A study of CISOs done by Raytheon and the Ponemon Institute produced some sobering results. Researchers asked CISOs to assess their stress level today versus three years from now on a scale of 1 to 10 with 10 being high stress. The group expected their stress levels to be at an average of 8.8, the highest recorded.
Email phishing attacks continue to be the most prevalent way cyber criminals are stealing credentials, launching malware, and breaching computer networks. Email is almost always the point of entry. The FBI calls these attempts Business Email Compromise (BEC) and they account for more than a billion dollars in losses for U.S. businesses each year.
Topics: email security
The past does not define our future, but it often predicts it. That’s why INKY is the perpetual student. She is in a constant cycle of learning, becoming more powerful with every email she reads and every phish she catches. 2018 was a banner year for INKY literally and figuratively. Our phish fence solution caught tens of thousands of phishing attempts, in some cases hours before they had been flagged by the phishing aggregators. We’ve filleted a few of our favorite 2018 phish for you because as sure as the ocean is blue the attacks of 2018 will return in 2019 repackaged, repurposed, and more conniving than ever. INKY is ready. Are you?
Topics: phishing email examples
The Problem with Microsoft Attack Simulator and Phishing
Microsoft recommends Office 365 admins buy an add-on subscription and run a program called Attack Simulator as a safeguard against phishing email attacks. The company says Attack Simulator will run your employees through realistic scenarios that scammers use to steal credentials through email phishing schemes.
Topics: office 365 tools
Microsoft Office 365 is under attack from scammers. This puts your business at major risk if you aren’t protected.
Product placement in the movies and on TV has been with us from the early days. It used to be extremely overt and in your face. Much like phishing attacks, product placement has grown more covert. It’s still exists but is subtler by implanting itself in our subconscious and is cleverly woven into story lines and subplots without us knowing it’s there. Our subconscious is exactly where cyber criminals often set their phishing trap.
What is phishing? It’s a great question. Chances are, since the day you’ve had an email address, someone somewhere has been trying to phish you. Phishing is a modern twist on the classic sleight of hand. Sometimes it’s an aggressive assault meant to unbalance you, scare you, and prompt you to act irrationally, but often it’s a careful, less-obvious attempt to cajole you to share account information or click a link.
Topics: email scam
I have three Alexa’s and tend to buy everything I possibly can from Amazon. You name it I’ve bought it! So getting ‘order’ and ‘delivery’ notification emails from the big A are a daily norm in my inbox. I would bet that for most of you, it is the same. In the last week, I had two Amazon packages ‘delivered’ that didn’t actually make it inside my house - I have since installed a video doorbell and I’m ready to catch whoever has been stealing my pork rub and vintage GI Joe’s!
It sits there in your inbox daring you to click on it. It appears to be an important message from the folks at Microsoft’s Office 365 email security team. Either your mailbox storage is full, there is an important security notice you need to read, or your mailbox is about to be deleted and you need to act to prevent it from happening. It looks legitimate, but it is just a phishing attempt to try to get your login credentials or launch some malware.
Microsoft, makers of Office 365, reports they see more than 5 billion threats detected on devices every month. That represents more than 100 million unique phishing emails targeting Office 365 users annually. There is no reason to believe that will end anytime soon.
Bukar is part of the INKY team that reviews the emails that users send through the “Report This Email’ link found in the INKY Phish Fence banner. We talked to him about phishing trends and user feedback.
Topics: phishing thought leaders
How many boxes are piling up at your front door? I will confess I now have three Alexa’s and have accidentally setup a subscription for AA batteries. If you ever need batteries, I’m your man. With the North Pole’s recent Reindeer weight, and carriage regulations Santa is now required to send 90% of his Christmas deliveries from Amazon directly.
Topics: catch of the day
According to statista.com IT Security spending in 2018 in the United States alone will reach $66B - an incredible number.
I am a Certified Information Systems Auditor. I’m Certified in Risk and Information Security Controls, I’ve been working in the IT Governance and Compliance space for the better part of 20 years, have taken organizations through ISO27001 and SSAE 16 certifications, yet without INKY’s Phish Fence would have struggled to recognize today’s “Catch of the Day”.
Email phishing is the top security threat to your organization. As the entry point for most security breaches, cyber-criminals are launching malware and ransomware, committing wire fraud, and identity theft. According to the FBI, phishing-based email accounted for more than $12 billion in fraud in just the last five years.