so that is a draw, although criminal, and if there's a rich technology industry nearby for people with those interests, that is -- even at lower pay will be a stronger draw than the criminal underworld.

they will hit a link and it's clearly somebody phishing. stand by for a moment. bobby, senator john mccain, the next chairman of the senate armed services committee, says he'll be holding a hearing. one of his first responsibilities as chairman. he says he will be doing it in the first two weeks of early january. he wants the united states to hit north korea with a cyberattack of its own. listen to what he said about the sony attack and the threat from north korea. >> i think it should be a wakeup call. it should be a wakeup call that a country like north korea has this kind of capability. imagine the capability they have to disrupt other aspects of american life so it's time we as congress, frankly, it's time that congress got together with the administration and passed legislation on this whole issue of cybersecurity and we have not. >> that legislation has been around for a couple of years. ed royce, chairman of the foreign house committee, he's worked together with mike rogers and now the outgoing chairman of the house intelligence committee and that legislat

train each employee how to identify suspicious links in emails or phishing scams.s from untrusted sources or reveal sensitive information on social media. here is what prepareis reedley did to identify security gaps at one of its financial sector clients, listen. >> a cd was placed around the business, spring break mexico 2005. what is interesting, 50% of the those cds were loaded into computers and were infected with fake malware to see who would put the cds in. 50%. those are type of things that these terrorists are doing. >> reporter: preparis says companies need to adopt all hazards plan and adapt it in case of any emergency, bill. bill: we'll see how it works out. jonathan serrie, live in atlanta. martha: police are on alert nationwide. how departments across the country are responding to the assassination of these two new york city police officers. ♪ >> happy holidays. shannon: martha: they're going to, u.s. sailors, serving on board the aircraft carrier, carl vinson, we thank them for the great holiday message and merry christmas to all of you. bill: and you

you know, we saw phishing and spam increase immediately.it's having the infrastructure to permeate the crimes that you want to commit and you know you're going to be able to monetize quickly. >> my answer to your question would be it depends on global economic shifts. why i think, you know, eastern europe is the center of cyber crime is partially network effect. and, also, they don't have a silicon valley. if there's a rich technology industry nearby for people with those interests that even a lower pay, will be a draw to the criminal world. >> the united states persuaded with the maltese. i think, in part, somewhere in the justice system. so here's the question. vladamir putin reacted to this by, a, saying this is a great victory for cyber security, or, b, putting on a list of countries where russians shouldn't travel to. as long as he is in charge in russia, or as long as that attitude is in charge in russia or other countries, it's going to be hard to make progress against this. what is criminal is often political. and it's russia's decr

we saw phishing and spam increase immediately so it's having the infrastructure to permeate the crimes you want to commit and you know you will be able to monetize quickly and i don't think that other groups are as organized as the bad guys we deal with. >> my question is on the global economic shift. it's partially network effect and also the internet is making everyone a target globally seem to target someone around the world. the reason silicon valley works is they know that the investors and the talent, so they have a similar business network there and if that is a draw although criminal and there is a rich technology industry nearby for people with those interests even at lower pay will be a stronger draw than the criminal underworld. >> about six months ago. vladimir putin did this by saying this is a great victory for cybersecurity or putting up a list the list of countries they should travel to as long as he is in charge or as long as that attitude is in charge of russia and other countries it's good to make it hard. >> is russia trying to see themselves as part of the west tha

the highest bidder and use those to enable the exact kind of masquerade attacks, spoofing attacks, phishing attacks you are describing. more concerningly, we see agencies of government, for example, the national security agency, which has secured the name, actually using this same paradigm to weaken our own infrastructure. we've seen them go to bodies and spy on them and look for vulnerabilities and rather than fix those standards, rather than correct those flaws, they leave them in to try to exploit them and in other cases look at where they can introduce them to make them less secure overall in certain vulnerabilities where they did not exist before so they could exploit them and gain access. we can understand the intentions for why they might want to seek to do this. it would give them access in novel places, places previously denied, but at the same time the same vulnerabilities can be used against the american government, american people, allies and other citizens around the world. but also in our products and services. google has had a pretty big presence here. it's not just about goo

it's very easy through what are called phishing for hackers to convince someone who works at a firm toe giving it to someone inside their institution office. that lets people into the back door or front door sometimes at a company. it makes us incredibly insecure. if you put your i.d. in but you get a realtime password that comes back over your cell phone, someone steals your password, they can't get into your system because they need your cell phone. >> how much of this is about data at a bank versus credit card data you have at a bank through a retailer? >> i don't draw a distinction. there are huge threats to both. another thing we need to think about is banks may have very good security. they've been spending hundreds of billions beefing up their security. if they use a third party vendor, a law firm, an accountant, an hvac system -- >> like "60 minutes" that great piece. >> yes. to some extent your security is only as good as your vendors. we need to examine our institutions for that, as well. what kind of reps and warranties are they getting from vendors about their level of secu

the concert is dominated by men include the allman brothers band phish, and bruce springsteen. >>> albreak and why the american song book could be in his musial future. but first, >>> up next ben tracy finds more than just presents at the mall. >> with christmas just around the corner it times for families to take the kids to visit this guy. the santa attraction at many local malls is bigger than ever this year. et cetera part of mall's effort to get you off mind and into their stores spending money. that story coming up on "cbs this morning." >> first, off to the north pole. ut first off to the north pole. ♪ ♪ walgreens knows the holidays are full of surprises. that's why, whenever the need arises... walgreens is always right around the corner, so you can get in and out in no time. and help keep the magic in your holidays. at the corner of happy and healthy. plus get up to $20 in jingle cash on next week's purchase of $30 or more. some people think vegetables are boring. but with green giant's delicious seasonings and blends, we just may change their minds. ho ho ho green giant! get

detectors that are the best detectors for the man in the middle and phishing attacks.here is debate over android versus ios and both are now very hard. i publicly claim that android was safer, there are other that my factsue were wrong. both android and ios are working to make them more safe. >> let medal take this opportunity for you to clarify some remarks. said if you something you don't want to know, maybe you in the't be doing it first place. is that still how you feel? >> that's great about that is that it was the first moment i felt sorry for american politicians. the entire paragraph was about the patriot act. if you read it in context you'll see i was commenting on the patriot act. of the echo chamber of the internet, i guess that little quote is long enough, it twitter, but the par braf doesn't. >> if you type in eric schmitt, dead, it immediately gets filled in by google. >> it important to know that that is not driven by google but query.by frequency of since we have a very smart audience here, the answer is i'm of the patriot act. and the reason is the yet

if you look at the kind of malware that we are seeing, the kind of spear phishing attack we are witnessing, all of them show a greater degree of sophistication than ever before. what is actually probably more interesting is the organizational sophistication that we're seeing. if your image of the hacker that we are worried about on the government side is the guy in his pajamas, yeah, that is not -- it can be annoying and a nuisance, but that is not who we are worried about. particularly in the criminal world they had taken a page out of the business world and have applied business operations and operational research to how they do their business. so organizationally the hackers are much more sophisticated than their were they were several years ago, and that poses a significant challenge. >> what role do state actors play in this? the iranians attacked a number of us financial institutions, russian, chinese, several indictments earlier this year. how closely as this link? >> certainly when you look out across the array of cyber threats that we are facing, you definitely see a significant c

>> i was like it's a phishing scam. >> i thought the same thing. >> i mean, it was -- when we were doingf the scandals on wall street we said the expression what's the "e" stand for. e-mail is evidence mail for the scandals. apparently sony, they still thought you could do personal -- like, i'm scared of personal. i'm scared of everything. >> your personal e-mail on the work account, you're done for. of course. >> anything. >> are you like me? on occasion i touch it and say i can't wait to see this in "the new york times." you know? like, ooh, great. >> anything that's just blatantly that you know shouldn't be in print. that's when you call someone. >> e-mail has become the form of communication. it becomes like a conversation. it just happens to be typed. but at this point it is -- i don't even check it. >> i talk about colleagues. >> with or without their name? >> with their names. but not bosses. of course, i would never have anything to say bad about any of our people. >> of course not. >> an update on the hostage situation going on in the heart of sydney, australia. matt taylor has

phishing scams seem passe but they're still around. >> hey, we have a great discount for you.reful of any retailer link that you connect to, it might not be what you think. >> gift cards are so popular this time of year. you say be very careful where you're buying them. >> buy them from behind the counter. those that are out for everybody. thieves are coming, scanning the numbers. they then put them back. you then buy them. they keep checking. once you activated, now they can steal all the money on that card. only buy a gift card if it's held behind the counter. >> wow! we're going to call you mrs. grinch from now on. >> just use cash. just use cash. >> suze orman, always good to have you here. >> thanks, matt. >> thank you very much. >>> coming up, more tips on today.com. and up next, naughty or nice? putting the toy's hottest seasons for elementary kids in the experts themselv sexperts, s >>> we're back now at 8:39 with more of our special series, toy portfolio.com, naughty or nice? kids put toys to the test. we put the hottest new toys in the hands of kids and parents. each