Another Tax Season, More Scams

Another Tax Season, More Scams

It’s the start of tax season. This is the time of year when we collect our receipts and tax forms and hope for a nice big refund from the U.S. government. Unfortunately, cybercriminals are also looking for a nice big score as well. This year is going to be worse than ever, as many people have been struggling to make ends meet during the pandemic and are really looking forward to that refund. According to an article by Bleeping Computer, taxpayers are being targeted with phishing attacks with RAT malware that is more aggressive than ever before. And with the new extended deadline, this only means these cybercriminals will use every social engineering technique in the book. As unemployment has skyrocketed...

New Release: 2021 Remote Workforce Security Report

Holger Schultze wrote: The need to secure the remote workforce has never been more critical. A year into the pandemic, organizations are still grappling with how to protect their assets. The Remote Workforce Security Report reveals the status of organizations’ efforts to secure the new workforce, key challenges, and unique security threats faced by organizations, technology gaps and preferences, investment priorities, and more. Key findings include: Almost three-quarters of organizations are concerned about the security risks introduced by users working from home; despite these challenges, 86% are likely to continue supporting remote work in the future. Key security challenges cited include user awareness and training (57%),home/public WiFi network security (52%), and sensitive data leaving the perimeter (46%). The applications...

New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

New UK National Cyber Security Centre Head Warns that Cybersecurity Should be Taken More Seriously

Even though the UK has made ‘huge progress’ on cybersecurity efforts, the new Chief Executive of the National Cyber Security Centre (NCSC) Lindy Cameron believes that the current efforts are still not enough. The new security head previously worked as a Director-General for the North Ireland office. She also worked for the Department for International Development (DfID), and was responsible for international programs in Africa and APAC. In her upcoming speech to Queen’s University Belfast, she will highlight the recent SolarWinds hack on US government agencies, and the Microsoft Exchange zero-day vulnerability as current real-world examples. In a highlight from her speech, she talks about the growing threat of ransomware and how it is affecting public schools/universities. She will...

phishbait-surveys-rule-changes-boss

A Can of Phish Bait: from Surveys to Rule Changes to Your Boss’s Boss

Employees need to continue being wary of phishing scams as they begin to return to the office, according to Roger Kay at INKY. Kay describes several phishing templates that INKY has intercepted in recent months, including one that informed recipients that they needed to fill out a compliance form related to COVID-19 risks. “Reasonably well written, this email, apparently from the human resources department at the target company, actually came from phishers located in the United Kingdom,” Kay writes. “There are elements that might strike the recipient as strange. For example, the phrase ‘recuperating favorably’ is a bit off. Noncompliance is spelled ‘non-compliance.’ And ‘these guide and policies’ has an agreement-of-number problem. But otherwise, it’s a pretty good fake,...

Spoofing Tailored to Financial Departments

Spoofing Tailored to Financial Departments

Researchers at Area 1 Security have warned of a large spear phishing campaign targeting financial departments and C-suite employees with spoofed Microsoft 365 login pages. The researchers say that in some cases the attackers “specifically targeted newly-selected CEOs during critical transitionary periods.” Additionally, the attackers went after executives’ assistants. “Beyond financial departments, the attackers also targeted C-suite and executive assistants,” Area 1 says. “Targeting high-level assistants is an often overlooked method of initial entry, despite these employees having access to highly sensitive information and an overall greater level of privileges. In a few instances, the attackers even attempted to bait newly-selected CEOs of two major companies before any public announcements of this significant senior executive changeover were made.” The...

Billions of Spoofed Emails

Why Should You Be Using DMARC? 3 Billion Spoofed Emails are Being Sent Everyday

In a recent report from TechRadar, email is still the most popular form of malware distribution. Billions of emails that are spoofed are being sent everyday. Even though email is still the oldest form of online communication, it is still the go-to platform for cybercriminals to attempt to infiltrate. According to the report by Vailmail, “80% of all email inbox providers do DMARC check on inbound emails”. And with the pandemic, COVID-19 has been the key target for recent malicious email activity. Especially since your organization is still working remote. Since the increase enforcing of Domain-based Message Authentication, Reporting and Conformance (DMARC), a report from Vailmail found that there is still an influx of spoofed email messages. Despite this...

Ransomware Attacks Are Growing More Costly and Effective by the Day

Ransomware Attacks Are Growing More Costly and Effective by the Day

The availability of commodity bots and ransomware is making the business of ransomware accessible to just about every. And, according to new data, everyone’s getting in on the game. We love reports that provide an insightful view into what the bad guys are doing, quantifying what we’re all experiencing as an industry. A new report from threat intelligence firm Group-IB entitled Ransomware Uncovered 2020-2021 sheds some much needed light on the current state of not just attacks, but the specific methods and techniques used in today’s ransomware attacks. According to the report: The average ransom in 2020 was $170,000; up from $80,000 in 2019 The average dwell time on a victim network was 13 days The average downtime resulting...

Chinese Have Likely Hacked Your Microsoft Exchange Email Server

Chinese Have Likely Hacked Your Microsoft Exchange Email Server

Chinese Have Likely Hacked Your Microsoft Exchange Email Server. What if Chinese state-sponsored hackers have owned your OWA using several brand-new zero-day vulnerabilities? On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange....

Cyber Insurance is might not Cover that $6 Million in Cyber Fraud

Think Your Cyber Insurance is Going to Cover that $6 Million attack in Cyber Fraud? Think Again.

The latest tale of an organization falling victim to a business email compromise cyber attack on their credit card processor highlights how very specific the scenario needs to be to see a payout.  In 2018, RealPage, a Texas-based service provider for property owners and property management companies was the victim of a cyber attack that took the company for $6 million. RealPage processed their credit card transactions through a third-party processor, Stripe. Stripe fell victim to an impersonation attack where cybercriminals gained control over a RealPage user’s credentials and convinced Stripe to modify the disbursement instructions to point to a bad guy-controlled bank account. In total, $10 million was sent to the fraudulent account, with $4 million recovered. In...

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage. We’ve covered impersonation scams before where cybercriminals pretend to be your CEO, hospital personnel, or even the government. New data from cybersecurity vendor Agari highlights the impersonation trends they found by looking at email throughout the second half of 2020. 63% percent of phishing emails impersonate trusted brands (with Microsoft continuing to top the list). This breaks down in the following manner: Brand display impersonation (62.6%)– where the display name looks to be UPS, Microsoft, Amazon, etc. Individual display name impersonation (22.1%) – where the display name represents...

Vendor Email Compromise is Officially A Big (Seven-Figure) Problem

While the Solarwinds “sunburst” attack brought to light the compromising of a vendor, Vendor Email Compromise has been around for some time and now seems to be going mainstream. We first mentioned Vendor Email Compromise (VEC) back in late 2019. This method of compromising an email account at one company purposely to use it to attack a second company has been quietly evolving over the last 14 months. New data from Abnormal Security’s report, The Rising Threat of Vendor Email Compromise in a Post-SolarWinds Era sheds light on just how prevalent this attack method is becoming. According to the report: Your chance of getting hit with a VEC attack during any given week increased 82% between Q3 of last...

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

A new social engineering scam demonstrates how cybercriminals are both evolving their tactics while still using tried and true methods that just work to attain their goals. I’ve covered scams impersonating Office 365 I don’t know how many times. But it’s not very often you hear about a scam that uses LinkedIn as both its distribution medium and its’ credential target. Last month, victim LinkedIn users received a message from one of their connections (which proved to have been compromised) that contained a link to a third-party website containing a “LinkedInSecureMessage” (which there is no such thing). Victims are taken to a page displaying the following very official-looking page: After pressing the “view document” button, they are presented with...

88% Of Data Breaches Are Caused By Human Error

88% Of Data Breaches Are Caused By Human Error

A brand new report confirms what we have been saying for many years now. About 9 out 10 data breaches are caused by your users. Researchers from Stanford University and a top cybersecurity organization found that approximately 88 percent of all data breaches are caused by an employee mistake. Human error is still very much the driving force behind an overwhelming majority of cybersecurity problems. The study was done by  Stanford University Professor Jeff Hancock and security firm Tessian. The study “Psychology of Human Error” highlighted that employees are unwilling to admit to their mistakes if organizations judge them severely. Understanding the psychology behind human errors helps organizations to know how to prevent mistakes before they turn into data leaks. According...

Phishing Emails Are After Credentials

Most Phishing Emails Are After Credentials

Most Phishing Emails Are After Credentials 57% of phishing emails in 2020 were designed for stealing credentials, according to Cofense’s most recent Annual State of Phishing Report. Meanwhile, just 12% of phishing attacks last year were used for delivering malware. Cofense believes this is because credential phishing emails are better at bypassing email security filters than emails with malicious attachments or download links. Likewise, conversational phishing attacks, like business email compromise (BEC), have grown more popular. “The vast majority of phishing campaigns are credential theft or conversational,” Cofense says. “While malicious attachments still play a role in phishing, the frequency of this has dramatically declined over the years. In fact, most phish attachments these days are not even malware, but...

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data

New Dutch Data Breach Report Warns of Explosive Increase in Cyber Attacks and Stolen Personal Data The Dutch Data Protection Authority (AP) recently measured the number of reports of data theft in 2020 and the number of attacks skyrocketed. The report documented that it increased no less than 30% in 2020 compared to the year prior. Types of attacks that have been reported are centered around phishing or malware. It’s very concerning that cybercriminals are attempting to steal personal data. If successful, it can be very costly to you and your organization. The report also detailed specifics, including 1,173 reports of data leaks which tactics are used to steal personal data. 2019 compared to the previous year alone was...

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency

UK Police Arrest SIM-Swapping Gang Responsible for the Theft of Over $100 Million in Cryptocurrency This month the UK’s National Crime Agency (NCA) arrested eight suspects who targeted famous sports stars and musicians in the US and stole from victim’s bank accounts and crypto wallets. We hadn’t heard much from the SIM-swapping side of cybercrime in quite a while. This method of tricking a carrier and anyone using a phone number as a form of authentication is accomplished by swapping out the legitimate SIM of the victim with one controlled by the criminal to take over the mobile number of their target. Once in control of the mobile phone number, it becomes far easier to reset passwords, gain access...

Scroll to top