Email-based social engineering attacks have risen by 464% this year compared to the first half of 2022, according to a report by Acronis. Business email compromise (BEC) attacks have also increased significantly. “One out of 76, or 1.3%, of the received emails were malicious,” the researchers write. “Phishing remains the number one threat, with these attacks making up 73% of the total.
Hey, did you get that sketchy email? You know, the one from that malicious hacker always trying to fool us into clicking on some malware? Boy, these criminals are relentless. Wait, what? You clicked on it? Uh-oh... A hypothetical scenario, but one that plays out every day in organizations across the globe. The truth is that it is a very real scenario that offers a good opportunity to dive deeper into the topic of email security.
Gmail accounts often contain vital, sensitive information including confidential documents and personal photos. They also often serve as a way to recover passwords for accounts like your banking login. That’s why email accounts are a common target for cybercriminals. Access to your Gmail account could be used to steal your money or your identity.
In the world of cybersecurity, there are a few constants, one of the big ones being the fact that news, innovation, and threats move fast and are constantly evolving. It is important for security professionals to stay in the loop about major developments in cybercriminal activity and the cybersecurity industry. Fortra’s PhishLabs offer resources to learn about a variety of cybersecurity-related topics, including a blog that regularly features cybersecurity news.
The Better Business Bureau (BBB) has warned of a scam in which attackers pose as process servers in order to steal information and commit identity theft. “You receive a call from an unknown or blocked number from a person claiming to be a process server,” the Bureau says. “They might say there is a lien on your home or someone is taking you to court over unpaid medical bills.
Business email compromise (BEC) is one of the most advanced and financially damaging forms of phishing. Each year, the number of successful attacks continues to rise. In 2022, BEC attacks cost organizations a total of $2.7bn. This represents a 47% increase in lost funds since 2020, making it the second costliest form of cybercrime.
In the best case, emailing confidential information to the wrong person can be embarrassing. In the worst case, it can cause a major security incident that puts people at risk, jeopardizes an organization's reputation, and leads to remedial and legal action. If you have sent a confidential email to the wrong person, read our article ‘Accidentally sent a confidential email to the wrong address? Here’s what to do’.
As executables and scripts are unable to bypass security solutions as attachments, cybercriminals turn to HTML as a means of obfuscation and malicious execution. According to analysis from security vendor Avanan, executables and Office documents as malicious attachments are almost non-existent – thanks to the solid efforts on the part of security companies and Microsoft.
When KnowBe4 went public in April 2021, I got to know a select group of analysts that served as co-managers on our IPO. These professionals all know our industry very well and we spoke with them quarterly during our earnings conference call where we discussed the past 3 months and expectations for the future. One of these firms was Baird Equity Research and I am still on their mailing list, even though we went private this year as a Vista Equity Partners portfolio company.
