According to a survey of over 600 IT security professionals across seven countries, 88 percent of organizations saw spear phishing attacks, 55 percent fell victim to at least one phishing attack, 86 percent experienced business email compromise attacks and nearly two-thirds experienced a ransomware attack. The burgeoning issue and financial fallout from spear phishing is
(More)…
After compromising the email account of a government official at one agency, targeted phishing attacks were sent from this trusted contact to other government agencies purporting that bank accounts for receiving their payments had changed. Puerto Rico’s Industrial Development Company sent over $2.6 million while the Tourism Company paid $1.5 million to fraudster-controlled accounts held
(More)…
Fraudsters find more success with getting phishing campaigns delivered as well as with open and click rates when sending from an existing, known and trusted email address. This may be why a recent report found that 20 percent of phishing email attacks against employees are sent from email addresses a fraudster has taken over. Most
(More)…
In partnership with another Alphabet group company, Google recently released a way for consumers to test their skills in detecting phishing emails. It includes eight simulated emails based on characteristics of real phishing attacks, where the user is to indicate whether each email is legitimate or fake. According to a recent survey, 83 percent of
(More)…
According to a recent survey from ProofPoint, more than 80 percent of information security (infosec) professionals saw an increase in phishing attacks in 2018 while nearly two-thirds reported an increase in spear phishing. Meanwhile, those who reported compromised accounts as a result of phishing attacks increased from 38 percent of infosec professionals in 2017 to
(More)…
Nearly 2 million username and password combinations along with 330,000 email and password combinations were exposed in a data breach impacting German social media platform Knuddels.de. The company received a €20,000 fine related to the EU’s General Data Protection Regulation (GDPR) because the passwords exposed were stored in plain text. Read More
While nearly 30 million Facebook users had their names and basic contact information stolen, about 14 million of these data breach victims also had their birthdate, recent search history and locations compromised. Fraudsters are likely already using this information to help crack security questions on consumer accounts as well as to better target phishing emails
(More)…
This guest blog post from a Certified eCommerce Fraud Professional discusses a case study involving a social engineering attack against an airline, as well as discusses methods for deception and intrusion with spear phishing attacks related to social engineering and fraudsters ultimately attempting to reverse engineer an organization’s risk management policies and practices. Read More
Lists of email addresses with password and other information used to send phishing emails and spam were hosted on an open server and available to copy or download. More than one-fourth of the email and password combinations were identified from previous data breaches and this collection of 711 million email address account credentials shows the scale of data breaches
(More)…
Cybercriminals target the vulnerable and popular Android mobile platform through banking Trojans. 98% of mobile malware batters Android users. As of January 2014, Internet security firm Kaspersky reported a total of 10 million malicious Android installations packages detected in 2012-2013. The primary focus of the malware is banking Trojans while packages may focus on obtaining
(More)…
