Security News

BEC attacks increased 15% quarter-over-quarter, driven by an explosion in invoice and payment fraud, Abnormal Security research reveals. "As the industry's only measure of BEC attack volume by industry, our quarterly BEC research is important for CISOs to prepare and stay ahead of attackers," said Evan Reiser, CEO of Abnormal Security.

Cellusys pioneers the use of zero trust security to help their 800 million mobile phone end users combat SMS phishing and fraud. Cellusys has partnered with internet security firm MetaCert to provide an SMS security solution, using zero trust methodology to combat cyberattacks such as phishing, malware and financial fraud.

It's just the latest in a litany of attacks related to the upcoming election, and it showcases a big problem area when it comes to cybersecurity, researchers said. In a typical BEC attack, criminals will do their research to make their communications seem credible, according to Agari's recent deep dive on the state of BEC attacks.

Imperium announced the release of a significantly upgraded version of its flagship ID-validation tool RelevantID. This major release is designed to help market research and panel organizations combat the rise of highly sophisticated synthetic identity frauds that are becoming increasingly difficult to catch using conventional fraud-detection models. New RelevantID additionally includes FraudProbabilityScore, a machine-learning model that assesses passive and behavioral data, returning an extremely precise fraud assessment that detects fraud, bots, and jumpers/ghost completes in surveys.

Incognia announced the launch of its fraud detection solution designed for retailers, restaurants and payment providers leveraging QR codes for contactless payments. With consumers ready to re-engage with vendors using contactless methods, health and security are top of mind as businesses push for faster adoption of contactless QR payments.

Many banks across the U.S. and Canada are failing to meet their customers' online identity fraud and digital banking needs, according to a survey from FICO. Despite COVID-19 quickly turning online banking into an essential service, the survey found that financial institutions across North America are struggling to establish practices that combat online identity fraud and money laundering, without negatively impacting customer experience. 51 percent of North American banks are still asking customers to prove their identities by visiting branches or posting documents when opening digital accounts.

The White Ops team of researchers, including Cirling, Michael Gethers, Lisa Gansky and Dina Haines, - who named the investigation "RAINBOWMIX," inspired by the 8-16 bit color palate running throughout the retro game apps - found that these fraudulent apps were downloaded more than 14 million times by unsuspecting users. "Most of the RAINBOWMIX apps have a"C-shaped rating distribution curve," the team reported.

Cybercriminals are tapping into Amazon's annual discount shopping campaign for subscribers, Prime Day, with researchers warning of a recent spike in phishing and malicious websites that are fraudulently using the Amazon brand. There has been a spike in the number of new monthly phishing and fraudulent sites created using the Amazon brand since August, the most significant since the COVID-19 pandemic forced people indoors in March, according to a Thursday report from Bolster Research.

In the case of RainbowMix, the apps pretend to be from popular apps and social media platforms like YouTube and Chrome. White Ops saw this many daily ad impressions consistently, from the RainbowMix app collective.

F5 introduced Shape AI Fraud Engine, a new SaaS solution that eliminates fraudulent online transactions that get past existing fraud tools. SAFE typically identifies twice as much fraud per month when compared to other current fraud tools.