While many organizations seek to monitor their cybersecurity posture with internal testing, such as table top exercises, simulated phishing attacks, and other proactive measures, the question always remains: is it enough to thwart a sophisticated threat actor? This simple question, with its many complexities and concerns, was a daily inquiry for me as a former FBI executive in charge of the data presentation and storage for operations.
Read more »Tag: phishing
-
All Hail the Red Team! The Value of Penetration Testing for a Cybersecurity Culture Posted on: May 17, 2022 In: Data Privacy & Cybersecurity
-
QR Codes – Consumer Convenience or Fraudulent Contrivance? Posted on: March 07, 2022 In: Data Privacy & Cybersecurity
During the halftime show of this year’s Super Bowl, a floating QR code took a star turn in a prominently placed advertisement from cryptocurrency exchange platform Coinbase. So many people reportedly followed the link from the QR code that the resulting traffic overwhelmed and crashed the Coinbase website landing page. The convenience of the code clearly worked, but while QR codes may be a welcome convenience, they may also be a potential tool for the commission of fraud.
Read more »
-
Cyber Extortion: Harvesting the Fruits of Business Email Compromises Posted on: February 25, 2022 In: Data Privacy & Cybersecurity
Business email compromises have long been the staple of online criminal activity. As they continue to enhance their ability to monetize unlawful access to email accounts, malicious actors are now accessing and downloading emails and attachments, as well as files stored in OneDrive and SharePoint platforms, and using the sensitive information to extort ransom payments from legitimate email account holders.
Read more »
-
Top Tips to Prevent or Reduce the Impact of Cyber Incidents in Mergers & Acquisitions Posted on: May 13, 2021 In: Data Privacy & Cybersecurity
Selling and purchasing a business presents many challenges for both the seller and the buyer, but it’s important that data privacy and cybersecurity concerns aren’t lost in the due diligence process. In an increasingly digitized world, all businesses, big or small, face data privacy challenges that further complicate the process. Here are our top tips for smaller businesses to reduce the chances of data privacy issues arising during the sale or purchase of a business.
Read more »
-
Business Email Compromise Attacks on the Rise in 2020 Posted on: June 18, 2020 In: COVID-19 Response
A business email compromise (BEC) is a cyber crime that utilizes access to an organization’s email to defraud that organization and its employees, customers, or partners. In 2020, COVID-19 has provided attackers with a new source for BEC exploits. Attackers are taking advantage of the need for communications surrounding COVID-19 and increased remote work connections from employee home networks to their employers’ corporate networks.
Read more »
-
ALERT: COVID-19 / Coronavirus-Related Ransomware and Phishing Attacks Posted on: March 13, 2020 In: COVID-19 Response
With the advent of the Coronavirus, criminals have begun to take advantage of what consumers expect to receive via email to conduct phishing attacks. Criminals are also expected to take advantage of millions of vulnerable remote connections from employee home networks to their corporate networks.
Read more »
-
Hot Off the Press: The 2019 FBI Internet Crime Report Posted on: February 24, 2020 In: Data Privacy & Cybersecurity
Recently-released FBI statistics provide a sobering reminder that businesses and individuals should continue to make cybersecurity a top priority in 2020. According to the FBI’s 2019 Internet Crime Report, internet crime complaints are at an all-time high. In addition, the magnitude of resulting losses is also reaching new heights.
Read more »
-
Business Email Compromises: Tips for Prevention & Response Posted on: September 03, 2019 In: Data Privacy & Cybersecurity
Malicious attackers continue to use email platforms for nefarious purposes. The resulting email account compromises can present multiple dangers to a business, including to the basic security of its network and sensitive information, and the malicious use of secondary sources of money.
Read more »
-
Improving Your Office365 Security Posture to Stop Phishing at Email’s Shores Posted on: April 03, 2019 In: Data Privacy & Cybersecurity
Phishing attacks and other email compromise schemes are not just an annoyance in the modern workspace. A successful email compromise can allow malicious actors to intrude into an organization’s enterprise email accounts, expose sensitive data contained in users’ inboxes, and give cyber criminals the ability to successfully impersonate an employee to others within and without the organization by using the employee’s own email account.
Read more »
-
Protecting Against Ransomware Attacks: Security and Best Practices Tips Posted on: April 11, 2018 In: Data Privacy & Cybersecurity
Encryption attacks, more commonly known as ransomware, are one of the major cyber threats facing businesses today. No company is immune from threat of attack—any business that is connected to the internet is at risk. Industry experts estimate that a business falls victim to a ransomware event every 40 seconds.
Read more »