Banking institutions are seeing a significant spike in multi-channel financial crimes. But Duncan Ash and Julio Gomez of Splunk say data and analytics can be key differentiators in the effort to protect sensitive financial data.
Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.
The Bad Bot Report investigates the daily attacks that sneak past sensors and wreak havoc on websites. Such activities include web scraping, competitive data mining, personal and financial data harvesting, brute-force login, digital ad fraud, spam, transaction fraud, and more.
In the 2020 Bad Bot Report you'll...
Australian police say they've broken up a sophisticated SMS phishing scheme designed to collect personal details and bank login credentials. It's a rare success in the fight against unsolicited text messages.
So-called "cybersquatting" attacks are surging, with financial and e-commerce websites - including those of PayPal, Royal Bank of Canada, Bank of America and Amazon - among the most frequent targets, according to Palo Alto Networks' Unit 42.
The operators behind the Qbot banking Trojan are deploying a new version of the malware that uses hijacked Outlook email threads to send personalized phishing emails, according to Check Point Research. This campaign has targeted over 100,000 victims worldwide.
Reddit had a very "Make America Great Again" weekend, as more than 70 subreddits were temporarily hijacked and used to post "MAGA" messages in support of U.S. President Donald Trump. Attackers claim they used social engineering and password stuffing to compromise the accounts.
Are you prepared to detect and combat account takeover fraud (ATO) in real time? Adversaries have a variety of weapons at their disposal, which makes effective protection a challenge. To make matters worse, legacy anti-fraud solutions are falling short of accurately evaluating the risk.
With the right...
Chaos ensued when miscreants interrupted a virtual bail hearing on Wednesday for the suspected Twitter hacker, hijacking the feed with screams, chatter and, for a few brief seconds, pornography. The meeting details were public, and the meeting had not been password protected.
Suspects in the epic attack against Twitter were uncovered, in part, by the use of their real photo identification for cryptocurrency accounts they used to broker the sale of stolen usernames. The mistakes proved crucial to their identification, according to court documents.
The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities.