Email makes modern communications work. We use email for keeping in touch with friends and family, organizing business activities, and tracking a variety of other needs. But how does email actually work and why do you get so many spam emails? That all comes down to email messaging protocols.

A Phishing-as-a-Service (PhaaS) platform called “Tycoon 2FA” has surged in popularity over the past several months, according to researchers at Sekoia. The phishing kit is notable for its focus on bypassing victims’ multi-factor authentication measures.

The FBI’s Internet Crime Complaint Center (IC3) newly-released Internet Crimes Report provides an unbiased big picture of the cyber crimes that were the most used and most successful. A few weeks ago we covered the alarming trends on ransomware, and FBI’s IC3 division took in over 880,000 complaints last year from individuals and businesses about every cyber crime being committed. Unfortunately, the details on overall cyber crime show things are not improving.

Read also: E-Root Marketplace admin sentenced, an IT-contractor jailed for cyber fraud, and more.

Criminals have always been among the first to adopt the latest technology to benefit themselves financially. Famed bank robbers Bonnie and Clyde used high-powered V-8 engine-equipped Ford cars to outrun local police. Other gangs used the telephone to help coordinate their activities, and some realized they could gain an edge by outgunning security and police by toting Thomson submachine guns.

Criminals have historically been quick to embrace cutting-edge technology for their financial gain. For instance, the notorious bank robbers Bonnie and Clyde utilized high-powered V-8 engine-equipped Ford cars to outpace local law enforcement. Other criminal groups leveraged telephones to coordinate their activities, while some recognized the advantage of wielding Thomson submachine guns to outgun security personnel and police.

Researchers at IBM X-Force are monitoring several ongoing phishing campaigns by the Russian state-sponsored threat actor ITG05 (also known as “APT28” or “Fancy Bear”). APT28 has been tied to Russia’s military intelligence agency, the GRU.

New analysis shows that the combination of phishing, email, remote access, and compromised accounts are the focus for most threat actors. Data across the industry corroborates new findings in cyber risk advisory and response firm Kroll’s just-released Q4 2023 Cyber Threat Landscape Report. But what’s interesting in this report is how the data tells a story of where organizations are falling short in their preventative efforts.

Generative AI exploded in popularity not too long ago but its influence on text and media creation is already undeniable. AI content is becoming ubiquitous on the internet, and this technology is slowly seeping into real life, impacting sectors such as healthcare, finance, agriculture, and education. In a previous blog post, we discussed the rise of malicious AI chatbots and how they can be leveraged in cyberattacks. Now, we are seeing these potentially AI-written spam being distributed via email.

In today's digital landscape, an organization’s C-suite and senior executives hold the most valuable corporate data and sign-off authorities, meaning they represent the highest potential risk over email. Whether it’s inbound spear phishing attacks, or outbound mistakes resulting in a damaging data breach, the C-suite are vulnerable.