Security News
Microsoft has taken legal action to seize web domains being used to launch coronavirus-themed phishing attacks. "Microsoft's Digital Crimes Unit first observed these criminals in December 2019, when they deployed a sophisticated, new phishing scheme designed to compromise Microsoft customer accounts," said the mega-corp in a blog post this week.
A new phishing campaign spotted by Abnormal Security attempts to trick people with a phony Twitter security notification. A new phishing campaign analyzed by the security provider Abnormal Security shows how the attackers are taking advantage of Twitter users to steal account credentials.
The proof is in the results: Phishing attacks of just one type - the business email compromise - have caused at least $26 billion in losses in the past five years alone, according to the FBI. The Heart of the Problem. Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.
A report released on Tuesday by security company GreatHorn illustrates the ebb and flow of these attacks and offers advice on how organizations can fight them. For its report, GreatHorn tracked the volume of COVID-19-related email phishing attacks from January, when the virus began to surface, until June, when many countries and companies slowly started to resume operations.
The proof is in the results: Phishing attacks of just one type - the business email compromise - have caused at least $26 billion in losses in the past five years alone, according to the FBI. The Heart of the Problem. Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.
Redwood, California-based anti-phishing firm Area 1 Security has raised $25 million in a Series D funding round led by ForgePoint Capital and supported by existing investors Kleiner Perkins, Icon Ventures and Top Tier Capital. Area 1 Security claims to have stopped 42 million phish in 2019, and has thwarted $273 million in BEC fraud in the first five months of 2020.
Now that organizations in some parts of the world are trying to reopen, recent phishing attacks observed by the cyber threat intelligence provider Check Point Research are targeting employees returning to the office. In phishing campaigns observed by Check Point, attackers are deploying emails and malicious files masquerading as COVID-19 training materials.
Working from home is a new 'norm' for many organizations, but the shift toward remote work has been steadily increasing for the past decade. Whether mandatory or not, remote work can pose unwanted security concerns for an organization, so it's important to know how to be equipped to mitigate risk appropriately.
Between the second and third weeks of March 2020, email scams and phishing attacks spiked by an unprecedented 436%. Such was the effect of the COVID-19 pandemic. BEC attacks represent a low percentage of email attacks by volume, but a disproportionally high percentage of overall loss to business.
Targeting the CEO and others in an organization, the attacks spotted by cybersecurity firm Darktrace were detected due to artificial intelligence. A recent phishing attack observed by Darktrace used all of those methods in an attempt to deploy malware.