Looks like the criminal community needed a last-minute infusion of cash. Earlier today the EdgeWave Threat Detection Center saw the first samples of a Christmas themed attack using an obfuscated VB macro within a Microsoft Word attachment.
This week the EdgeWave Threat Detection Center caught a very impressive phishing campaign spoofing Amazon. While this falls squarely within the “always be sure before you click”, the apparent legitimacy is sure to catch enough users to make for a very happy holiday for at least one criminal group.
Our Threat Detection Center sees a lot of common phishing attempts, everything ranging from payroll to invoices to voicemails. Very often we see campaigns using fake “email failure” or “updates needed” as the call to action and to create a sense of urgency. This week we saw a well-crafted Office 365 “email failure” notification. By examining the full set of data, it’s easy to see why end users are so easily fooled.
Marriott announced its Starwood brand database was hacked and breached over the last several years, and possibly up to 500 million customer records were stolen or compromised. That stolen data includes not only names and addresses, but also email addresses and credit card information, and other personal information. We hear about these attacks more and more, but the scale of this breach is virtually unprecedented.
With the holiday season upon us, it’s time for people to celebrate and give thanks. Cybercriminals also rejoice in the chance to take advantage of “good cheer” in many ways. Targeted phishing attacks are one of them. Recently our email security analysts in the EdgeWave Threat Detection Center found the latest example—a new Thanksgiving Holiday Virus.
Almost every day we hear from prospects how they have an email security gateway, so they are protected from phishing. Another variant is “We don’t have a phishing problem” although rarely can someone describe how they know this to be true.
Why do employees keep falling for phishing email scams? As discussed in a recent SC Media 20/20 webcast, malware and phishing scams have been around since the 80s, one would think we’ve learned how to stop that.
Are you one of the 100M Office 365 email users? Recently, we learned about an Office 365 zero day attack used in phishing campaigns called baseStriker.
Hackers love tax season. With so many emails flying around between consumers, businesses, and their CPAs, the risk for accidental exposure of Personally Identifiable Information (PII) and financial information is great – especially when security measures are lax and email recipients aren’t paying close attention.
Security and Data Privacy aren’t the same thing but they go hand-in-hand. Security refers to the ways we protect ourselves, our property, personal and organizational information, and our customer/client records. It is the first level of defense against unwanted intruders.
Request a Live Demo
Find out how much better email and web security can be!