Phishing and file sharing are Wall of Shame bait Internet thieves have long used file sharing sites and services to host their malicious files. When they do this, they typically use the underlying service to generate download links that anyone can click without logging in to the hosting service. Makes sense when you're blasting out thousands upon thousands phishing emails with malicious links. You want to set the table for a feast, not an intimate dinner for two. The other thing the bad guys typically do, however, is generate their own emails instead of using the underlying hosting service to deliver their malicious links to a wide audience. Doing so reduces the chances that the service notices something is amiss (like mass spam deluges erupting from their own servers) ... Read More

Criminal gangs are behind CEO fraud A new study by Agari concludes that, despite all the finger pointing and attention some countries' services have been getting for their phishing attacks, the big threat still comes from criminal gangs. Here is your quick Executive Summary: 97% of people who answer a CEO Fraud email become victims The average CEO fraud incident included a payment request of $35,500 (ranging from $1,500 to $201,805) 24% of all observed email scam attempts between 2011 and 2018 were CEO fraud even though CEO fraud only started in earnest in 2016 And what's that country? Many of those criminal gangs continue to operate from Nigeria, of the ten gangs engaged in the email scams that Agari studied, nine were based in Nigeria. Conclusion: the old Nigerian 419 ... Read More

CEO fraud up 136% worldwide The FBI is again warning of the threat posed by CEO Fraud and email account compromise (EAC). Together, says the FBI, these have cost businesses $12 billion between December 2016 and May 2018. That represents a 136% increase in reported losses worldwide. The scams have been reported in all 50 United States and in 150 countries. Small, medium, and large businesses have all been affected. The attempts at theft depend upon compromise of a legitimate account or device. They often involve fraudulent wire transfers, but they can also simply target personally identifiable information, payroll data, or tax information. The real estate sector has been heavily targeted recently Victims include not only real estate agents, but also title companies, supporting law firms, and, of course, property ... Read More

CEO Fraud happens to small and medium sized businesses too Lloyds Bank says CEO Fraud rose by 58% in the UK over the past year. although CEO Fraud is often associated with large firms, Lloyds’ results show the contrary: about half-a-million small and medium enterprises were victims. These smaller organizations lost an average of £27,000 each time they were hit with an impersonation scam. The organizations most affected were, in order, law firms, human resources departments, IT workers, and financial firms. Lloyds thinks the actual rate of attack may be higher than what they reported. Their study is of course based on the self-reporting of victims, and Lloyds believes that as many as one in twenty victims conceals their mistake to avoid embarrassment in front of colleagues. Scammers ... Read More

Schwab broker lied A former broker for Charles Schwab & Co. was fined $5,000 and suspended for 90 days by the Financial Industry Regulatory Authority Inc for lying to Schwab about a CEO Fraud attack in which he wired nearly $800,000 to someone impersonating one of his customers. Fired because he violated Schwab's policy Deming Payne, who resigned from Schwab in September 2017 after admitting that he violated firm policy regarding the documentation of outbound calls, is no longer employed in the securities industry. The Financial Industry Regulatory Authority Inc., in its letter of acceptance, waiver and consent, said that in August 2017, Mr. Payne received requests via email from an individual posing as a customer to process eight wire transfers from the customer's account. Imposter got away with $794,860 In total, wire ... Read More

Ransomware has reached a new low The repugnant attack combination of ransomware, claims to donate to charity, and even details of children’s names, diagnoses, and pictures shows there is no low too low for scumbag cybercriminals to go for more money. Ransomware protection and detection has improved over the years. So, cybercriminals are constantly looking for new ways to ensure payment. This latest version is downright revolting. The CryptoMix ransomware has resurfaced, according to a recent blog at Ransomware Incident Response vendor CoveWare. With each infection, the message goes beyond just asking for bitcoin, but instead attempts to compel victims to pay the ransom with the claim that the money will go to a fictitious charity. It's all for the kids, they say Throughout the entire payment process, the cybercriminals keep up ... Read More

What W-2 phishing looks like According to a recent federal court decision, an employee who is tricked into sharing personal information in response to a W-2 phishing email can be seen as committing an intentional disclosure under the North Carolina Identity Theft Protection Act (NCITPA). As a result, the employer could face triple damages for the employee’s mistake, adding a new element to potential exposure for businesses. Employees who fall for CEO Fraud commit an "intentional disclosure" Poyner Spruill's J.M Durnovich was right to highlight this development, which was also picked up by the nationwide Law360 site. The failure to train employees may quickly become more costly not only for for North Carolina employers. This decision will be looked at by other courts who very well might come to the same conclusion that not taking reasonable ... Read More

CEO fraud reaches 1 in 6 users With an average of 1 in 6 users receiving email-based impersonation attacks (CEO fraud attempts) , it spells bad news for organizations. Cybercriminals need users to believe the emails being sent are legitimate. No better way can be found than to impersonate someone known to the sender. According to email security vendor Mimecast, email impersonation—aka CEO Fraud or Business Email Compromise—has risen 80% over last quarter in their latest Email Security Risk Assessment Report. Impersonation works Utilizing the findings from the inspection of over 140 million messages, Mimecast’s report is particularly statistically relevant and should be given the proper attention. The massive increase in impersonation denotes the cybercriminals finding greater successes with impersonation than without. Over 40,000 impersonated email messages reached users’ inboxes, demonstrating that bad guy ingenuity can ... Read More