As we are certain about some aspects of life, the same can be said about cybercrime. Tax Day draws closer in the U.S., and as millions of Americans are in the process of filing their taxes, cybercriminals are also stepping in to make this task profitable for them and difficult for their victims. We have seen recent incidents of organizations falling for business email compromise (BEC) schemes related to tax filing; now, it looks like online extortionists have joined the fray as well.Read More
As if encrypting files and holding them hostage is not enough, cybercriminals who create and spread crypto-ransomware are now resorting to causing blue screen of death (BSOD) and putting their ransom notes at system startup—as in, even before the operating system loads. Imagine turning on your computer and instead of the usual Windows icon loading, you get a flashing red and white screen with a skull-and-crossbones instead.Read More
The thing about takedowns is that these do not necessarily wipe out the cybercriminal operations. In 2014, the ZeroAccess takedown has affected the botnet’s click fraud operation, but its infections continued to soar. DRIDEX’s case is similar as it continues to figure predominantly in the threat landscape despite takedown of its multiple command-and-control servers last October 2015.Read More
There’s a reason why the FBI estimates that the average loss caused by Business Email Compromise (BEC) to be $130,000 per company. Employees are not familiar with current social engineering strategies, and the network setup is not equipped enough to keep the threat from getting in the network. And this same situation is clearly depicted in an ongoing BEC campaign targeting companies in the US, Middle East, and Asia.
The attack, which has been traced back to Lagos and Kuala Lumpur, targets companies from several industries such as real estate, manufacturing, and construction.Read More