Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

KnowBe4

BEC Scams Have Caused $55 Billion in Losses Over the Past Ten Years

Business email compromise (BEC) attacks have caused more than $55 billion in losses between 2013 and 2023, according to an advisory from the U.S. Federal Bureau of Investigation (FBI). “The BEC scam continues to target small local businesses to larger corporations, and personal transactions while evolving in their techniques to access those business or personal accounts,” the FBI says.

New Ransomware Threat Group, RansomHub, is so Effective, the NSA is Already Warning You About Them

The latest evolution of the ransomware service model, RansomHub, has only been around since February of this year, but its affiliates are already successfully exfiltrating data. You know you’re a problem when the U.S. government puts out a notice about you. That’s the case for RansomHub — the latest iteration of a ransomware as a service group formerly working under the names Cyclops and Knight.

Attackers Using HTTP Response Headers to Redirect Victims to Phishing Pages

Researchers at Palo Alto Networks’ Unit 42 warn that attackers are using refresh entries in HTTP response headers to automatically redirect users to phishing pages without user interaction. “Unit 42 researchers observed many large-scale phishing campaigns in 2024 that used a refresh entry in the HTTP response header,” the researchers write. “From May-July we detected around 2,000 malicious URLs daily that were associated with campaigns of this type.

Losses From Investment Scams have Increased Six-Fold Since 2021

The Better Business Bureau (BBB) has observed a six-fold increase in losses from investment scams over the past three years. The BBB has received more than 4,000 reports of investment scams since 2020, with the median reported loss rising from $1,000 in 2021 to almost $6,000 in 2024.

Your Lawyers Are Increasingly Targeted by Phishing Attacks, Ransomware

Researchers at Bitdefender warn that law firms are high-value targets for ransomware gangs and other criminal threat actors. Attackers frequently use phishing to gain initial access to an organization’s networks. “Phishing is one of the most common attacks in the legal field,” the researchers write. “Cybercriminals pose as legitimate entities, tricking employees into divulging sensitive information or clicking malicious links.

Use of Malicious Links Surges by 133% in Q1, Setting the Tone for the First Half of 2024

Threat actors are opting for malicious links over attachments in email-based attacks because it gives them a critical advantage that many solutions can’t address. Given that a malicious email is the very first step (or close to it) in an attack, it’s critically important that the attack maintain its’ stealth; detecting an attack at this point means an early (and well-deserved) death to the attack itself – something threat actors don’t want to see.

Phishing Attack Takes a Two-Step Approach to Leverage Legitimate Sites and Evade Detection

Analysis of a new phishing attack demonstrates how attackers may take a longer path to reach their malicious goals while staying “under the radar” of security products. It would be pretty simple to create a phishing attack that sends its’ victims a brand-impersonated email with a link that takes you to an impersonated webpage that asks for credentials, personal details or credit card information. But many of today’s security products will detect the impersonation immediately.

Phishing is Still the Top Initial Access Vector

Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by targeting humans directly. “The enduring dominance of phishing as an initial access technique underscores its effectiveness and persistence in the face of cybersecurity advancements and more sophisticated methodologies,” the researchers write.

Threat Actors Increasingly Exploit Deepfakes for Social Engineering

The availability of deepfake technology has given threat actors a valuable tool for social engineering attacks, according to researchers at BlackBerry. “Typically, online scams prey on the presumed weaknesses and susceptibility of the targeted individual,” the researchers write.