The evolution from BEC to BCC - CyberTalk

New Post has been published on https://thedigitalinsider.com/the-evolution-from-bec-to-bcc-cybertalk/

The evolution from BEC to BCC - CyberTalk

David Meister is a valued technology expert with over 15 years of experience in technical and consultancy roles across a range of technologies, including networking, telecommunications, infrastructure, and cyber security. After starting his career as a network engineer, David’s passion for using technology to solve problems led him through various roles, including engineer, technical manager, consultant, and sales professional. As a consultant, David designed technology solutions for organizations in various industries, such as not-for-profit, engineering, mining, and financial services.

David holds technical certifications from Cisco and Microsoft, a Graduate Certificate in IT Management, and a Master’s in Business Administration. Currently, David occupies a pivotal leadership position as the head of Check Point’s Global Channel and MSSP program for email security. In this role, he provides essential support and advice to technology companies worldwide, guiding them on the best practices to protect their customers from cyber attacks.

In this exclusive interview, cyber security expert David Meister explores how threat actors are reconfiguring their practices to sleuth past security controls. Discover how comprehensive solutions can protect your people, processes and technologies from highly sophisticated hacker havoc. Stay one step ahead.

Would you like to share insights into the current cyber threat landscape? How should that influence organizations’ choice of email and collaboration security tools?

Threat actors are deploying traditional attack tactics in new ways, a trend occurring across threat vectors. For example, we are seeing malicious links move to QR codes, and Business Email Compromise (BEC) evolving to target Teams and Slack; thus expanding into Business Communication Compromise (BCC).

As threat actors look for new areas to exploit, organizations need to consider the breadth of the cyber security solution in-use within their organization and what vectors are covered. For instance, blocking phishing emails is essential, but consider a scenario where a partner organization is breached and the culprit phishing email comes from a legitimate source. What if a phishing link is hidden in a QR code inside an attachment, or what if that link or QR code comes in via Teams in a busy group chat? The evolution of BEC to BCC should be driving leaders to evaluate their strategy in protecting the entire communication suite, beyond just spam and malware in emails.

How can leaders ensure seamless integration and compatibility of email and collaboration security tools with other cyber security solutions?

It is extremely important that security solutions speak to each other to build a defense-in-depth approach rather relying on single point solutions. This includes integrating with native security provided by Microsoft or Google, as well as integration with security operations platforms used by your SOC. Integrations with Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response Solutions (SOARS), Extended Detection and Response (XDR), and more ensure that threats are not missed and that threat intelligence is shared and acted upon efficiently, enhancing an organization’s ability to prevent and respond to attacks.

Leaders should seek out tools that build a “defense in depth” approach to securing an organization. For email security, this means building on top of Microsoft Defender rather than setting up bypass rules, such as those used by legacy SEGs.

Managing time effectively is always a challenge when trying to integrate multiple solutions together. Where possible, using solutions that can be managed from a single interface will both save time and lead to an increased level of security.

To what extent should cyber leaders prioritize user training and awareness programs to enhance email security and the security of collaboration tools?

Awareness training is a key part of any cyber security strategy. A good awareness program should involve a holistic approach to training users. A holistic approach means looking beyond just phishing emails; looking at day-to-day activities of staff and their behaviors. As an example, if you have staff that travel regularly or use their laptops on public transport, have they been educated about the risks and best practices? It is all-too-common to see people in airport lounges leaving laptops unlocked or sitting on public transport with confidential documents open.

When users are educated about risks and secure behaviors, a secure culture starts to emerge. Responsibility for a security culture should go beyond just the CISO. It should include other stakeholders such as HR, finance and people managers. If senior leaders set the right example in terms of secure behavior, others will follow.

It is also important to address the risks of new technologies as they become a part of day-to-day working life. If users assume everything is safe, threats will be missed. So, they need to be educated about always looking out for the unexpected. Teams is now a part of almost everyone’s daily work life, but very few organizations have educated their users on the cyber security risks associated with it.

In short, leaders should prioritize educating users on newer technologies and the threats associated with them.

For organizations that already have email security (Microsoft…etc.), why should leaders consider switching to a stronger email security solutions provider?

Leaders should consider how a malicious actor would attack them. Is their email security exposed to the outside world with mail exchange (MX) records? Are external parties able to share files and to message users via Teams? If this has been considered, how is the organization preventing these threats?

Leaders should assess the speed at which existing cyber security solutions adapt to new threats; the use of cloud-based platforms that are regularly updated and powered by AI will assist in preventing the latest threats, including those associated with BCC.

For more information about recent BCC attacks, please click here.

Online Scams Targeting Seniors: A Growing Threat and How to Fight Back

Our beloved seniors are increasingly becoming targets for #onlinescams. Their trusting nature and vulnerability to loneliness make them prime prey for #romancescams and financial deception. This is alarming! #protectingourseniors #onlinesafety #content

Protecting Our Elders from Online Scams This blog post focuses on the increasing prevalence of online scams targeting older adults. It explores common forms like romance scams and financial schemes, highlighting red flags to watch out for. The post emphasizes the importance of building a secure online environment through strong passwords, security software, and awareness of suspicious links.…

View On WordPress

Los consumidores pagan el precio de las filtraciones de datos de las empresas

Los consumidores pagan el precio de las filtraciones de datos de las empresas

Las filtraciones de datos informáticos son más costosas y tienen mayor impacto que nunca, con un costo promedio de 2,09 millones de dólares en América latina. (more…)

View On WordPress

Microsoft: 10,000 Organizations Targeted in Large-Scale Phishing Campaign

Microsoft: 10,000 Organizations Targeted in Large-Scale Phishing Campaign

Home › Fraud & Identity Theft Microsoft: 10,000 Organizations Targeted in Large-Scale Phishing Campaign By Ionut Arghire on July 14, 2022 Tweet Microsoft has warned users about a large-scale phishing campaign that has been targeting over 10,000 organizations to perform follow-on business email compromise (BEC). As part of the campaign, the attackers have been using adversary-in-the-middle (AiTM)…

View On WordPress

BEC Fraud Reaches $43 Billion Per Year

BEC Fraud Reaches $43 Billion Per Year

View On WordPress

サイバー犯罪に特化した生成AIが、サイバー犯罪に関連することが多い著名なオンラインフォーラムに登場したとして、セキュリティベンダーが注意を呼び掛けている。 　一般的な生成AIは倫理的にNGとされる行為には加担しないよう制限がかけられているが、今回その存在が明らかになった「WormGPT」はこうした制限が一切なく、サイバー犯罪者が違法行為を行うことを支援する設計が特徴。具体的には説得力が高くパーソナライズされたビジネスメール詐欺（BEC）の作成および実行支援のほか、マルウェアの作成などにも対応しており、サイバー犯罪の初心者でも簡単に利用できるなど、脅威となるべき条件が揃っている。セキュリティベンダーのSlashNextはこれらの存在について注意を呼び掛けるとともに、生成AIによるビジネスメール詐欺から身を守るためのトレーニングの実施を提案している。日本語に対応しているとの情報は今のところないが、翻訳ツールを使えば日本語環境でも利用は可能と考えられるため、十分な注意が必要と言えそうだ。 WormGPT – The Generative AI Tool Cybercriminals Are Using to Launch Business Email Compromise Attackshttps://slashnext.com/blog/wormgpt-the-generative-ai-tool-cybercriminals-are-using-to-launch-business-email-compromise-attacks/WormGPT - A Hacking Tool To Launch Cyber Attack（GBHackers）https://gbhackers.com/wormgpt/What Is WormGPT And How To Use It: Explained（Dataconomy）https://dataconomy.com/2023/07/17/wormgpt-the-unethical-chatgpt-is-out/

サイバー犯罪に特化した悪意ある生成AIが登場、セキュリティベンダーが注意を呼び掛け【やじうまWatch】 - INTERNET Watch

What is Cyber Crime?

Just like regular crime, it also exists on the Internet. Here are some examples of Cyber Crime:

Identity Theft

Online Predators

BEC ("Business Email Compromise")

Ransomware

Stealing of sensitive intellectual property

Business Email Compromise (BEC) Accounts Payable – November 8, 2024

Join us on November 8, 2024, for a highly informative CPE training event focusing on the Cyber security issue: Business Email Compromise.

In today's digital age, safeguarding your organization from Business Email Compromise (BEC) is paramount. Our upcoming CPE event offers a deep dive into BEC threats, focusing on protecting the accounts payable function. Gain vital skills in authentication, internal controls, and fraud prevention. Join us for an enlightening session that could save your company from financial jeopardy. For a safer tomorrow, learn more.

What Huntress Services are Right for Your Business?

New Post has been published on https://www.aheliotech.com/blog/what-huntress-services-are-right-for-your-business/

What Huntress Services are Right for Your Business?

Huntress is a proactive threat detection and response platform that provides enhanced detection through advanced process analysis, persistent foothold scanning, external recon and ransomware canaries to provide your business multiple layers of protection. This tool will automatically detect and isolate cyber-attacks on your servers and workstations. Unlike traditional anti-virus products that rely on signatures and patterns to identify malware, Huntress uses advanced behavioral analysis and machine learning to uncover hidden threats that are sometimes missed by other tools.

AhelioTech strongly recommends the following Huntress Products:

Huntress EDR & MDR Software

Huntress Microsoft 365 MDR Solution

Huntress Curricula Phishing Solution

Huntress EDR & MDR Software

Huntress provides more than just an anti-virus protection; it also offers a powerful suite of endpoint protection, detection and response capabilities. EDR and MDR is not an “either/or” choice. They are both important for enhancing cybersecurity, but they have different core focuses and solve security challenges in different ways. EDR is a tool that is deployed to protect a particular endpoint, while MDR is a service that provides security monitoring and management across an organization’s entire IT environment.

Huntress’s Endpoint Detection and Response (EDR) solution provides advanced protection for endpoints, such as laptops, desktops and mobile devices. EDR solutions collect and analyze data from endpoints to detect and respond to potential threats, such as malware, ransomware or unauthorized access.

Huntress’s Managed Detection and Response (MDR) is a valuable service that provides comprehensive security monitoring and management for an organization’s entire IT environment. MDR services use various tools and technologies, including EDR solutions, to detect and respond to cyberattacks 24/7. Some key benefits of MDR services are 24/365 monitoring, managed response, threat hunting and threat intelligence.

Why is Huntress’s EDR and MDR Solution Important for Your Organization?

Meets increasing cybersecurity and cyber liability insurance requirements.

Provides greater endpoint visibility.

Identifies enhanced threat intelligence.

Provides near real-time forensics to identify actively exploited systems.

Mapping of malicious and suspicious processes.

Provides persistent foothold monitoring and remediation.

Offers around the clock active threat hunting.

Provides access to monthly reporting and security overview.

Huntress Microsoft 365 MDR Solution

Business Email Compromise (BEC) is a growing threat to businesses of all sizes. BEC attacks involve fraudulent emails to trick individuals into sending money or sensitive information to threat actors. These attacks can be highly convincing and difficult to detect, often suggesting urgency and involving impersonating a trusted contact or using compromised credentials to gain access to sensitive data.

Huntress MDR for Microsoft 365 leverages automated detectors and human analysts to monitor and respond to critical security threats such as unauthorized access, email tampering and privilege escalation in Microsoft 365 cloud environments.

MDR for Microsoft 365 continuously monitors for indications and behaviors of a BEC attack such as a user logging in from a suspicious location or a malicious email forwarding rule. The Huntress Security Operations Center (SOC) reviews any detections, instantly isolating any compromised users and supplies a semi-automated remediation plan for further necessary actions.

These attacks change every day and grow in sophistication. The 365 MDR Solution offers another layer of protection for users and the organization.

Huntress Curricula Phishing Solution

The best and most sophisticated cybersecurity technologies today are being rendered useless by one simple thing: employees. Unlike other IT services, security is not something you can set and forget. It requires constant vigilance, monitoring and training. Everyday users need to play an active role as you strengthen your defenses.

What are the Benefits of the Huntress Curricula Phishing Solution?

Easily customize, deliver and report on phishing programs that train employees and help build trust.

Provide detailed reporting that is easy to generate and share, working through audit or compliance needs.

Includes Huntress Security Awareness Training which keeps your employees ahead of the curve by teaching them about the specific tactics’ attackers are using when targeting your organization.

Security Awareness Training (SAT) delivers a powerful—and fun—combination of episodes, assessments, simulations and reports to help employees become more cyber savvy in the fight against bad actors.

Depending on the needs of your organization, any or all of these tools will enhance your cybersecurity culture.

 Contact AhelioTech Today to Determine Which Huntress Product is Right for Your Company!

Kampagnen der Cyberkriminellen-Gruppe TA4903

Cybersecurity-Experten haben neue Kampagnen der Cyberkriminellen-Gruppe TA4903 identifiziert, die sich auf Phising und Business Email Compromise (BEC, auch CEO-Betrug genannt) spezialisiert hat. Bei der Gruppe handelt es sich um finanziell motivierte Cyberkriminelle, die in letzter Zeit durch groß angelegte E-Mail-Kampagnen von sich reden gemacht hat. Dabei geraten vor allem US-amerikanische Organisationen ins Fadenkreuz der Angreifer, gelegentlich auch Unternehmen aus anderen Teilen der Welt. Die wichtigsten Erkenntnisse von Proofpoint zu TA4903: - TA4903 verfolgt zwei Hauptziele: Phishing von Zugangsdaten und BEC. - Die Gruppe führt regelmäßig Kampagnen durch, bei denen sie sich als verschiedene US-Regierungsstellen ausgibt, um Zugangsdaten von Unternehmen zu stehlen. - TA4903 gibt sich auch als unterschiedliche Organisationen verschiedener Branchen aus, darunter Bau, Finanzen, Gesundheitswesen, Lebensmittel und Getränke sowie weitere. - Der Umfang ihrer Kampagnen reicht von Hunderten bis zu Zehntausenden Nachrichten pro Kampagne. - Die Gruppe wurde bei der Verwendung des EvilProxy MFA-Bypass-Tools beobachtet und macht sich seit Ende 2023 QR-Codes zum Diebstahl von Anmeldeinformationen zunutze. Proofpoint hat die Aktivitäten von TA4903 bis mindestens Mitte 2021 zurückverfolgt, wobei Indizien darauf hindeuten, dass ihre Phishing-Aktivitäten im Zusammenhang mit dem Diebstahl von Anmeldeinformationen sowie BEC-Angriffe bereits seit 2019 stattfinden. Die Gruppe gab sich im Dezember 2021 bei Angriffen zunächst als US-Arbeitsministerium aus. Später missbrauchte sie den Namen anderer Ministerien, darunter das für Wohnungsbau und Stadtentwicklung, Verkehr und Handel. Im Jahr 2023 dann ging TA4903 dazu über, sich als US-Landwirtschaftsministerium auszugeben. Zunahme von TA4903 Ab Mitte 2023 bis 2024 konnte Proofpoint eine Zunahme der Phishing- und Betrugskampagnen von TA4903 feststellen, wobei die Angreifer begannen, verschiedene kleine und mittelgroße Unternehmen (KMU) verschiedener Branchen zu imitieren. Bei den jüngsten BEC-Kampagnen von TA4903 gibt sich die Gruppe folglich nicht mehr als staatliche Stelle aus, sondern tarnt sich stattdessen als vermeintliches KMU. Diese Kampagnen werden mit einer höheren operativen Geschwindigkeit durchgeführt als die zuvor beobachteten Kampagnen.     Passende Artikel zum Thema   Lesen Sie den ganzen Artikel

Email at the Forefront of Cybersecurity Concerns: Insights from Perception Point’s 2024 Cybersecurity Report

New Post has been published on https://thedigitalinsider.com/email-at-the-forefront-of-cybersecurity-concerns-insights-from-perception-points-2024-cybersecurity-report/

Email at the Forefront of Cybersecurity Concerns: Insights from Perception Point’s 2024 Cybersecurity Report

In the dynamic world of cybersecurity, 2023 marked a significant shift, underscored by a 1760% increase in Business Email Compromise (BEC) attacks. This startling revelation, detailed in Perception Point’s ‘2024 Annual Report: Cybersecurity Trends & Insights‘, points to the growing sophistication of cyber threats. The Tel Aviv-based leader in advanced email and workspace security solutions highlights how Generative AI (GenAI) technologies have become a tool for threat actors, enabling them to craft intricate social engineering attacks that are increasingly difficult to detect​​.

The past year’s cyber landscape was shaped by the remarkable advances in GenAI, which malicious actors used to enhance the scale and complexity of their attacks. In 2022, BEC attacks constituted a mere 1% of all cyberattacks, but by 2023, they accounted for a staggering 18.6%​​.

Phishing continued to be the dominant cyber threat, accounting for over 70% of all attacks, with little change from the previous year. However, quishing—a new form of threat exploiting QR codes—emerged, accounting for 2.7% of all phishing attempts. The trust placed in QR codes has been manipulated by attackers, turning a simple scan into a significant security risk. In 2023, 1 out of every 18 QR codes sent via email was malicious​​.

Additionally, the prevalence of two-step phishing attacks saw a 175% increase. These multi-stage attacks, harder to detect due to their use of legitimate services and hosting sites, exploit the reputations of well-known domains, evading detection more easily​​.

The report also highlights a 350% rise in account takeover (ATO) threats, where legitimate accounts are compromised and then used in highly targeted attacks. Brand impersonation attacks also saw a significant increase, with 55% of all such attacks in 2023 mimicking the targeted employee’s organization​​.

Email remained the primary attack vector, with 1 in 5 emails being malicious or spam. Threat actors expanded their horizons to target organizations through other means as well, with phishing attacks via web browsers increasing significantly and malware distribution in M365 Apps like OneDrive, SharePoint, and Teams accounting for 65% of attacks. Over 50% of attacks targeted CRMs like Zendesk and Salesforce​​.

Yoram Salinger, CEO of Perception Point, emphasizes the impact of GenAI’s proliferation on organizational security postures. He highlights the evolving nature of the modern workspace, increasingly reliant on cloud-based email, collaboration, and productivity tools accessible from any browser. Perception Point’s commitment to protecting this modern workspace is evident in their consolidated threat prevention solution, which combines multi-layered AI-powered detection with managed incident response services​​.

Perception Point, a Prevention-as-a-Service company, stands at the forefront of next-generation prevention, detection, and response to attacks across email, cloud collaboration apps, and web browsers. Their cloud-native service, easy to deploy and manage, is designed to replace cumbersome legacy systems. It prevents phishing, BEC, spam, malware, Zero-days, ATO, and other advanced attacks, protecting Fortune 500 enterprises and organizations globally​​.

This comprehensive report by Perception Point offers invaluable insights into the evolving cyber threat landscape, underscoring the need for innovative security solutions in an era where GenAI and advanced social engineering tactics are becoming the norm. You can view the full report here​​.

Por ejemplo, un atacante puede ponerse en contacto con alguien del departamento de finanzas por correo electrónico o por teléfono para hacerse pasar por un alto ejecutivo. El atacante le diría al empleado de finanzas que no tiene acceso a su computadora pero que necesita enviar un cable de emergencia a una cuenta bancaria específica. Sin los controles correctos, el encargado de finanzas podría enviar la transferencia a la cuenta bancaria del atacante. Tan pronto como la transferencia llega a su cuenta bancaria, el atacante la transfiere inmediatamente a otra cuenta bancaria, generalmente fuera del país.

Hackers impersonate U.S. government agencies in BEC attacks

5 Key Findings from the Business Email Compromise (BEC) Trends Report

http://i.securitythinkingcap.com/T2d9hh

Fortifying Finances: Safeguarding Your Business Against Payment Fraud

Integrating payment fraud protection promotes financial stability and protects the reputation of your business. In the last few years, the majority of consumers have reported being the victim of payment fraud. Many have had their payment details stolen and used by a fraudster utilizing a website or mobile application.

Investing in payment fraud prevention, shielding your company and clients from illegal access, is a good idea. Together with payment fraud detection solutions, effective fraud protection techniques are essential to protect your company from the negative effects of payment fraud.

The term "payment fraud" describes unsanctioned and dishonest practices intended to manipulate digital transactions. Gaining money or goods illegally usually involves credit cards, online purchases, and other payment methods.

 

How Is Payment Fraud Committed?

A crucial element of payment fraud is the method used by the perpetrator to launch their attack. These can involve black hat hacking, social engineering, and other technology-based tactics like the following:

Phishing is the fraudulent attempt to gain credit card numbers, usernames, and passwords by impersonating a reliable source in online communications.

Skimming is the illegal collection of credit or debit card data to enable unlawful transactions. This is frequently done through the use of covert devices on card readers.

 is the illegal acquisition and exploitation of private data, including social security numbers, to commit fraud by pretending to be someone else.

Chargeback fraud is the dishonest use of a credit card, in which the buyer contests an authorized charge and receives a refund while keeping the products or services they paid for.

Account takeover is the unauthorized access to a person's or company's online account for fraudulent transactions or other unauthorized actions, frequently accomplished through credentials theft.

Business email compromise (BEC) is a type of cybercrime in which an attacker assumes the identity of an executive or employee in order to manipulate sensitive data or financial transactions.

Malware is malicious software that compromises security and enables illegal access or transactions by infiltrating and damaging computer systems. It is frequently used in money fraud scenarios.

How To Identify and Stop Payment Fraud

Adhering to regulations lays the groundwork for companies to identify and stop payment fraud. Cities, states, and nations may have different industry-specific laws, and firms may have to deal with varying degrees of complexity based on the demands of their particular sector.

The only way for businesses to stay up with the increasing volume and complexity of contemporary payment fraud is through technology. Manual review cycles aren't a fair match for the sophisticated technology that fraudsters are increasingly using to commit payment fraud. The massive volumes of data that must be analyzed to spot patterns of fraudulent activity in real-time precisely are considerably easier for machine learning algorithms to handle.

Your business may take a more thorough approach to payment fraud protection across a variety of fraud vectors, with the help of a holistic fraud prevention platform. Platforms are usually better equipped to detect and stop payment fraud than isolated point solutions since they have access to bigger data networks. Additionally, platforms provide partner connectors so that a network of reliable companies can use fraud protection services.

Remember that every platform handles fraud a little bit differently, and many fraud protection platforms are quite good at creating friction to prevent fraud but unintentionally create difficulty for reliable clients in the process. This reduces potential revenue, stifles growth, and causes client attrition.

With intelligent automation at every consumer touchpoint, a payment fraud detection system increases the intelligence, simplicity, and flexibility of fraud detection. The platform's technology targets a variety of threats, with an emphasis on high-impact situations to increase income, such as account takeovers, spam, chargebacks, and payment fraud.

The Evolution of Cybersecurity - AI Vs Cyber Threats

When ENIAC, the first modern computer, was brought online in 1945, cybersecurity wasn’t a word you’d find in the dictionary. Hackers weren’t even a thing, and securing these building-sized computers was a physical security problem. As technology evolved, however, it became necessary to protect these systems from virtual attacks. Data breaches, hacktivism, and holding companies for ransom became more common, and defending these businesses against cyber threats started to involve advanced technologies like AI.

While AI is becoming a critical component of cybersecurity, it can also be a dangerous tool for hackers. Using AI can heighten the speed, scale, and scope of attacks against organizations, which requires defenders to adjust their defense strategies.

The most common way that hackers use AI is by leveraging generative AI, a type of machine learning that can create new malware and hacking tools. In addition to creating new malware, generative AI can be used by hackers to search for loopholes in existing security infrastructure and automate phishing attacks. This can make it difficult to identify and prevent these attacks by traditional means, which requires human intelligence and analysis.

Cybercriminals can Best VPN Services of 2024 also use AI to sift through massive amounts of data to identify potential vulnerabilities. Then, they can use that information to target companies with phishing campaigns that are designed to steal sensitive data or cause damage. This threat is known as business email compromise (BEC), and it’s been a major concern for many organizations.

As the threat landscape changes and attackers develop new techniques, AI’s dynamic learning capabilities can help defenders quickly adapt to these challenges. This is important, because AI-based detection and response can significantly reduce the time to detect and respond to a threat.

Additionally, AI can sift through massive volumes of data and identify patterns that may indicate an attack, a capability that’s nearly impossible for humans to achieve at such a scale. Lastly, AI can prioritize and direct responses to risks, allowing analysts to focus on the most pressing threats, and it can provide better models to predict future attacks.

Although these advantages are significant, it’s essential for cybersecurity leaders to recognize the risk that AI poses to their organization and continue to work with experts to mitigate these risks. They must remain technology website vigilant and keep their eye on the ball, as attackers are constantly adapting their tactics, seeking out weaknesses in existing infrastructure, and developing new ways to leverage AI. To combat these attacks, it’s crucial to train and update AI with the latest threat intelligence. That way, it can identify the most dangerous patterns and take action before they’re able to cause real harm.