• Cyber Safety
  • Posts
  • USB Drop Attacks Are Back And Smarter Than Ever

USB Drop Attacks Are Back And Smarter Than Ever

August 03, 2025

In partnership with

An AI scheduling assistant that lives up to the hype.

Skej is an AI scheduling assistant that works just like a human. You can CC Skej on any email, and watch it book all your meetings. It also handles scheduling, rescheduling, and event reminders.

Imagine life with a 24/7 assistant who responds so naturally, you’ll forget it’s AI.

  • Smart Scheduling
    Skej handles time zones and can scan booking links

  • Customizable
    Create assistants with their own names and personalities.

  • Flexible
    Connect to multiple calendars and email addresses.

  • Works Everywhere
    Write to Skej on email, text, WhatsApp, and Slack.

Whether you’re scheduling a quick team call or coordinating a sales pitch across the globe, Skej gets it done fast and effortlessly. You’ll never want to schedule a meeting yourself, ever again.

The best part? You can try Skej for free right now.

🧠 The Return of USB Drop Attacks — But With a Twist

Cybercriminals are reviving an old trick: planting USB drives in public places to tempt employees into plugging them in. But these aren’t just random sticks—they’re loaded with payloads that auto-execute malware, steal credentials, or open backdoors.

Here’s What’s New:

  • Some USBs are disguised as branded gifts or labeled “Q4 Team Bonuses.”

  • Others are mailed to offices, pre-loaded with fake “invoices” or “HR videos.”

  • Newer models emulate keyboards (HID attacks) to inject commands silently.

Prevention Tips:

  • 🔒 Disable USB ports or enforce read-only access on corporate devices.

  • 📢 Train employees to report unknown or gifted USBs—never plug them in.

  • 🔄 Run endpoint monitoring for sudden new device input activity.

📁 That “free” flash drive might cost you your entire network.

📱 SMS-Based Phishing (Smishing) Is Now Targeting Work Phones

Corporate phones are now being bombarded with scam texts claiming to be from banks, HR, or IT support. These links bypass company email filters and exploit employee trust.

Recent Tactics:

  • “Your benefits package was updated—review here.”

  • “We noticed unusual login activity—confirm identity now.”

  • Texts linking to cloned Office 365 or HR portals.

Start learning AI in 2025

Keeping up with AI is hard – we get it!

That’s why over 1M professionals read Superhuman AI to stay ahead.

  • Get daily AI news, tools, and tutorials

  • Learn new AI skills you can use at work in 3 mins a day

  • Become 10X more productive

What to Do:

  • Enable mobile threat protection (MTP) on all work devices.

  • Remind employees to verify messages via internal channels before clicking.

  • Use mobile device management (MDM) to isolate and wipe compromised devices.

📲 In 2025, every employee’s phone is a front line. Treat it that way.

👋 Final Word

The most effective attacks still prey on curiosity, urgency, and convenience. A USB stick or a text message might seem harmless—but in the wrong hands, they’re deadly entry points. Stay skeptical. Stay protected.

Want to spread awareness internally? Forward this to your compliance or IT lead.
Got something sketchy you want us to investigate next issue? Just reply.


Think before you click. Think before you plug.
Team Cybersafety

Seeking impartial news? Meet 1440.

Every day, 3.5 million readers turn to 1440 for their factual news. We sift through 100+ sources to bring you a complete summary of politics, global events, business, and culture, all in a brief 5-minute email. Enjoy an impartial news experience.