As per the 2018 Internet Crime Report (ICR), the newly established IC3 Recovery Asset Team (RAT) was able to recover about 75% of the $257.1 million lost to Internet crime [reported to IC3] in 2018. The RAT got involved with 1,061 domestic scams, and recovered $192.7 million. The 2018 Internet… Continue Reading IC3 Recovery Asset Team recovers $192.7 million in 2018

“The best way to stop these [BECs] is to switch on DMARC with the strongest policy (“p=reject”) as default.” – Phil Muncaster (Infosecurity-Magazine) Phil Muncaster shares this advice – which could help protect against a Business Email Compromise (BEC) scam – in his article on the uncovering of information that… Continue Reading DMARC: Defenses against Business Email Compromise Attacks

Ransomware attacks in Maryland could soon attract fines of up to $100,000 and 10 years in prison. Maryland Senate bill 151, cross-filed with House bill 211, indents to define ransomware attacks that result in losses greater than $1000 as felony, and would be punishable by fines of up to $100,000… Continue Reading Ransomware Attacks Could Soon become a Felony with Maryland Bill

While going through articles published on ZDnet by Stilgherrian, I came across one of his old articles published in 2017 on a cyber-heist incident involving a subcontractor. The article led me to the Australian Cyber Security Centre (ACSC) website. ACSC recommends eight cybersecurity strategies for organizations. These strategies can help mitigate cyber… Continue Reading The Essential Eight – Strategies to Mitigate Cyber Threats

Note: We request users and network administrators to go through the documents listed at the bottom of this article, and share them with your cybersecurity experts. The three documents might help you review your security measures, and guard against SamSam ransomware attacks. As per the 2017 State of Endpoint Security Risk… Continue Reading How to Protect Your Network Against SamSam Ransomware Attacks

In an article last week, we highlighted the case of a Dutch firm that lost €19m ($21m) to a Business Email Compromise (BEC) scam to push forward the idea of having strong security measures for preventing BEC Scams. Today, we came across the news of a (rather old) BEC incident… Continue Reading Preventing BEC Scams: Manual controls and multi-person authorization

The 2nd quarter phishing activity trends report published by the anti-phishing working group (APWG) has reported a jump in the number of phishing attacks using encryption to fool victims. As per the APWG report, 35% of phishing attacks in the second quarter of 2018 were hosted on websites with HTTPS and… Continue Reading Phishing Trends Report a Jump in Phishing Attacks Using Encryption

I just came across this post by Alastair Paterson of Security Week highlighting that attackers are monetizing non-traditional methods to compromise business accounts (BEC and EAC). Alastair points at three alternative methods that are being successfully put at work: Using email credentials purchased from criminal forums, Re-trying the credentials of already… Continue Reading 7 Security Measures Against BEC You CANNOT Neglect

As of November 21, 32 people in US and 19 people in Canada are reported to have got infected with E. coli bacteria. All the cases of infections are linked to romaine lettuce. Keep romaine lettuce off the table The ongoing outbreak of E. coli infection in US and Canada… Continue Reading CDC Alert: Keep romaine lettuce off the table, seriously!

On September 27th, with a public service announcement, the Internet Crime Complaint Center (IC3) has warned businesses and individuals that RDP accesses are being sold on dark markets, and malicious actors can infiltrate the connection between machines and inject malware or ransomware into the remote system. Possible threats include ransomware… Continue Reading RDP access is too risky to use, IC3 warns