Email Security | SC Media Email Security

Email Security

Amex

American Express, PayPal customers now targeted by 16Shop

The Indonesian cybercrime gang Cyber Army has expanded its phishing-as-a-service offering, dubbed 16Shop, enabling users to target PayPal and American Express customers. This criminal operation was first picked up by McAfee in November 2018 and has primarily targeted Apple owners and Amazon customers for its phishing attacks, but now ZeroFOS’s Alpha Team has proof 16hop…

The first half of 2013 saw a 355 percent uptick in social spam. Facebook is a big target.

Renewed Emotet phishing activity targets UN, government and military users

Since resuming operations after a holiday hiatus, the malicious actors behind the Emotet banking trojan network have reportedly targeted at least 82 countries with spam and crafted a special phishing campaign targeting the United Nations. Meanwhile, an additional report has revealed an increase in Emotet phishing activity targeting government and military entities over the last…

No immediate cyberthreat seen over Soleimani killing, but preparation is key

The most recent military portion or the United States’ on-going confrontation with Iran appears to be completed, but chatter is being detected among Iran’s supporters indicating anger over recent events, but none indicate an immediate threat. However, that does not mean government agencies, companies and others who may find themselves in Iran’s crosshairs should be…

Cyberattack hits Las Vegas on opening day of CES

Las Vegas had an unwelcome visitor in the form of a cyberattack that struck early in the morning of January 7 that caused some service interruptions that have since been resolved. On the same day that the massive International CES event kicked off, city officials reported what they called a “cyber compromise” taking place at…

Hospital

Breach of email accounts impacts 50,000 patients of Minnesota hospital

Minnesota-based hospital operator Alomere Health this month began notifying patients of a data breach affecting 49,351 individuals, after a malicious actor gained access to two employee email accounts in late October and early November. The first incident took place between Oct. 31 and Nov. 1, 2019, while the second account hijacking happened days later on…

Spear phishing

Microsoft helps shutter domains run by North Korean cybergang Thallium

A U.S. district court issued an order enabling Microsoft to take over 50 domains used by a North Korea-based cybercrime gang to conduct spear phishing campaigns. Microsoft’s Digital Crimes Unit and the Microsoft Threat Intelligence Center took down the domains controlled by a group it named Thallium after researching the malicious actors activity and filing…

Names, Social Security numbers exposed in Moss Adams breach

The accounting, consulting and wealth management firm Moss Adams has posted a cybersecurity incident notice centered on an employee email account that was accessed by an unauthorized person compromising PII. In the statement, which appeared on the California Attorney General’s data breach website, Moss Adams stated that on October 10, 2019 a staffer’s email account…

Ransom payments averaging $41,000 per incident

The average ransom payment paid out by victims increased 13 percent, to $41,000, during the last three months, but researchers noted the rate of increase has plateaued. Researchers at Coveware credited the victims with being better prepared to restore their data on their own negating the need to pay the ransom. However, that was not…

Greed is good… for this phishing scam

Cofense has come across a particularly seductive phishing scam that uses the lure of a wage increase to entice workers to spill their Microsoft Office 365 credentials. The spoofed email differs little from other varieties used in phishing attacks, except this one purportedly comes from a corporate human resources department regarding a company-wide pay hike…

Next post in Phishing