How to Prevent Email Spoofing with DMARC

Email-based attacks are the number one attack vector for cybercriminals. These attacks do not always require a high level of technical sophistication to carry out. And because the human factor is involved, there is almost no doubt they will endure Read More …

GenAI Is Powering the Latest Surge in Modern Email Threats

Generative artificial intelligence (GenAI) tools like ChatGPT have extensive business value. They can write content, clean up context, mimic writing styles and tone, and more. But what if bad actors abuse these capabilities to create highly convincing, targeted and automated Read More …

North Carolina: Around £2.1 million has been stolen from the housing agency as the US Secret Service is investigating

It is a little-known clothing firm based out of an anonymous residential street in Scotland’s biggest city, with overflowing bags and boxes of rubbish piled up outside its front door. But a Glasgow company is at the centre of a Read More …

WormGPT, PoisonGPT: How generative AI can become a tool for criminals

A cybersecurity firm discovered a new generative artificial intelligence tool called WormGPT that is being sold to criminals. Another firm created a malicious generative AI tool called PoisonGPT to test how the technology can be used to intentionally spread fake Read More …

Detecting and mitigating a multi-stage AiTM phishing and BEC campaign

Microsoft Defender Experts uncovered a multi-stage adversary-in-the-middle (AiTM) phishing and business email compromise (BEC) attack against banking and financial services organizations. The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks and follow-on BEC Read More …

Cyber Signals: Shifting tactics fuel surge in business email compromise

Today Microsoft released the fourth edition of Cyber Signals highlighting a surge in cybercriminal activity around business email compromise (BEC). Microsoft has observed a 38 percent increase in cybercrime as a service (CaaS) targeting business email between 2019 and 2022. Read More …

Business Email Compromise Tactics Used to Facilitate the Acquisition of Commodities and Defrauding Vendors

The FBI warns the public of criminal actors using Business Email Compromise (BEC) schemes to facilitate the acquisition of a wide range of commodities. BEC is one of the most financially damaging online crimes. It exploits the fact that so Read More …

What SOCs Need to Know About Water Dybbuk, A BEC Actor Using Open-Source Toolkits

In September 2022, Trend Micro researchers observed a new potential BEC campaign that was targeting large companies around the world which we believe has been running since April 2022. By carefully selecting their target victims and leveraging open-source tools, the Read More …

FBI: Criminal Actors Use Business Email Compromise to Steal Large Shipments of Food Products and Ingredients

The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) are releasing this joint Cybersecurity Advisory (CSA) to advise the Food & Agriculture sector about recently Read More …