TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target a new group of victims - HR departments, according to security researchers, who describe the new scheme.
Federal government agencies certainly are not immune from phishing scams, and Aaron Higbee of Cofense is focused on tackling the unique challenges that government faces in detecting and stopping the crimes.
It is hardly surprising that 94% of cyber-threats still originate in email.
Spear phishing, impersonation attacks, and account takeovers in particular remain fruitful avenues of attack for cyber-criminals aiming to infiltrate an organization with ease. Targeted email attacks of this kind, together with the...
Visser Precision, a U.S. manufacturer that supplies Boeing, Lockheed Martin, Tesla and SpaceX, appears to have been hit by the DoppelPaymer ransomware gang, which has begun leaking internal data and threatening to leak more unless the victim pays a ransom.
A business email compromise group targeting U.S. businesses is using G-Suite for their scams and collecting money through physical checks instead of wire transfers, according to the security firm Agari.
Cybercrime led to $3.5 billion in losses in the U.S. last year, with a sharp uptick in business email compromise scams - which accounted for nearly half those losses, according to a newly released FBI Internet Crime Report, which is based on complaints the FBI received.
As business email compromise schemes continue to evolve, some cybercriminals are focusing on accessing companies' financial documents, which provide useful information to support the theft of money, according to a new report from security firm Agari.
For close to three years, a technology executive was hounded by a persistent attacker who stole his identity, opened credit cards in his name, and wired funds from his bank account. Though SpyCloud helped bring this particular criminal to justice, these tactics are common in targeted attacks.
If your account...
The FBI and local police are investigating how scammers posing as a contractor for a local bridge project tricked officials in a small Colorado town into electronically transferring over $1 million to a fraudulent account, according to the Denver Post.
Spear phishing emails remain the most popular attack avenue for the bad guys, yet most companies still don't have an effective strategy to stop them. This enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more. Don't get caught in a phishing net! Learn how to avoid...
As new prevention technologies are deployed, Fraudsters are forced to change their approach, develop new tools, and uncover new ways to monetize their activities. In this way, Fraud Protection has been a perpetual cat-and-mouse game.
We'll see a real story about a phishing attack that could involve each bank's...
Many companies have already been hit by a ransomware attack- or will be. Technically astute hackers continue their ability to infiltrate ransomware so much, that Ransomware as a Service is now available on the darknet. In today's hyper connected world, it could be only a matter of time until 'something' happens. How...
Only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But even when they are enabled and your domain is more secure, 81% of phishing attacks still continue to sail right through to the end-user.
In this webinar, Roger Grimes,...
Business email compromise scams continue to proliferate. Last week, Japanese media company Nikkei revealed that an employee made a $29 million fraudulent transfer as a result of a scam. And in a separate scam, the city of Ocala, Florida, suffered losses of over $742,000.
Many businesses don't seem to be able to block the ongoing scourge of sophisticated business email compromise schemes. "Incidents are just increasing; there's a huge volume of business email compromise," says David Stubley, CEO at 7 Elements, a security testing firm and consultancy.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
