Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Email Security

Credential Theft Is Mostly Due To Phishing

According to IBM X-Force’s latest Threat Intelligence Index, 30% of all cyber incidents in 2023 involved abuse of valid credentials. X-Force’s report stated that abuse of valid credentials exceeded phishing as a top threat for the first time. I love IBM, but they are mixing up root causes and outcomes of root causes. What I mean is that you have to ask yourself how the credentials were stolen in the first place. Were they stolen from the user or a website? Were they guessed at?

When Threat Actors Don't Have a Viable Email Platform to Phish From, They Just Steal Yours

New analysis of a phishing campaign shows how cybercriminals use brand impersonation of the platforms they need to compromise accounts and takeover legitimate services. Every day there seems to be a new term for yet another creative attack technique. The latest is phishception (a play on words from the movie Inception) coined by security analysts at cybersecurity company Netcraft.

How to Spot Potential Spam Attempts and How You Can Handle Them

More often, spam emails are similar to an unwelcome houseguest who wouldn’t go away. Opening your inbox to discover it filled with unwanted messages is a common and frustrating experience for many. Some are merely annoying advertisements vying for attention, while others take a more sinister approach, aiming to extort individuals from scams or infect gadgets with viruses. Therefore, being alert and discerning while navigating the internet is essential for avoiding threats.

Swiss Government Identified 10,000 Phishing Websites Impersonating 260 Brands

Attacks targeting Swiss residents increased 10% last year, according to newly-released data that shows a growth in not just phishing attacks, but brand impersonation at purely a national level. The Swiss Federation’s National Cyber Security Centre (NCSC) hosts a phishing site reporting tool where individuals and businesses can report suspicious websites and emails. They analyze and track reports, consolidating their findings annually into their Anti-Phishing Report.

Anyone Can Be Scammed and Phished, With Examples

I recently read an article about a bright, sophisticated woman who fell victim to an unbelievable scam. By unbelievable, I mean most people reading or hearing about it could not believe it was successful. A group posing as an Amazon employee and various U.S. law enforcement agencies were able to convince a woman to take $50,000 out of her bank account in cash and hand it off to a complete stranger in the streets. It is a wild story and most of us would not be tricked into doing what happened to her.