It was a cunningly crafted phish...
Employees at a healthcare company were going about their day when they received an email from their CEO - and it wasn't a typical meeting invitation. The email asked them to read and agree to a company policy. Simple. Just click on a link, login with their credentials and go to...
Want to Avoid Attacks? Think Like a Marine
The Marines are tough and they're smart, too. That's why they anticipate risks to stay "left of bang" on the battlefield and reduce their losses. This eBook uses similar thinking to help strengthen your phishing defense and keep your company "left of breach."
Over the past year, financial services organizations have seen an 87% increase in credential leakage, 149% increase in stolen credit cards, 151% increase in cyber-attack indications, and a 48% increase in fake social media accounts. In addition, state-sponsored APT groups with little to no financial motivation have...
A cybercrime gang called "Silence," which appears to have just two members, has been tied to attacks that have so far stolen at least $800,000, in part via ATM jackpotting or "cash out" attacks, warns cybercrime investigation firm Group-IB.
While tech-support scams have proliferated for years, the FBI says losses tied to such fraud are now higher than ever. Google has pledged to crack down on fake tech-support listings. But fraudsters regularly employ a variety of channels, including cold calls, pop-up windows and phishing emails.
Business email compromise attacks continue to be lucrative for the criminally inclined. With the FBI reporting that reports of such attacks have recently doubled, researchers find that tricking victims into making fraudulent wire transfers remains attackers' top goal.
Google has suspended multiple YouTube channels and videos, as well as blogs, after tying them to phishing attacks and influence operations linked to Iran's state media. The technology giant's moves coincided with similar efforts by Facebook and Twitter.
A website that appeared to be part of a phishing campaign designed to gain access to the Democratic National Committee's voter database has turned out to be part of an uncoordinated security exercise. The false alarm has highlighted the benefit of actively monitoring for election interference.
Leading the latest edition of the ISMG Security Report: An analysis of why it may be too late to secure the 2018 U.S. midterm elections. Also: A close look at the Anthem breach lawsuit settlement and a report on ransomware recovery lessons learned.
About 30 new health data breaches - including a phishing attack impacting 1.4 million individuals - have been added in recent weeks to the official federal tally, pushing the total victim count for 2018 so far to 6.1 million.
With the U.S. midterm elections approaching fast, Microsoft says it's seized six domain names tied to "Fancy Bear," a hacking team widely believed to be part of Russia's military intelligence agency, amplifying concerns that Moscow's election interference efforts continue.
A phishing attack on Wednesday fueled by the Necurs botnet targeted at least 2,700 banking institutions of various sizes in the U.S. and around the world, explains Aaron Higbee of Cofense, which detected the attack.
The 2018 State of the Phish Report presents analysis of data that can help CISO's and their teams identify opportunities to manage end-user risk. The report delivers the types of data infosec professionals are seeking as they develop their own security awareness training programs.
Download this report to learn more...
Cyber criminals are reaping the benefits of business email compromise and CEO fraud scams, which is a $12 billion industry, according to the FBI by impersonating an executive in your organization, asking for financial reports or by asking payroll staff to make changes to bank accounts.
Invoice and payroll fraud,...