Category: Email security

Email security, Malware, Phishing

Accidental data breaches are often compounded by a failure to encrypt

February 25, 2019

Via: Help Net Security

83 percent of security professionals believe that employees have accidentally exposed customer or business sensitive data at their organization. Accidental data breaches are often compounded by an organizational failure to encrypt data prior to it being shared – both internally […]

Email security, Phishing

Attack Campaign Experiments with Rapid Changes in Email Lure Content

February 22, 2019

Via: Dark Reading

It’s like polymorphic behavior – only the changes are in the email lures themselves, with randomized changes to headers, subject lines, and body content. A new email Trojan campaign spotted by security researchers has added another twist in evasive attacker […]

Email security, Phishing

Phishers’ new trick for bypassing email URL filters

February 20, 2019

Via: Help Net Security

Phishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services: they delete the links from the document’s relationship file (xml.rels). The trick has been spotted being used in a email […]

Email security, Identity theft, Network security

Cybercriminals Exploit Gmail Feature to Scale Up Attacks

February 6, 2019

Via: Dark Reading

Criminals are taking advantage of Gmail’s ‘dots don’t matter’ feature to set up multiple fraudulent accounts on websites, using variations of the same email address, Agari says. Some cybercriminals are taking advantage of a long-standing feature in Google Gmail designed […]

Email security, Phishing

Employees report 23,000 phishing incidents annually, costing $4.3 million to investigate

February 1, 2019

Via: Help Net Security

Account takeover-based (ATO) attacks now comprise 20 percent of advanced email attacks, according to Agari’s Q1 2019 Email Fraud & Identity Deception Trends report. ATO attacks are dangerous because they are more difficult to detect than traditional attacks – compromised […]

Email security, Network security

DHS Warns Federal Agencies of DNS Hijacking Attacks

January 23, 2019

Via: Security Week

The U.S. Department of Homeland Security (DHS) on Tuesday issued an emergency directive instructing federal agencies to prevent and respond to DNS hijacking attacks. The DHS’s Cybersecurity and Infrastructure Security Agency (CISA) has been tracking incidents involving DNS hijacking and […]

Email security, Hacker, Privacy protection

773 million records exposed in massive data breach

January 17, 2019

Via: Help Net Security

Someone has compiled a massive collection of email addresses and plain text passwords, apparently from 2000+ hacked databases, and has made the trove freely available for download via the MEGA cloud storage service. The set – dubbed Collection #1 – […]

Email security, Phishing

Email security predictions: What we can expect in 2019

January 10, 2019

Via: Help Net Security

2018 shed a lot of light on how expensive successful phishing attacks can be, with the FBI reporting in July well over $12B in financial losses due to business email compromise and Anthem reaching a $16M settlement in October due […]

Email security

Mitigating the risk of Office 365 account hijacking

December 10, 2018

Via: Help Net Security

Office 365 – the online, subscription-based version of Microsoft’s Office application suite – is one the most widely used enterprise cloud applications/services, which makes it the preferred target of attackers looking to gain access to sensitive business information. “Once an […]

Email security

Mueller docs show communications between Corsi, Stone on WikiLeaks’s email release

November 28, 2018

Via: The Hill

Jerome Corsi, a right-wing conspiracy theorist, anticipated in emails to Roger Stone that WikiLeaks was planning to release another tranche of stolen and damaging documents ahead of the 2016 presidential election, according to multiple reports based on knowledge of draft […]