While security tools have become more adept at detecting payloads in emails, attacks that lack known indicators and rely instead on impersonation/social engineering tactics are successfully bypassing these traditional controls and reaching inboxes. If an organization’s email security controls are not effective...
Business Email Compromise (BEC) is “one of the most financially damaging online crimes” according to the FBI. It is a cunning form of email impersonation that, when combined with human error, can be incredibly disruptive and damaging. Phishing and Account Takeover (ATO) attacks target employees and trick them into...
The holidays may be behind us, but fraudsters and cybercriminals are continuously finding new opportunities to exploit online activity, transactions, and the generosity of individuals.
Stay one step ahead of fraud with our new Insights Article. Gain valuable knowledge about the latest fraud trends, effective...
While historically the origin of most business email compromise (BEC) attacks has been West Africa, residing in Nigeria certainly isn’t a requirement for BEC attackers. Indeed, the subject of this report is a sophisticated threat group based in Israel.
The group is unique in that they impersonate executives and...
Bots have become an important tool for modern cybercrime. A bot is used somewhere in the attack cycle in more than three-quarters of security incidents. HUMAN Security co-founder and CEO Tamer Hassan called account takeover "the gateway drug to all other forms of fraud and abuse."
We strongly recommend that you use a password manager to reduce password reuse and improve complexity, but you may be wondering if it’s really worth the risk. Is it safe to store all of your passwords in one place? Can cybercriminals hack them? Are password managers a single point of failure?
Join Roger A....
When you think of using biometric technology as part of your multi-factor authentication process, you assume these attributes are safe. Cybercriminals can’t hack your fingerprints, can they? The answer may surprise you!
Biometric attributes aren’t as safe as they once were. Cybercriminals are always coming up...
Criminal hackers are targeting South Koreans with an Android Trojan that dupes victims into handing over payment card data by faking phone conversations with lenders. Developers are using "several unique evasions that we had not previously seen in the wild," Check Point researchers write.
As the pandemic abruptly shifted the work landscape, cyber attackers quickly evolved their tactics, which include ransomware, business email compromise, and account takeover attacks. And phishing attacks are persistent. But guess what. So are we.
Proofpoint is a vendor with end-to-end solution. We're confident that...
Cyber criminals are getting bolder and more sophisticated with their threats. As more business assets move to the cloud, attackers have followed close behind. This cloud account compromise threat brief will help you understand:
The anatomy of cloud account takeover
What damage cyber criminals can do with a...
Banking Trojans, ransomware, fake finance apps programmed to steal data - the cybercriminal cartels have become more punitive in 2023, escalating destructive attacks on financial institutions. This is just one key finding of the annual Cyber Bank Heists report by Contrast Security's Tom Kellermann.
Multi-Factor Authentication (MFA) can be a highly effective way to safeguard your organization’s data, but that doesn’t mean it’s unhackable. And nobody knows that better than award-winning author and Data-Driven Defense Evangelist at KnowBe4, Roger Grimes. While researching his most recent book Hacking...
Meta's popular social media platforms are increasingly being targeted by cybercriminals, and account takeover complaints rose over 1,000% last year. This social threat is spilling over into banks and government agencies, and experts criticize Meta for moving too slowly to address security issues.
Expel has released its latest quarterly threat report, which looks at continued identity-based attacks and the impact of MFA fatigue. Jon Hencinski shares insights on attack trends, gaps in compensating controls and what to look for in pre-ransomware activity.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.