Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Fraud

What is Your Data Worth in the Fight Against Fraud?

You don’t need us to tell you that fraud and financial crime is on the rise. A quick google search will give you endless stats to support this claim. Fraud losses are increasing as a percentage of revenue, and that direct impact on the bottom line isan area of laser focus for senior execs.

Phishers Increasingly Incorporating reCaptcha API into Campaigns

Security researchers observed that digital attackers are increasingly incorporating the reCaptcha API into their phishing campaigns. Barracuda Networks explained that malicious actors are starting to outfit their phishing attempts with reCaptcha walls so that they can shield their landing pages from automated URL analysis tools as well as add a sense of legitimacy to their operations. Some of these efforts have consisted of deploying a fake checkbox and form.

New Coronavirus Flavoured Phishing Email Scams

Email scams are nothing new, just about everyone has heard of that one Nigerian Prince for example, but there is another phishing scam doing the rounds and unsurprisingly it is Coronavirus flavoured. Gmail users alone are being targeted with up to 18 million phishing email hoaxes every single day. Of course, it doesn’t end there with ‘regular’ email users – healthcare professionals are being targeted also.

Slack phishing attacks using webhooks

Slack is a cloud-based messaging platform that is commonly used in workplace communications. It is feature-rich, offering additional functionality such as video calling and screen sharing in addition to a marketplace containing thousands of third-party applications and add-ons. Slack Incoming Webhooks allow you to post messages from your applications to Slack.

Fraud Detection: WFH Leading to Increased BEC and Phishing Threats - What To Look For

A lot has changed in the past few weeks. And the percentage of us working from home (WFH) has increased tremendously. With increased WFH, we rely more on email communication, and this increases the opportunities for abuse by others. One thing that has stayed constant: bad people want to do bad things. As we have seen in the past, when one avenue of attack is restricted, the fraudsters redouble their efforts in other areas, and online fraud attempts are already increasing during our new normal.

COVID-19 Scam Roundup - March 30, 2020

Many in the digital security community are coming together to combat malicious actors during the coronavirus disease 2019 (COVID-19) global outbreak. One of the most visible of these new efforts is the COVID-19 CTI League. Made up of approximately 400 volunteers living in approximately 40 countries, the COVID-19 CTI League is working to block attackers from health care organizations and other medical facilities at this juncture.

Coronavirus Pandemic: Beware of the Bait Sites

The menace of coronavirus pandemic is accelerating significantly and hackers are capitalizing the element of fear to collect shear currency. They are creating thousands of websites as baits. According to the Check Point Research report, threat actors are registering phony COVID-19-related domains and selling them on discounted off-the-shelf malware on the dark web. In this article, we will delve into some essential details regarding the coronavirus-related bait sites. Here is some help.

COVID-19 Scam Roundup - Week of 3/16/20

Malicious actors are increasingly leveraging COVID-19 as a theme for new digital fraud attacks. In February 2020, for instance, Action Fraud received 21 reports of fraud relating to the coronavirus. This number of reports more than doubled to 46 between March 1 and March 13, 2020. Between March 14 and March 18, 2020, the United Kingdom’s national fraud reporting center collected 38 reports alone. Those 105 reports represented a collective total of £970,000 in losses.

How to Stop Phishing Attacks: Lessons Learned From the JPMorgan Chase SOC Team

Phishing attacks aren’t going away anytime soon. The numbers from Verizon’s 2019 DBIR Report and SANS Institute prove only one thing: When you’ve done all you can to protect against phishing attacks, that means it’s time to do more.

Puerto Rico government falls for $2.6 million email scam

As if Puerto Rico wasn’t having a hard enough time as it attempts to recover from a recession, the damage caused by devastating hurricanes in recent years, and a damaging earthquake last month, it now finds itself being exploited by cybercriminals. According to media reports, the government of the US island territory has lost more than US $2.6 million after falling for the type of email scam that has plagued companies and organisations around the world.