Email security news & analysis | SC Media Email Security

Email Security News and Analysis

Caught in a bad romance: Feds indict 80 alleged members of romance/BEC scam ring

Federal prosecutors today unsealed a 252-count indictment against 80 individuals – mostly Nigerian nationals – who allegedly conspired to bilk at least $46 million from victims via romance scams, business email compromises and other online fraud schemes. The grand jury indictment was filed in the Central District of California back in October 2018 and unsealed…

Virginia State Police recoup $300K stolen in BEC scam

The Virginia State Police were able to recover just over half of the $600,000 that was stolen from Spotsylvania County in a business email compromise scheme. The state police, working with other in and out-of-state law enforcement agencies were able to track down deposits made in multiple banks, Fredricsburgh.com reported. The $347,000 recovered will be…

election hacking

FEC ruling allows political campaign to accept discounted services from security firms

Political campaigns can accept low-cost help from private cybersecurity firms to protect campaigns in the 2020 election cycle, the Federal Election Commission (FEC) ruled Thursday. The commission, which viewed the discounted services as an in kind donation under current rules, had indicated it would reject the initiative but changed course. Because Area 1 Security, the…

emailenvelopeicons_1216035

Exim vulnerability being exploited in the wild

Just one week after a previously patched vulnerability in Exim mail servers was disclosed by Qualys, attackers have begun searching out vulnerable Exim systems prompting the Cybersecurity and Infrastructure Security Agency (CISA) to encourage users to update their systems to the latest version. CISA reported the vulnerability CVE-2019-10149 was detected in exploits in the wild…

emailenvelopeicons_1216035

500,000 email servers running vulnerable Exim software

Qualys researchers went public with a remote command execution vulnerability (CVE-2019-10149) in the Exim mail server versions 4.87 to 4.91 possibly affecting more than half of all email servers now in use. The vulnerability allows a local, or in some cases, a remote attacker to execv as root, with no memory corruption or return-oriented programming…

election hacking

Controversy over which DMARC setting will best protect the 2020 presidential campaigns

A pair of email security firms are taking opposing positions on whether or not the 2020 presidential candidates are using secure email systems within their campaigns even though many of the candidates are using DMARC. Valimail and Agari have each issued report cards to show if the Democratic Party hopefuls learned a learned a lesson…

FBI fielded roughly $2.7 billion worth of Internet crime complaints in 2018

The FBI’s Internet Crime Complaint Center (IC3) received nearly 352,000 complaints related to cybercrime activity that collectively was responsible for $2.7 billion in losses, according to the agency’s 2018 Internet Crime Report. The three most commonly reported internet crimes last year were non-payment/non-delivery scams (i.e. the scammer never pays for or never ships ordered merchandise),…

Next post in Security News