A business email compromise (BEC) is a cyber crime that utilizes access to an organization’s email to defraud that organization and its employees, customers, or partners. In 2020, COVID-19 has provided attackers with a new source for BEC exploits. Attackers are taking advantage of the need for communications surrounding COVID-19 and increased remote work connections from employee home networks to their employers’ corporate networks.
Read more »Tag: multi-factor identification
-
Business Email Compromise Attacks on the Rise in 2020 Posted on: June 18, 2020 In: COVID-19 Response
-
Business Email Compromises: Tips for Prevention & Response Posted on: September 03, 2019 In: Data Privacy & Cybersecurity
Malicious attackers continue to use email platforms for nefarious purposes. The resulting email account compromises can present multiple dangers to a business, including to the basic security of its network and sensitive information, and the malicious use of secondary sources of money.
Read more »
-
Improving Your Office365 Security Posture to Stop Phishing at Email’s Shores Posted on: April 03, 2019 In: Data Privacy & Cybersecurity
Phishing attacks and other email compromise schemes are not just an annoyance in the modern workspace. A successful email compromise can allow malicious actors to intrude into an organization’s enterprise email accounts, expose sensitive data contained in users’ inboxes, and give cyber criminals the ability to successfully impersonate an employee to others within and without the organization by using the employee’s own email account.
Read more »
-
Modlishka – Exploiting Two-Factor Authentication Posted on: January 22, 2019 In: Data Privacy & Cybersecurity
Two-factor authentication (2FA) is a commonly used means of securing access to website accounts through easily understood login procedures. Once the user provides the required information, whether a password or site generated code, a session cookie is generated and a secure session is established between the user and the site. But what if an unauthorized person eavesdrops and collects the 2FA information or session cookie?
Read more »
-
Social Engineering Targets: Email Compromises - A Quick Prevention Guide Posted on: October 15, 2018 In: Data Privacy & Cybersecurity
More than ever before, malicious actors are targeting email platforms in an attempt to access and monetize sensitive personal information. They often gain access to email accounts through the use of social engineering – inducing unsuspecting account owners to open email attachments that contain malicious computer code (malware).
Read more »
-
Protecting Against Ransomware Attacks: Security and Best Practices Tips Posted on: April 11, 2018 In: Data Privacy & Cybersecurity
Encryption attacks, more commonly known as ransomware, are one of the major cyber threats facing businesses today. No company is immune from threat of attack—any business that is connected to the internet is at risk. Industry experts estimate that a business falls victim to a ransomware event every 40 seconds.
Read more »