Security News

Dubbed Cosmic Lynx, the group has carried out more than 200 BEC campaigns since July 2019, according to researchers from the email security firm Agari, particularly targeting senior executives at large organizations and corporations in 46 countries. Rather than use free accounts, Cosmic Lynx will register strategic domain names for each BEC campaign to create more convincing email accounts.

The proof is in the results: Phishing attacks of just one type - the business email compromise - have caused at least $26 billion in losses in the past five years alone, according to the FBI. The Heart of the Problem. Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.

Users who don't understand how to encrypt their emails won't do it. There's another danger for companies whose users do try to grapple with the internal email encryption system: rising support costs.

The proof is in the results: Phishing attacks of just one type - the business email compromise - have caused at least $26 billion in losses in the past five years alone, according to the FBI. The Heart of the Problem. Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.

Most businesses tell us that they think email encryption is a priority that's part of their digital transformation and cloud migration. Deploying encryption isn't just about flicking an on switch for some technology and you're done.

The link took them to a "Surprisingly believable" phishing page with logos and icons that matched their service provider, and instructed them to enter their WordPress account username and password to start the update. "The scam then shows you some fake but believable progress messages to make you think that a genuine 'site upgrade' has kicked off, including pretending to perform some sort of digital 'file signing' at the end," Sophos's security proselytiser Paul Ducklin explained.

A desire to remain compliant with the European Union's General Data Protection Regulation and other privacy laws has made HR leaders wary of any new technology that digs too deeply into employee emails. At the same time, new technologies are applying artificial intelligence and machine learning to solve HR problems like analyzing employee data to help with hiring, completing performance reviews or tracking employee engagement.

With email now the number one destination to hoodwink overworked and bleary-eyed users with a confidence trick, there are many, many reasons to keep email secure. The historical problem with a technique like encryption in the past has been, if carried out in a heavy-handed fashion, it can be an all-or-nothing kind of deal.

ZL Technologies announced enhancements to the ZL UA Compliance platform that significantly strengthen the email review process for compliance departments. A flexible review pipeline for compliance departments, ensuring flagged communications are defensibly managed.

Attacks delivered via email are extremely common and the fact is that many popular security solutions are just not handling these attacks well enough, missing 20-40% of the new attacks emerging every day. Assessing your email vulnerability is a critical step in evaluating your overall security posture.