Don't click phishy links. Everyone knows that. But are your end users prepared to quickly identify today's tricky tactics being used by bad actors? Probably not. Cybercriminals have moved beyond simple bait and switch domains. They're now employing a variety of advanced social engineering techniques to entice your...
Rumors are swirling about how the Department of Health and Human Services lost about $7.5 million in grant payments through a series of cyberattacks last year, including speculation over whether the incidents involved sophisticated AI-augmented spear-phishing or more commonplace fraud schemes.
Australian fashion and sports retailer The Iconic has blamed careless customers for a spree of incidents that allowed hackers to access customer accounts and place orders worth thousands of dollars. The firm said customers made themselves easy targets by reusing passwords across multiple websites.
Hackers celebrated the year-end holidays with a malicious "Free Leaksmas" posting on the dark web, releasing 50 million stolen consumer records, including credit card information. Researchers said the leaked data can be used for identity theft and fraud.
In late Q4 2023, ISMG conducted a survey that attracted over 100 responses from professionals and provided a unique platform for Fraud, AML, Financial Crime, and Compliance leaders to contribute their insights and to offer a deeper understanding of how AI is shaping the daily battle against fraud.
The continuing battle against fraud and financial crime demands constant adaptation and innovation. Generative AI - Artificial Intelligence - and broader AI technologies have brought both excitement and apprehension to our field, as they hold the promise of revolutionising our approach to fraud prevention while...
Check fraud, scams and account takeovers dominated the fraud landscape in 2023. Banks and other financial institutions are expected to continue to struggle with account takeovers as fraudsters have changed their modus operandi, making it difficult to track fraudulent proceeds.
As the adoption of real-time payments increases, the United States will likely see an increase in scams, which will further fuel the debate about reimbursement models for FedNow and RTP networks, said Peter Tapling, board member at the U.S. Faster Payments Council.
Days after announcing a security compromise, cloud-based identity and authentication management provider Okta said that an unknown threat actor had accessed files of 134 customers after an employee signed in to a personal Google profile on the Chrome browser of an Okta-managed laptop.
This latest Quarterly Threat Report (QTR) distils the trends, notable new behaviours, and unusual attacks we saw over the last quarter. Also utilizing previous threat reports to compare findings and point out patterns–and even provide some solutions for avoiding the latest threats.
By dissecting how attackers got...
Genetics testing firm 23andMe is investigating a data leak of ancestry DNA information for certain customers whose usernames and passwords were previously hacked on other websites. The company suspects a massive credential stuffing attack on individual accounts using recycled passwords and no MFA.
Netcraft purchased an online brand protection vendor to incorporate security analysts into the company's highly automated cybercrime takedown process. The deal will expedite the takedown of fraudulent websites by capitalizing on their joint knowledge of the global infrastructure provider landscape.
Cybercriminals continue to rely on proven attack methods while developing new ways to infiltrate digital environments and break through your human defense layer.
But how can you reduce your organization’s attack surface? We looked at 12.5 million users across 35,681 organizations to find out.
In this webinar...
Search engine optimization poisoning attacks, which involve intentionally manipulating search results to lead users onto malware-laced websites, are on the rise in the healthcare sector, U.S. federal regulators warn. Users should watch for typosquatting, keyword stuffing, meta tagging and cloaking.
Phishing attacks have come a long way from the spray-and-pray emails of just a few decades ago. Now they’re more targeted, more cunning and more dangerous. And this enormous security gap leaves you open to business email compromise, session hijacking, ransomware and more.
Join Roger Grimes, KnowBe4’s...