Australia officially launched their National Anti-Scam Centre this week. With more than AUD $3.1 billion lost each year, Australians need support. With representatives from the banks, telecommunications industries and digital platforms, the intent of the center is to identify methods to disrupt all kinds of scams and reduce scam losses. While I completely support this initiative, it would be remiss of me not to highlight that the prevention of scams is perhaps as important as the cure.
Attackers are increasingly using images in phishing to evade text-based security filters, according to researchers at INKY.
Email-based social engineering attacks have risen by 464% this year compared to the first half of 2022, according to a report by Acronis. Business email compromise (BEC) attacks have also increased significantly. “One out of 76, or 1.3%, of the received emails were malicious,” the researchers write. “Phishing remains the number one threat, with these attacks making up 73% of the total.
Hey, did you get that sketchy email? You know, the one from that malicious hacker always trying to fool us into clicking on some malware? Boy, these criminals are relentless. Wait, what? You clicked on it? Uh-oh... A hypothetical scenario, but one that plays out every day in organizations across the globe. The truth is that it is a very real scenario that offers a good opportunity to dive deeper into the topic of email security.
Gmail accounts often contain vital, sensitive information including confidential documents and personal photos. They also often serve as a way to recover passwords for accounts like your banking login. That’s why email accounts are a common target for cybercriminals. Access to your Gmail account could be used to steal your money or your identity.
In the world of cybersecurity, there are a few constants, one of the big ones being the fact that news, innovation, and threats move fast and are constantly evolving. It is important for security professionals to stay in the loop about major developments in cybercriminal activity and the cybersecurity industry. Fortra’s PhishLabs offer resources to learn about a variety of cybersecurity-related topics, including a blog that regularly features cybersecurity news.
The Better Business Bureau (BBB) has warned of a scam in which attackers pose as process servers in order to steal information and commit identity theft. “You receive a call from an unknown or blocked number from a person claiming to be a process server,” the Bureau says. “They might say there is a lien on your home or someone is taking you to court over unpaid medical bills.
Credential harvesting is a technique that hackers use to gain unauthorized access to legitimate credentials using a variety of strategies, tactics, and techniques such as phishing and DNS poisoning. Phishing is the most frequent type of cyber threat and can lead to more harmful attacks such as ransomware and credential harvesting. According to recent research, phishing assaults targeted credential harvesting in 71.5% of cases in 2020.
