Security News

Several cybersecurity companies have spotted campaigns that use coronavirus-themed emails to deliver malware, phishing attempts and scams. The malicious emails warn potential victims about the impact of the coronavirus on the shipping industry.

A non-password protected cloud database containing hundreds of millions of customer records and internal logs for cosmetic giant Estée Lauder has been found exposed online, according to researchers. Many of the records importantly contained plaintext email addresses.

ZeroFOX, the leading provider of public attack surface protection, announced it has extended its artificial intelligence powered platform to now include advanced protection capabilities to solve intractable challenges in the cloud email security market and complement existing email security. The ZeroFOX Advanced Email Protection suite includes capabilities that address Business Email Compromise Protection for Google's G Suite and Microsoft's Office 365 platforms, which identifies impersonation-based attacks targeting employees.

Malicious files and links regularly bypass email security products, leaving enterprises vulnerable to email-based attacks. Increased use of automation allows attackers to create many 'mutations' for each malware or malicious file, potentially inundating email security products with new unknown threats.

Last week, IBM and Kaspersky caught hackers in Japan trying to spread malware through emails with links about the coronavirus outbreak that started in Wuhan, China, in January. Now, Kaspersky and Sophos have found phishing emails from cybercriminals purporting to be from the Centers for Disease Control and Prevention and the World Health Organization that are attempts to steal email credentials and other information.

Sadly, cybercrooks love a crisis, because it gives them a believable reason to contact you with a phishing scam. Of course, if you put in your email address or your password and click through, you'll be submitting the filled-in web form to the crooks.

The Gone Phishing Tournament tested how susceptible people are to opening fraudulent emails and entering their login information. To prepare organizations for an attack, TerraNova Security held the Gone Phishing Tournament over five days in October, testing people at companies in 76 countries and 27 languages on how likely they were to open a malicious email and enter their information into a dangerous website.

Despite heading a company that provides a technological solution for stopping targeted email attacks, Evan Reiser, CEO of Abnormal Security, knows that technology is not the complete answer to the malicious email problem. "Some businesses are giving up on technology and defaulting to an awareness-based security program for detecting email attacks, but that sets them up for failure. Our brains are wired to look for patterns and repeat processes, so for something that we do daily like email, it's only a matter of time before an employee accidentally clicks a link from a 'trusted' company," he told Help Net Security.

A U.S. government agency was targeted with spear phishing emails harboring several malware strains - including a never-before-seen malware downloader that researchers call "Carrotball." One of the malicious documents also included a new malware downloader that researchers dubbed Carrotball.

Cybersecurity researchers are sounding the alarm about Emotet, a powerful email malware that is now being used to attack U.S. government and military targets. "We track it heavily, as it's continuing to spin up and send out email messages, we pick up on that quickly. Emotet is everywhere. I see Emotet infections and Emotet traffic happening all the time. It's an opportunistic threat, so as it comprises a system, harvest email addresses off of it and use other email addresses to attack."