This guest blog post from a Certified eCommerce Fraud Professional discusses a case study involving a social engineering attack against an airline, as well as discusses methods for deception and intrusion with spear phishing attacks related to social engineering and fraudsters ultimately attempting to reverse engineer an organization’s risk management policies and practices. Read More
Comments Off on About Social Engineering: A Case Study and How it Relates to Spear Phishing.
Over 700 Million Compromised Email and Password Combinations Used to Send Spam
Lists of email addresses with password and other information used to send phishing emails and spam were hosted on an open server and available to copy or download. More than one-fourth of the email and password combinations were identified from previous data breaches and this collection of 711 million email address account credentials shows the scale of data breaches
(More)…
Comments Off on Over 700 Million Compromised Email and Password Combinations Used to Send Spam.
Mobile Malware Targets Android
Cybercriminals target the vulnerable and popular Android mobile platform through banking Trojans. 98% of mobile malware batters Android users. As of January 2014, Internet security firm Kaspersky reported a total of 10 million malicious Android installations packages detected in 2012-2013. The primary focus of the malware is banking Trojans while packages may focus on obtaining
(More)…
Press Release: The Fraud Practice Releases White Paper on Behavioral Monitoring and CNP Fraud Detection
Identifying who sits behind the keyboard is a daunting challenge for e-commerce merchants. Behavioral monitoring analyzes user habits and can help organizations balance fraud protection with the risk of offending good customers. Monitoring user behavior in your online and mobile channels can help companies prevent account takeover, identify high-risk users while minimizing the probability turning
(More)…
Analyzing user behavior to detect fraud
Who is really behind the keyboard? Analyzing user behavior helps safeguard customers, their money, and their information. While companies and banks do their best to keep customer information secure, any system can only be as strong as its weakest link, and this is often customers themselves. Read More
Over Half of Malware Analysts Have Investigated Enterprise Data Breaches That Were Not Disclosed
According to a survey conducted by ThreatTrack Security, there may be considerably more data breaches occurring than the public hears about, especially at the enterprise level. A recent survey found that 57 percent of enterprise malware analysts have investigated or addressed a data breach that was never disclosed. Read More
95 Percent of Americans Received Email with Malware and 9 Percent Opened the Attachment
According to a recent report from Halon, an email security provider, 94.7 percent of Americans received one or more emails that contained a virus, spyware or malware while nearly 9 percent opened an attachment infecting their computer or device. Read More
SMiShing Scams Target U.S. Area Codes Utilizing Location-Specific Information
Phishing scams carried out via SMS text messages, known as SMiShing, continue to grow and target mobile users in the United States. Cloudmark, a messaging security software provider, recently cataloged the top 25 U.S. area codes that receive the most SMS spam and detailed various SMiShing scams targeting different regions. Read More
Fraudsters Used Spear Phishing Tactics to Initiate Attacks Against New York Times and Other Websites
In a high profile attack led by the Syrian Electronic Army against the New York Times and other websites, users accessing the affected sites were redirected to servers under the attackers’ control. Users were redirected to pages hosting malicious content, and this was all made possible following spear phishing attacks against an Australian web domain
(More)…
More Brands Targeted with Phishing Attacks so far in 2013
During the first six months of 2013 720 different brands were targeted by phishing attacks, an increase of 18 percent from the last six months of 2012, according the latest report from the Anti-Phishing Working Group (APWG). The two most targeted brands during the first half of 2013 were PayPal and Taobao.com. Read More
