BEC Will Reach Two Levels Deeper

Credit to Author: William “Bill” Malik (CISA VP Infrastructure Strategies)| Date: Tue, 22 Jan 2019 14:00:18 +0000

  In our predictions report for 2019, “Mapping the Future: Dealing with Pervasive and Persistent Threats,” we foresaw an increase in the rate of BEC (business email compromise) attacks: “Business email compromise will go two levels down in the org chart.” From the report:     “Business email compromise (BEC) remains a very potent and…

The post BEC Will Reach Two Levels Deeper appeared first on .

Read more

Today’s Data Breach Environment: An Overview

Credit to Author: Trend Micro| Date: Wed, 28 Nov 2018 19:04:36 +0000

By now, companies and consumers alike are well aware of the threat of a data breach. Large and small businesses across every sector have been targeted, and many customers are now familiar with the notification that their username, password or other details might have been compromised. The unfortunate fact is that, despite efforts on the…

The post Today’s Data Breach Environment: An Overview appeared first on .

Read more

Business email compromise scam costs Pathé $21.5 million

Credit to Author: Christopher Boyd| Date: Mon, 19 Nov 2018 16:00:23 +0000

Recently released court documents show European-based cinema chain Pathé lost a small fortune to a business email compromise (BEC) scam in March 2018. The attack cost the company $21.5 million—that’s 10 percent of its total earnings. Learn how to avoid BEC scams and keep your company in the black.

Categories:

Tags:

(Read more…)

The post Business email compromise scam costs Pathé $21.5 million appeared first on Malwarebytes Labs.

Read more

How to create a sticky cybersecurity training program

Credit to Author: Jovi Umawing| Date: Thu, 08 Nov 2018 17:00:00 +0000

Organizations know that training employees is not only expensive but time-consuming. But when it comes to cybersecurity, training is a must. Whether you’re an organization of 50 or 50,000, this guide will show you the ropes in creating a cybersecurity training program that works from start to finish.

Categories:

Tags:

(Read more…)

The post How to create a sticky cybersecurity training program appeared first on Malwarebytes Labs.

Read more

How Do You Fight a $12B Fraud Problem? One Scammer at a Time

Credit to Author: BrianKrebs| Date: Thu, 25 Oct 2018 16:11:57 +0000

The fraudsters behind the often laughable Nigerian prince email scams have long since branched out into far more serious and lucrative forms of fraud, including account takeovers, phishing, dating scams, and malware deployment. Combating such a multifarious menace can seem daunting, but in truth it calls for concerted efforts to tackle the problem from many different angles. This post examines the work of a large, private group of volunteers dedicated to doing just that.

Read more

BEC is Big Business for Hackers: What makes these attacks so hard to prevent?

Credit to Author: Trend Micro| Date: Fri, 31 Aug 2018 15:34:48 +0000

For years, one of the most lucrative ways for hackers to generate profits was through ransomware attacks. These instances involve the use of strong encryption to lock victims out of their files and data – attackers then sell the decryption key in exchange for an untraceable Bitcoin ransom payment. Now, however, another highly profitable attack…

The post BEC is Big Business for Hackers: What makes these attacks so hard to prevent? appeared first on .

Read more

This Week in Security News: HR and Heritage Hacks

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 08 Jun 2018 13:47:12 +0000

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the details of 92 million accounts for MyHertitage were discovered on a private server outside of the company. Also, companies using services from PageUp are notifying employees that…

The post This Week in Security News: HR and Heritage Hacks appeared first on .

Read more

Arm your users with knowledge to spot phishing attacks – for free!

Credit to Author: Chris Taylor| Date: Tue, 17 Apr 2018 11:05:50 +0000

Attendees to the Black Hat 2017 security conference said their #1 security concern and most time-consuming activity was phishing and social engineering attacks. That’s no surprise with the increase in Business Email Compromise (BEC) attacks and with most ransomware being delivered by email. But Black Hat Attendees also said the weakest link in their security…

The post Arm your users with knowledge to spot phishing attacks – for free! appeared first on .

Read more

Leveraging the Power of AI to Stop Email Scammers

Credit to Author: Chris Taylor| Date: Mon, 16 Apr 2018 12:00:58 +0000

Staff members are on the frontline when it comes to cyberattacks against their employers. They’re increasingly seen by hackers as a weak link in the cybersecurity chain. That’s why most threats today come via email, aimed squarely at tricking the recipient into downloading malware, divulging log-ins or making wire transfers to the attacker. We predict…

The post Leveraging the Power of AI to Stop Email Scammers appeared first on .

Read more

Insider threats in your work inbox

Credit to Author: Malwarebytes Labs| Date: Fri, 01 Sep 2017 16:52:23 +0000

A new phishing campaign that targets businesses goes beyond business email compromise or CEO fraud.

Categories:

Tags:

(Read more…)

The post Insider threats in your work inbox appeared first on Malwarebytes Labs.

Read more

The top 5 dumbest cyber threats that work anyway

Credit to Author: William Tsing| Date: Sat, 08 Apr 2017 15:00:23 +0000

The common conception of cyber attacks is kind of like bad weather: ranging from irritating to catastrophic, but always unpredictable. Hackers are simply too sophisticated to draw any reliable judgments on and we shouldn’t try. As it turns out, some hackers are fairly predictable in their successful use of really dumb attacks.

Categories:

Tags:

(Read more…)

The post The top 5 dumbest cyber threats that work anyway appeared first on Malwarebytes Labs.

Read more