Security News

The proof is in the results: Phishing attacks of just one type - the business email compromise - have caused at least $26 billion in losses in the past five years alone, according to the FBI. The Heart of the Problem. Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.

Redwood, California-based anti-phishing firm Area 1 Security has raised $25 million in a Series D funding round led by ForgePoint Capital and supported by existing investors Kleiner Perkins, Icon Ventures and Top Tier Capital. Area 1 Security claims to have stopped 42 million phish in 2019, and has thwarted $273 million in BEC fraud in the first five months of 2020.

Now that organizations in some parts of the world are trying to reopen, recent phishing attacks observed by the cyber threat intelligence provider Check Point Research are targeting employees returning to the office. In phishing campaigns observed by Check Point, attackers are deploying emails and malicious files masquerading as COVID-19 training materials.

Working from home is a new 'norm' for many organizations, but the shift toward remote work has been steadily increasing for the past decade. Whether mandatory or not, remote work can pose unwanted security concerns for an organization, so it's important to know how to be equipped to mitigate risk appropriately.

Between the second and third weeks of March 2020, email scams and phishing attacks spiked by an unprecedented 436%. Such was the effect of the COVID-19 pandemic. BEC attacks represent a low percentage of email attacks by volume, but a disproportionally high percentage of overall loss to business.

Targeting the CEO and others in an organization, the attacks spotted by cybersecurity firm Darktrace were detected due to artificial intelligence. A recent phishing attack observed by Darktrace used all of those methods in an attempt to deploy malware.

In a blog post published Thursday, Check Point described the method in which attackers exploited one of Oxford University's mail servers to send the initial email, abused an Adobe Campaign redirection tool, and then used a Samsung domain to take users to a Microsoft Office 365-themed phishing website. Most of the emails observed came from multiple addresses that belonged to legitimate subdomains from different departments at the University of Oxford.

The phishing email leads recipients to a phony BOA landing page in an attempt to steal their banking credentials, according to Armorblox. A blog post published Thursday by security provider Armorblox explains how a recent phishing campaign impersonates Bank of America.

Researchers have discovered a sophisticated new phishing campaign that uses recognized brand names to bypass security filters as well as to trick victims into giving up Microsoft Office 365 credentials to gain access to corporate networks. A new report from Check Point Software first observed the attacks-the majority of which targeted European companies, with others seen in Asia and the Middle East-in April, when they discovered emails sent to victims titled "Office 365 Voice Mail.".

For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn't quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same. KrebsOnSecurity has learned that the phishing site Privnotes.com uses some kind of automated script that scours messages for bitcoin addresses, and replaces any bitcoin addresses found with its own bitcoin address.