Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

With organizations heavily focusing on protecting the corporate endpoint, cybercriminals are switching focus onto mobile devices where users are more prone to fall for their social engineering tactics. We consume so much content from people you don’t personally know that it’s not part of your everyday process to stop and be critical of what’s being presented to you. And that’s exactly what cybercriminals are taking advantage of.

Huntress has released a report finding that business email compromise (BEC) attacks have risen in the third quarter of 2023. “64% of identity-focused incidents in Q3 2023 involved malicious forwarding or other malicious inbox rules, a key indicator of business email compromise (BEC),” the researchers write. “Another 24% of identity-focused incidents involved logins from unusual or suspicious locations.

Phishing attacks continue to plague individuals and businesses worldwide, with clone phishing emerging as a particularly cunning and deceptive variant. But fear not, as this blog post will arm you with the knowledge to spot the imposters and secure your inbox. Are you ready to outsmart the scammers and protect your sensitive information?

In a world where virtual communication has become an integral part of our lives, the risk of falling victim to phishing and social engineering attacks is higher than ever. Are you confident in your ability to spot a phishing attempt or defend yourself against a skilled social engineer? This post will guide you through understanding phishing and social engineering virtual communication awareness and our learnings from advising customers and empowering you to stay vigilant in the digital landscape.

The importance of email security cannot be understated. Proof of this can be seen in some recent research conducted by the Trustwave SpiderLabs team around our email security product MailMarshal. The team recently ran an experiment on known Zero Day CVE-2023-38831 found in RARLabs WinRAR that is currently being exploited in the wild in WinRAR versions 6.23 and earlier. WinRAR is a compression, archiving, and archive managing software tool.

Visa Payment Fraud Disruption (PFD) expects phishing attacks to increase between November 2023 and January 2024. Findings in its Holiday Edition Threats Report outline the popular fraud tactics predicted this holiday season. Expected Holiday Phishing Scams.

Another day, another warning about holiday scams! Lookout Inc., a data-centric cloud security company, is warning employees and businesses that phishing attacks are expected to more than double this week, based on historical data. With more corporate data residing in the cloud and a massive amount of employees still working remotely, mobile has become the endpoint of choice for the modern workforce.

This spring, Australian authorities were able to arrest a cybercrime syndicate that had conducted BEC attacks on at least 15 individuals and organizations with stolen profits totaling $1.7 million (USD). If those numbers seem shocking, they’re part of a growing upward trend of BEC attacks that shows no sign of slowing down.

Earlier this year, the SANS Institute published a blog exploring emerging phishing trends. This kind of research is an invaluable resource for all individuals and organizations looking to identify and rebuff phishing attacks. In this article, we'll cover some of the key findings from that report.