Despite paying significant attention to security, many organizations continue to be the targets of advanced persistent threats, fraud, sophisticated phishing campaigns, and other bold efforts to access the personally identifiable information (PII) and other sensitive IP they maintain.
In this post, we show the frequency of common look-alike domain threats, the mechanics of an attack, and resources to minimize risk.
Highlights from the report include more than two hundred thousand unique phishing websites detected in August and September, SSL encryption for phishing sites overtaking SSL deployment for general websites, and a 10 percent increase in BEC attacks originating from free webmail accounts.
Key highlights of the report include a significant increase in wire transfer loss attributed to business email compromise (BEC) attacks from the first quarter and a 20% increase in BEC attacks targeting the social media sector.
As cybercriminals evolve their attack methodologies, they have learned from their mistakes and BEC is an unfortunate example of how they are circumventing technology defenses and exploiting organizations' greatest vulnerability: employees.