Security News

Phishers are incessantly pumping out COVID-19 themed phishing campaigns and refining the malicious pages the targets are directed to. "Credential phishing attackers often tailor their email lures with themes they believe will be the most effective and use general websites for actual credential harvesting. The recent move to create custom COVID-19 payment phishing templates indicates that buyers view them as effective enough to warrant custom tactics to harvest credentials," Proofpoint researchers have noted.

According to the security company that verified its authenticity, Cyble, this is data that a specialised group of internet users will find far more interesting - a database of criminal account holders of the now defunct WeLeakData.com breach data trading forum. Such sites have sprung up in the wake of a tidal wave of public data breaches, giving criminals a one-stop shop for accessing the stuff without having to do unnecessary legwork.

In a report Thursday looking at how the pandemic will shape organized crime in the EU, Europol said much of the criminality related to the deadly virus reflects the flexibility of criminal organizations, a trend that was already witnessed during previous financial crises. The impact became evident much more quickly, with a sharp increase in cybercrime in the first weeks of the virus's spread. "New and adapted attacks appeared almost immediately from the onset of the crisis and have been among the most visible types of criminality," Europol said.

Criminals are preying on a fearful public and disrupting the provision of medical care during the coronavirus pandemic by selling counterfeit products, impersonating health workers and hacking computers as many citizens do their jobs online at home, European law enforcement agency Europol said Friday. "Criminals have quickly seized the opportunities to exploit the crisis by adapting their modes of operation or developing new criminal activities," Europol Executive Director, Catherine de Bolle said in a statement.

To thwart increasingly dangerous cyber criminals, law enforcement agents are working to "Burn down their infrastructure" and take out the tools that allow them to carry out their devastating attacks, FBI Director Christopher Wray said Wednesday. Unsophisticated cyber criminals now have the power to paralyze entire hospitals, businesses and police departments, Wray said during a conference on cybersecurity at Boston College.

Over just the last three years, Chinese cyber criminals have gone from relatively solitary players to adopting the same tactics favored by organized crime syndicates in Russia and other nations with lax cyber crime laws and enforcement. "According to 2018 Internet Development Statistics, China's cybercriminal underground was worth more than US $15 billion, nearly twice the size of its information security industry. The same Chinese-language source also shows that China's cybercrime is growing at a rate of more than 30 percent a year. An estimated 400,000 people work in underground cybercriminal networks."

Though SpyCloud helped bring this particular criminal to justice, these tactics are common in targeted attacks. Targeted attacks are manual, creative, and elusive, making them one of the most difficult aspects of security and risk management.

It’s important for businesses of all sizes to not only view their suppliers’ attack surface as their own but also extend some of their security protections.

Keep up with the latest threats – and learn how to stop them Promo The IT security landscape changes by the second, as organisations move to new technologies and data thieves devise increasingly...

Building financial crime resilience today to future-proof banks for tomorrowInstead of proving a flash in the pan, enthusiasm for cryptocurrency has grown - and with it the associated fraud. Cyber...