Security News

Don't miss today's live webinar to learn how you can better stop Vendor Email Compromise attacks when your partners or suppliers have been compromised or spoofed. What is VEC. The weakness in email security.

Agari researchers entered unique credentials belonging to fake personas into phishing sites posing as widely used enterprise applications, and waited to see what the phishers would do next with the compromised accounts. They found that 23% of all accounts were accessed almost immediately, 50% of the accounts were accessed manually withing 12 hours after compromise, and that 91% of the compromised accounts were accessed manually within the first week.

Emails referencing the Colonial Pipeline ransomware attack and looking like they've been sent from the corporate IT help desk have been hitting employees' inboxes and asking them to download and run a "Ransomware system update." The emails look rather convincing: they look like they are coming from the company help desk staff, they contain no egregious grammar or spelling errors, and are quick to come to the point.

Spammers are abusing affiliate programs to promote online casinos, such as Raging Bull Casino, Sports and Casino, Ducky Luck, and Royal Ace Casino, with misleading emails. To refer users, the affiliates will create specially crafted URLs that contain an affiliates ID or drops a cookie that allows the casino to give them credit when a referral registers a new account.

Spammers are abusing affiliate programs to promote online casinos, such as Raging Bull Casino, Sports and Casino, Ducky Luck, and Royal Ace Casino, with misleading emails. To refer users, the affiliates will create specially crafted URLs that contain an affiliates ID or drops a cookie that allows the casino to give them credit when a referral registers a new account.

On average, it takes three and half days from the moment a malicious email attack lands in an employees inbox, to when it is discovered by a security team or reported by end users and remediated, says new insight from Barracuda Networks. Researchers analyzed threat patterns and response practices across 3500 organizations, analyzing what happens after a malicious email bypasses an organization's security measures and lands in a user's inbox.

Even with the best defenses, some malicious emails are invariably going to bypass your security and reach the inboxes of your users. In a report published Tuesday, security firm Barracuda Networks looks at how malicious messages evade security detection and what you can do to stop them.

An alert released on Friday by the FBI and the DHS's Cybersecurity and Infrastructure Security Agency revealed that the number of organizations targeted in a recent attack abusing a legitimate email marketing service was higher than initially reported. Microsoft reported last week that the Russia-linked threat actor it tracks as Nobelium, which is believed to be responsible for the SolarWinds supply chain attack, had been abusing a legitimate mass email service named Constant Contact to target government and other types of organizations in the United States and a dozen other countries.

With so many companies being targeted by domain impersonators, email domain spoofing shouldn't be taken lightly. Forging the email domain or address: wherein attackers exploit loopholes in existing email security protocols to send emails on behalf of a legitimate domain.

Scammers use fake 'unsubscribe' spam emails to confirm valid email accounts to be used in future phishing and spam campaigns. For some time, spammers have been sending emails that simply ask if you wish to unsubscribe or subscribe.