Email security news & analysis | SC Media Email Security

Email Security News and Analysis

Email scam swindles $2.6M from Puerto Rican government corporation

The Puerto Rico government fell for a phishing scam that bilked the U.S. territory out of $2.6 million — an incident that sounds like a possible business email compromise. According to an Associated Press report, the Puerto Rico Industrial Development Company (PRIDCO), a government-run corporation created to promote the island as an investment destination, reportedly filed…

FBI tallied 467K cybercrime complaints in 2019, totaling $3.5B in losses

The FBI’s Internet Crime Complaint Center (IC3) last year fielded 467,361 complaints related to cybercrime activity that collectively cost victims $3.5 billion in losses, according the agency’s just released 2019 Internet Crime Report. The 2019 complaint count represents a nearly 33 percent increase from the 2018 total of 351,937, and the $3.5 billion figure also…

Cyberattackers bringing more weapons to bear on real estate deals

Traditionally, when it comes to monetizing a real estate deal its all about location, location, location, but malicious actors are now targeting everyone from the home buyer to the lender to steal vital information. Proofpoint recently looked at 600 real estate transactions came across six attacks targeting those involved that utilized a laundry list of…

The first half of 2013 saw a 355 percent uptick in social spam. Facebook is a big target.

Renewed Emotet phishing activity targets UN, government and military users

Since resuming operations after a holiday hiatus, the malicious actors behind the Emotet banking trojan network have reportedly targeted at least 82 countries with spam and crafted a special phishing campaign targeting the United Nations. Meanwhile, an additional report has revealed an increase in Emotet phishing activity targeting government and military entities over the last…

Researchers detail BEC scams

Texas school district phished for $2.3 million

The Manor Independent School District fell victim to an apparent phishing scam to the tune of $2.3 million. Officials for the Texas school system did not release many details other than to say in a January 10 statement posted on Facebook that the incident was caused by a phishing email and that the local police…

Hospital

Breach of email accounts impacts 50,000 patients of Minnesota hospital

Minnesota-based hospital operator Alomere Health this month began notifying patients of a data breach affecting 49,351 individuals, after a malicious actor gained access to two employee email accounts in late October and early November. The first incident took place between Oct. 31 and Nov. 1, 2019, while the second account hijacking happened days later on…

Attackers improving BEC skills

Business email compromise or impersonation attacks overall rose during the second quarter of 2019 by 25 percent with some types of attacks becoming more common and better executed. During this period FireEye has noted attackers are increasingly impersonating executives and attempting to involve a company’s supply chain vendors as part of the attack to make…

WhatsApp 320px

WhatsApp bug allows access to content, users should update

A “double-free” bug in WhatsApp lets attackers exploit it using a malicious GIF to access user content, according to a blog post by a self-described technologist and information security enthusiast that goes by the handle Awakened on GitHub. An attacker would need to send the GIF via a messaging platform to a victim’s device where…

Researchers detail BEC scams

Scammers using Google Alerts to spread malware, fraud

Cybercriminals have found a way to use Google Alerts to hook victims into scams or push malware. Bleeping Computer CEO Lawrence Abrams found that malicious actors are creating malicious sites into Google so they will be emailed to people who have alerts set for that particular subject matter. The malicious pages are created using popular…

Scammers using Google Alerts to spread malware, fraud

Cybercriminals have found a way to use Google Alerts to hook victims into scams or push malware. Bleeping Computer CEO Lawrence Abrams found that malicious actors are creating malicious sites into Google so they will be emailed to people who have alerts set for that particular subject matter. The malicious pages are created using popular…

Next post in Email Security