According to a survey of over 600 IT security professionals across seven countries, 88 percent of organizations saw spear phishing attacks, 55 percent fell victim to at least one phishing attack, 86 percent experienced business email compromise attacks and nearly two-thirds experienced a ransomware attack. The burgeoning issue and financial fallout from spear phishing is
(More)…
After compromising the email account of a government official at one agency, targeted phishing attacks were sent from this trusted contact to other government agencies purporting that bank accounts for receiving their payments had changed. Puerto Rico’s Industrial Development Company sent over $2.6 million while the Tourism Company paid $1.5 million to fraudster-controlled accounts held
(More)…
Fraudsters find more success with getting phishing campaigns delivered as well as with open and click rates when sending from an existing, known and trusted email address. This may be why a recent report found that 20 percent of phishing email attacks against employees are sent from email addresses a fraudster has taken over. Most
(More)…
In partnership with another Alphabet group company, Google recently released a way for consumers to test their skills in detecting phishing emails. It includes eight simulated emails based on characteristics of real phishing attacks, where the user is to indicate whether each email is legitimate or fake. According to a recent survey, 83 percent of
(More)…
According to a recent survey from ProofPoint, more than 80 percent of information security (infosec) professionals saw an increase in phishing attacks in 2018 while nearly two-thirds reported an increase in spear phishing. Meanwhile, those who reported compromised accounts as a result of phishing attacks increased from 38 percent of infosec professionals in 2017 to
(More)…
This guest blog post from a Certified eCommerce Fraud Professional discusses a case study involving a social engineering attack against an airline, as well as discusses methods for deception and intrusion with spear phishing attacks related to social engineering and fraudsters ultimately attempting to reverse engineer an organization’s risk management policies and practices. Read More
In a high profile attack led by the Syrian Electronic Army against the New York Times and other websites, users accessing the affected sites were redirected to servers under the attackers’ control. Users were redirected to pages hosting malicious content, and this was all made possible following spear phishing attacks against an Australian web domain
(More)…
Facebook recently announced that they uncovered an incident where fraudsters used compromised email addresses to scrape lists of Facebook friends due to a misconfiguration on their site. The fraudsters would then target phishing emails to the owners of the email addresses purporting to be from a Facebook friend. Read More
