Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As news of Silicon Valley Bank’s (SVB) collapse continues to dominate the headlines, cybercriminals are running phishing campaigns impersonating SVB and other financial institutions, including M-F-A and Bloomberg. Responding quickly to the 24-hour news cycle, cybercriminals aim to leverage their victims’ potential distress over their financial situation to make them more susceptible to this type of attack.

In recent years, phishing attacks have become increasingly sophisticated and are now being conducted through various messaging platforms such as Telegram. Telegram is a popular messaging app that allows users to send messages, photos, videos, and other files over the internet. It also provides APIs that allow developers to create custom bots and applications. Unfortunately, these same APIs can be used by malicious actors to exfiltrate credentials successfully phished from attacks.

On Friday, March 10, 2023, California state regulators took possession of Silicon Valley Bank (SVB) and appointed The Federal Deposit Insurance Corporation (FDIC) as receivers. SVB was a 40-year-old commercial bank that was an important lender for the tech and venture capital sector. It’s estimated that half of US venture-backed start-ups were customers of the bank.

Graymail – technically, it’s not bad, but it’s not necessarily good, either. This type of email falls in between. At best it’s useful, usually it’s an annoyance, and at worst, it’s a potential cybersecurity threat. The accepted definition for graymail is emails that aren’t spam or phishing, but which the recipient may perceive as inbox clutter.

Netskope Threat Labs is tracking a 17x increase in traffic to malicious web pages hosted on DigitalOcean in the last six months. This increase is attributed to new campaigns of a known tech support scam that mimics Windows Defender and tries to deceive users into believing that their computer is infected.

Business email compromise (BEC) is a dangerous type of email spoofing that targets businesses, aiming to damage them in some way. Overall, BEC “is one of the most financially damaging online crimes,” according to a joint Cybersecurity Advisory by the Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA).

Overall, while API email security services can provide a valuable layer of protection against email-based threats, they are not foolproof and can have limitations and weaknesses. It is important to consider these weaknesses when selecting and configuring an API email security service.