Sometimes, that email from your boss isn't really an email from your boss. Business email compromise (BEC) has become the costliest form of cyber crime, tricking victims out of more than $1.8 billion in 2020 alone. These highly targeted cybersecurity threats are easy to fall for and invisible to traditional security...
The cases of ransomware jumped up as the world moved to work from home amidst the pandemic. As threats have not ceased to increase, measuring the world's most critical businesses’ internet exposure is of paramount. The 2021 Industry Cyber-Exposure Report evaluates five areas of cybersecurity that are both critical...
Microsoft has announced the takedown of 17 domains that an unnamed threat group operating out of West Africa used to host fake Microsoft websites when conducting business email compromise attacks.
Cybercriminals have added a devious weapon to their attack arsenals - malicious browser notifications. And the worst part is they’re not blocked by any current cyber defense. These innocuous looking pop ups can wreak havoc on your network while remaining completely undetected. They look more realistic than...
The Microsoft 365 Defender research team says it has “disrupted a large-scale business email compromise infrastructure hosted in multiple web services.” It describes in a blog post how the BEC fraud scheme worked.
The move to the cloud with O365 has allowed companies to streamline email security investments and leverage the included email security provided by Exchange Online Protection (EOP) and Advanced Threat Protection (ATP). But this approach isn't perfect, and many companies have realized they need a solution to address...
Interpol says Dutch and Nigerian suspects created a cloned version of a legitimate personal protective equipment provider's website to trick a German health authority seeking face masks. The case is a reminder that a "sophisticated" scheme need not require extreme technical sophistication to succeed.
As more organizations adopt Microsoft 365 Exchange for email services in the cloud, it’s important to consider whether available native tools are sufficient to protect your organization against the full range of email-based threats.
Find the answers in this infographic which highlights how Microsoft 365 Exchange...
A recent phishing scheme used fake Microsoft Office 365 update messages to target financial executives and others in an effort to harvest their credentials, according to the security firm Area 1.
This edition of the ISMG Security Report features an analysis of the Microsoft Exchange on-premises server hacks – from who might have leaked the vulnerability exploits to how ransomware gangs are taking advantage of the flaws. Also featured: Tackling the cybercrime business model; assessing "zero trust."
Internet-enabled crime has surged during the pandemic, with more than $4.2 billion in losses reported by victims to U.S. authorities in 2020. The most lucrative type of crime continues to be business email compromise scams, which last year accounted for at least $1.8 billion in losses, the FBI reports.
Love it or hate it, email remains an essential business and productivity tool. Many organizations have now migrated to cloud-based Office 365 email for their employees. But while cloud-based approaches offer easier procurement, manageability and better cost savings, certain email facts of life won't change.
Moving...
There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organisation’s potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once...
A Nigerian national has been sentenced to 10 years in prison after pleading guilty to taking part in a business email compromise operation that extorted $11 million from its victims, according to the U.S. Department of Justice.
The decline in the total number of U.S. data breaches in 2020 isn't all good news; it reflects that hackers are changing their tactics, says James Lee of the Identity Theft Resource Center, who offers an analysis of the center's new data breach report.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.