Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A new scam aimed at stealing your credit card and banking information has reared its’ ugly head as a completely legitimate ad that is likely to be clicked based on the corresponding search term. If you type in “USPS Tracking” in Google, you probably want to enter a U.S. Postal Service tracking number so you can see where your package is, right? So, if you saw the following result, would you give it a second thought? Source: Malwarebytes.

The quantity of emails involved in scams and cyber attacks continues to grow as credential theft and response-based phishing persist as top attack variants. The ripple effect from cybercrime-as-a-service launching a few years back has reached critical mass, where we’re seeing significant increases in the percentage of emails that are either clearly determined to be malicious (7.7%) as well as those suspicious enough that users are recommended to not engage with (15.9%).

New insight from blockchain analysis company, Chainalysis, shows that activity involving known ransomware crypto addresses has grown over the last 18 months, despite a downfall of other malicious activity. When I cover reports, there’s an understanding that the accuracy of the data provided is dependent on the number of organizations responding to a survey, the geos and industries represented, etc.

A manufacturing organization became the target of a business email compromise (BEC) attack. The threat actor utilized stolen credentials and then hoped a prompt-bomb attack will work — it did, and the threat actor was able to take over the user’s inbox. While, thankfully, this incident was detected and responded to by Arctic Wolf before more damage was done, BEC attacks are becoming more common and more successful by the month.

Netskope Threat Labs is tracking phishing campaigns that are abusing several free cloud services to host their websites and collect user information. These campaigns host their phishing sites in AWS Amplify which is available to free-tier users. Some phishing campaigns also abuse Telegram and Static Forms to collect users’ credentials. These phishing attacks aim to steal banking, webmail, and Microsoft 365 credentials, as well as victims’ card payment details.

Identity theft is common in the US and can happen to anybody. The FTC received 1.1 million reports of identity theft in 2022, which made it the most prevalent type of fraud complaint they received that year. The internet has made identity theft easy, with the FTC reporting that most fraud happened via text, phone, email, websites and social media. Some cases even involved online ads, including pop-up ads.

Shell is one of the largest oil and gas companies in the world today. The organization is based in London, England, and has branches in many countries throughout the world, including the United States. Shell has an estimated annual revenue of $381.3 billion USD and employs approximately 86,000 people. The company was recently added to the list of victims of the large-scale MOVEit data breach. Details are still fuzzy, but it appears that many individuals could be compromised.

Healthcare companies and insurance providers were hard hit this week in a slew of data breaches. Some of the breaches happened long ago, while others are fresh, but either way, it's clear that medical companies are being targeted heavily by hackers. The list of companies includes the Charles George VA Medical Center, ARx Patient Solutions, Advanced Medical Management, and Imagine360 LLC. We also can't skip over the fact that oil giant Shell was hit by a breach as well.