Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The US Federal Bureau of Investigation’s (FBI’s) San Francisco division warns that threat actors are increasingly using AI tools to improve their social engineering attacks. “AI provides augmented and enhanced capabilities to schemes that attackers already use and increases cyber-attack speed, scale, and automation,” the FBI says.

2023 went down in history as the worst year for phishing attacks on record, with nearly 35 million attempted business email compromise (BEC) attacks detected and investigated, according to the Microsoft Threat Intelligence Cyber Signals report. Unfortunately, phishing analysis is one of the most time-consuming tasks for the SOC. Responding to a phishing incident requires careful examination.

Cyber security for business email: Effective ways to protect your data and reputation Nine out of ten successful cyberattacks are launched by sending a phishing email. According to Statista, almost every third adult encountered some form of phishing attempt in 2022. In the US, this type of cybercrime remained the most prevalent in 2023.

Introduction AsyncRAT, also known as "Asynchronous Remote Access Trojan," represents a secretive form of malware meticulously crafted to infiltrate computer systems and exfiltrate critical data. Recently, McAfee Labs unveiled a novel avenue through which this insidious threat proliferates, elucidating its inherent peril and adeptness at circumventing security measures.

Imagine receiving a work email from your finance department asking about an overdue invoice. You notice it has a few extra typos and uses strange language, so disregarding it as junk. What you don’t know is that your very busy coworker receives the same email at the same time. Because they’re more distracted than normal, they respond, unknowingly aiding with a business email compromise (BEC) attack.

Behavioral threats and social engineering attacks target the human psyche rather than exploiting technical vulnerabilities. They rely on psychological manipulation, deception, and exploiting human trust to trick individuals into divulging sensitive information, clicking on malicious links, or taking actions that compromise security. Understanding these tactics and the human behaviors they exploit is key to effectively mitigating email security risks.

The long-awaited annual Verizon Data Breach Investigations Report is out, and it’s made very clear that users continue to be a problem in phishing attacks. I’ve said it before, if you only read one report each year, the Verizon Data Breach Investigations Report is one you shouldn’t miss. And this year’s report starts off with a topic close to our hearts here at KnowBe4: users engaging with phishing emails and clicking links.

The FBI has named Business Email Compromise (BEC) a $26 billion scam, and the threat is only increasing. Business email compromise (BEC) is a type of cybercrime in which a threat actor uses an email information-seeking scam to target a business to defraud the entire organization. Using social engineering techniques, BEC often occurs over fraudulent emails.

In 2023, over 45% of all emails worldwide were spam - the digital equivalent of junk mail. Spam emails are an unsolicited nuisance and a pervasive problem overwhelming the Internet's email systems. Some spam is simply unwanted marketing and advertising from legitimate businesses, but some of it is much worse. It can quickly overwhelm your inbox and wreak havoc on your device. And yes, mobile phones can get viruses just like computers.