{"id":9061,"date":"2017-09-01T10:10:25","date_gmt":"2017-09-01T18:10:25","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/09\/01\/news-2834\/"},"modified":"2017-09-01T10:10:25","modified_gmt":"2017-09-01T18:10:25","slug":"news-2834","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/09\/01\/news-2834\/","title":{"rendered":"Insider threats in your work inbox"},"content":{"rendered":"

Credit to Author: Malwarebytes Labs| Date: Fri, 01 Sep 2017 16:52:23 +0000<\/strong><\/p>\n

Recently,\u00a0our friends at Barracuda\u00a0found\u00a0a new phishing campaign\u00a0that banks on the popularity of cloud\u00a0services\u00a0used in most businesses,\u00a0such as Microsoft Office 365.<\/p>\n

According to\u00a0their blog post<\/a>,\u00a0this latest scheme\u00a0takes advantage of the natural trust\u00a0employees\u00a0place on messages they receive from colleagues using the\u00a0correct\u00a0email address.\u00a0Dear reader, this campaign\u00a0is beyond impostor email or\u00a0business email compromise (BEC)<\/a>. Barracuda is calling it\u00a0the ‘new insider threat.’<\/p>\n

BEC phishing campaigns usually originate outside the target organization. The threat actor creates an email address that may appear like the real thing, just like what we’ve seen\u00a0here<\/a>, and then uses it to convince someone in the organization\u00a0to wire money their way. If a threat actor successfully infiltrates\u00a0an organization’s\u00a0email platform on the cloud, then the threat becomes something else. The threat actor has become an identity thief and an insider who is now the biggest threat to any organization. At that point, the possibilities of abuse are endless.<\/p>\n

Businesses can combat this new attack by continuous education and awareness efforts. It also pays to add multifactor authentication for additional ways employees can verify their identities before being allowed to access their work emails.<\/p>\n

 <\/p>\n

The Malwarebytes Labs Team<\/em><\/p>\n

The post Insider threats in your work inbox<\/a> appeared first on Malwarebytes Labs<\/a>.<\/p>\n

https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Malwarebytes Labs| Date: Fri, 01 Sep 2017 16:52:23 +0000<\/strong><\/p>\n\n\n\n
<\/a><\/td>\n<\/tr>\n
A new phishing campaign that targets businesses goes beyond business email compromise or CEO fraud.<\/p>\n

Categories: <\/p>\n