Saturday, March 6, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Phishing scams are costing us more than ever. This trick is most likely to catch you out

February 13, 2020
in Internet Security
Phishing scams are costing us more than ever. This trick is most likely to catch you out
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Why we’re still losing the fight against phishing attacks
Danny Palmer explains that it’s not fair to blame users for falling victim to attacks when employers aren’t doing enough to help. Read more: https://zd.net/31Oiisg

Businesses are losing over $700m a month to cyber criminals because employees are falling victim to phishing attacks, business email compromise campaigns and gift card scams – and the amount of money being lost is still on the rise.

You might also like

FTC joins 38 states in takedown of massive charity robocall operation

Accellion zero-day claims a new victim in cybersecurity company Qualys

GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines

Large wire transfers make a significant percentage of the successful attacks – with the criminals behind them using phishing and impersonation attacks to trick unwary staff into handing over hundreds of thousands of dollars in one go. But the most common scam involves crooks tricking victims into sending gift cards which can be worth as little as $250.

Analysis by researchers at Agari – published in the cyber security company’s latest Quarterly Fraud and Identity Deception trends report – found that gift cards frauds gained traction in the run up to the end of 2019, accounting for 62 percent of all BEC attacks, up from 56 percent during the previous quarter.

These attacks often involve cyber criminals taking over business email accounts and using a stolen identity to email others in the organisation to request the purchase of gift cards.

A common tactic is to pose as someone in management asking for an employee to do them a favour – because in many cases, the employee won’t question a request that’s supposedly coming from their boss. The run up to the holiday seasons provided criminals with the perfect opportunity to conduct gift card attacks, as they could easily claim that the request was for Christmas gifts.

The average amount request in gift card attacks has risen slightly to $1,627, with the minimum amount tending to come in at $250. In some more ambitious cases, cyber criminals have asked for gift cards worth $10,000 to be transferred – by targeting employees across multiple departments at the same time.

“Gift cards have become the preferred method of cashing out for a number of reasons. First, it makes everyone at any company the potential target of a BEC attack, not just the finance and HR departments. We’ve seen campaigns that have targeted 30-40 employees at a single company at one time in gift card BEC scams” Crane Hassold, senior director of threat research at Agari told ZDNet.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)  

Gift cards are useful for cyber criminals as tracing how they can be cashed out immediately and it’s difficult to trace where the funds have gone. And because they are receiving the gift cards for free – at the expense of the victim – even if crooks sell them on at a low price, they’re making a profit.

The most common requests are for gift cards for Google Play and eBay, followed by Target, iTunes and Walmart. Best Buy, Amazon, Steam and the Apple Store also make for popular requests.

The values of the gift cards requested might appear small when considered individually, but the total costs adds up, especially given how the attacks remain so successful and easy to cash out.

However, more ambitious attacks are also on the rise, with the number BEC campaigns requesting wire transfers also increasing during the quarter – and increasingly requesting larger sums.

These attacks require a bit more planning from the criminals. In some cases they will hack into the inbox of their target and conduct reconnaissance – and snoop on their contacts – before mimicking them and requesting a transfer of a large sum of money – sometimes in the form of an expected payment with regard to contracts or business deals.

The average figure requested in these campaigns is just over $55,000 – representing a five percent rise compared with the previous quarter. In some cases, attackers will ask for hundreds of thousands or millions of dollars; but the higher the figure, the more likely it is that suspicious will be raised although some of these ‘whaling’ attacks still prove to be successful, especially for organised criminal gangs.

Criminals are attracted to business email compromised attacks because they’re proving to be successful and they’re simple to carry out. However, organisations can go a long way to preventing phishing and other email-based attacks from being successful by implementing additional security on accounts, such as multi-factor authentication, as well as human-level checks and balances.

“Companies need to understand that cyber attacks are no longer technically sophisticated. Most cyber attacks today, like BEC, are very simple social engineering attacks and companies need to make sure they have defences in place that are equipped to deal with these types of attacks,” said Hassold.

 “Companies should have good internal processes in place, so payment requests, regardless of the source, are validated before they are processed,” he said.

READ MORE ON CYBER CRIME

Credit: Zdnet

Previous Post

Definitive 'IR Management and Reporting' Presentation Template

Next Post

Agency-Client Relationships: When Marketing Is in the Boardroom

Related Posts

FTC joins 38 states in takedown of massive charity robocall operation
Internet Security

FTC joins 38 states in takedown of massive charity robocall operation

March 5, 2021
Accellion zero-day claims a new victim in cybersecurity company Qualys
Internet Security

Accellion zero-day claims a new victim in cybersecurity company Qualys

March 5, 2021
GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines
Internet Security

GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines

March 5, 2021
With its acquisition of Auth0, Okta goes all in on CIAM
Internet Security

With its acquisition of Auth0, Okta goes all in on CIAM

March 5, 2021
Singapore Airlines frequent flyer members hit in third-party data security breach
Internet Security

Singapore Airlines frequent flyer members hit in third-party data security breach

March 5, 2021
Next Post
Agency-Client Relationships: When Marketing Is in the Boardroom

Agency-Client Relationships: When Marketing Is in the Boardroom

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Autonomous Cars And Minecraft Have This In Common  
Artificial Intelligence

Autonomous Cars And Minecraft Have This In Common  

March 5, 2021
The ML Times Is Growing – A Letter from the New Editor in Chief – Machine Learning Times
Machine Learning

Explainable Machine Learning, Model Transparency, and the Right to Explanation « Machine Learning Times

March 5, 2021
FTC joins 38 states in takedown of massive charity robocall operation
Internet Security

FTC joins 38 states in takedown of massive charity robocall operation

March 5, 2021
Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount
Internet Privacy

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

March 5, 2021
Three Finalists Selected in $4.5 Million Watson AI XPrize Competition  
Artificial Intelligence

Three Finalists Selected in $4.5 Million Watson AI XPrize Competition  

March 5, 2021
How to Boost Machine Learning in Healthcare Market Compound Annual Growth Rate (CAGR)? – KSU
Machine Learning

How to Boost Machine Learning in Healthcare Market Compound Annual Growth Rate (CAGR)? – KSU

March 5, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Autonomous Cars And Minecraft Have This In Common   March 5, 2021
  • Explainable Machine Learning, Model Transparency, and the Right to Explanation « Machine Learning Times March 5, 2021
  • FTC joins 38 states in takedown of massive charity robocall operation March 5, 2021
  • Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount March 5, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates