tag = "business email compromise"

Building Cybersecurity Resilience in Financial Services

Despite paying significant attention to security, many organizations continue to be the targets of advanced persistent threats, fraud, sophisticated phishing campaigns, and other bold efforts to access the personally identifiable information (PII) and other sensitive IP they maintain.

The Anatomy of a Look-alike Domain Attack

In this post, we show the frequency of common look-alike domain threats, the mechanics of an attack, and resources to minimize risk.

APWG Q3 Report:Four Out of Five Criminals Prefer HTTPS

Highlights from the report include more than two hundred thousand unique phishing websites detected in August and September, SSL encryption for phishing sites overtaking SSL deployment for general websites, and a 10 percent increase in BEC attacks originating from free webmail accounts.

APWG: SSL Certificates No Longer Indication of Safe Browsing

Key highlights of the report include a significant increase in wire transfer loss attributed to business email compromise (BEC) attacks from the first quarter and a 20% increase in BEC attacks targeting the social media sector.

All Phish are Not Created Equal: The Evolving BEC Scam

As cybercriminals evolve their attack methodologies, they have learned from their mistakes and BEC is an unfortunate example of how they are circumventing technology defenses and exploiting organizations' greatest vulnerability: employees.

Olympic Vision Keylogger and BEC Scams

The ease of buying low cost, pre-built tools broadens the range of potential targets in BEC attacks. This blog discusses one of these tools - Olympic Keylogger.