Researchers at the security firm Proofpoint are tracking several fraud schemes leveraging COVID-19 vaccine-themed emails. The schemes include business email compromise scams, messages with malicious attachments and phishing emails designed to harvest credentials.
A Russian-speaking "scam-as-a-service" operation dubbed "Classiscam" is expanding globally, with 40 interconnected gangs in about a dozen countries using fake product advertisements to launch phishing schemes, the security firm Group-IB reports.
The "remote workforce" of 2020 is gone. Now we're talking about the new, permanent "branch office" - and it comes with its own unique set of cybersecurity concerns, says Derek Manky of FortiGuard Labs. He discusses new social engineering trends and how to respond.
The Australian Cyber Security Center is warning that fraudsters have recently started sending phishing emails that spoof the agency and contain malware designed to steal banking credentials.
To enhance organizations' security postures in the year ahead, CISOs must strengthen authentication processes, increase the use of network segmentation tools and deploy effective threat intelligence capabilities, two CISOs recommend.
Federal investigators have seized two domains impersonating the pharmaceutical firms Moderna, which has begun shipping a COVID-19 vaccine, and Regeneron, which developed a treatment for COVID-19, according to the U.S. Justice Department. Fraudsters were using the websites for identity theft.
A spear-phishing campaign in which emails appear to originate with legitimate companies is targeting enterprise users to steal Office 365 credentials, according to Abnormal Security.
Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware!
Join us as we explore 10 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious...
An ongoing phishing campaign designed to harvest Office 365 credentials is using a Microsoft Outlook migration message, according to researchers at Abnormal Security. These fake messages have landed in about 80,000 inboxes so far.
Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports.
An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales. Fraudsters are likely using these attacks to harvest credentials.
Are insurers getting cold feet over covering losses to ransomware? With claims due to ransomware skyrocketing, some insurers have reportedly been revising offerings to make it tougher for companies to claim for some types of cybercrime, including extortion.
Enterprises should have an incident response plan with a continuous monitoring threat intelligence sharing mechanism to help protect critical infrastructure from nation-state attacks, says Jayesh Ranjan, principal secretary-IT, government of Telangana
Detecting "deepfake" images used by fraudsters is challenging, says Gartner Research analyst Avivah Litan, who describes key steps in the detection effort.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
