Less than a year after the United States Postal Service revealed that hackers breached agency computers, many employees continue to click on phishing messages that contain false links, according to an inspector general report.
Too often, individuals who fail to take the proper steps to secure IT aren't punished for their reckless behavior. But should those who consistently fail to follow safe cyber hygiene be severely penalized for repeatedly falling for phishing attacks?
Spear phishing is the preferred attack method for advanced threat actors. Well-crafted spear phishing attacks easily slip past layers of defenses and target the only vulnerability that cannot be patched -- people. The vast majority of headline data breaches in recent years have all begun with spear phishing attacks....
A penny saved is a penny earned, as Benjamin Franklin made familiar in Poor Richard's Almanac in 1737 - and every penny of fraud loss recovered (or better yet, avoided) goes straight to the organization's bottom line.
Present-day examples span the gamut of industries. The losses are in the billions and growing -...
Four years after the FFIEC issued its updated authentication guidance, many banking institutions say account takeover losses have gone up, a new survey shows. John LaCour of PhishLabs explains why institutions' reactive approach to fraud is failing.
The FBI estimates fraud losses linked to so-called business email compromise scams worldwide have exceeded $1.2 billion in less than a year. But some financial fraud experts say the losses from this largely overlooked threat could be even higher.
A $46.7 million fraud scheme that hit Ubiquiti Networks Inc. shows the new & improved face of wire fraud - and just how easy it is for cybercriminals to fool employees into helping to pilfer their own enterprises.
Carphone Warehouse, a U.K.-based mobile phone retailer, is investigating a cyber-attack that may have breached personal information associated with up to 2.4 million customers, and card data linked to 90,000 accounts.
The prices for stolen payment card data and other cybercrime products and services on Russian underground forums continue to fall. But the cybercrime ecosystem is more automated, effective and robust than ever, Trend Micro reports.
An unconfirmed post-breach report for bitcoin exchange Bitstamp shows the organization was targeted by a sustained attack that combined phishing via email and Skype with macro malware to successfully steal almost 19,000 bitcoins, worth $5 million.
Cisco announced plans to pay $635 million to purchase cloud security firm OpenDNS to better secure the "Internet of Everything." OpenDNS says the acquisition will leave its products and personnel intact.
Prior attempts at security have failed to solve email's fundamental flaw - anyone can send email using someone else's identity. This flaw has put the power of the world's most admired brands in criminal hands - through email, criminals can use almost any brand to send spam, fraud, phishing email and malware installs,...
Those advocating the use of the ".bank" top-level domain argue that it offers better security than ".com." In part one of a two-part interview, Craig Schwartz of fTLD Registry Services and Doug Johnson of the ABA explain the security provisions.