Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The never-ending deluge of phishing emails, malware and ransomware threats can leave incident response and security operation teams (SOC) looking for faster ways to analyze user-reported malicious emails without risking their environments. Manually-triaging every email and being forced to switch between security applications/interfaces only slows response times, increases the chances for human error and means valuable threat intel can be missed.

Business Email Compromise (BEC) is one of the fastest-growing and financially-damaging cybercrimes. It has consistently led the way in cybercrime losses in recent years. According to the 2022 FBI Internet Crime Report, the FBI received 21,832 Business Email Compromise (BEC) complaints, with estimated losses totalling more than $2.7B. Data shows a 38% increase in cybercrime as a service targeting business email between 2019 and 2022.

We close out Cybersecurity Awareness Month for 2023 with a few final points that show that a company's security is a team sport, one in which everyone must participate. As noted in Trustwave SpiderLabs recent report, 2023 Financial Services Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies, phishing is one of the most effective methods attackers use to gain an initial foothold in financial services organizations.

Microsoft is tracking a cybercriminal group called “Octo Tempest” that uses threats of violence as part of its social engineering and data theft extortion campaigns. “Octo Tempest is a financially motivated collective of native English-speaking threat actors known for launching wide-ranging campaigns that prominently feature adversary-in-the-middle (AiTM) techniques, social engineering, and SIM swapping capabilities,” the researchers write.

In Q2 and Q3 of this year, Kroll observed an increase in large-scale AiTM phishing and BEC attacks targeting organizations within the professional services, banking and financial industries. In 90% of Kroll's recent BEC investigations, MFA was in place at the time of unauthorized access, but attackers can obtain authentication tokens and/or session cookies to easily evade defenses.

Researchers at INKY warn that a phishing campaign is attempting to distribute malware by impersonating PepsiCo. “As usual, it all starts with a phishing email,” the researchers write. “In this case, the phishers are impersonating the PepsiCo brand, pretending to be potential clients. They are claiming to need what the recipient sells and they’re asking them to submit a quote for PepsiCo to review.

Several months ago, Netskope Threat Labs uncovered a surge in PDF phishing attachments infiltrating Microsoft Live Outlook. These attacks were part of a larger series of phishing campaigns aimed to trick unsuspecting users. Upon closer examination, it's now apparent that the majority of these campaigns centered around Amazon-themed scams, with occasional diversions into Apple and IRS-themed phishing attempts.

Phishing attacks, which involve fraudulent attempts to trick individuals into divulging sensitive personal information, remain a significant threat. Despite advances in cybersecurity, hackers continue to adapt and evolve their tactics to exploit vulnerabilities.