Everyone's talking about business email compromise, but what they aren't talking enough about is what's at the root of these attacks - spear phishing. Joseph Opacki of PhishLabs discusses how security leaders must respond to the threat.
Less than a year after the United States Postal Service revealed that hackers breached agency computers, many employees continue to click on phishing messages that contain false links, according to an inspector general report.
Too often, individuals who fail to take the proper steps to secure IT aren't punished for their reckless behavior. But should those who consistently fail to follow safe cyber hygiene be severely penalized for repeatedly falling for phishing attacks?
Spear phishing is the preferred attack method for advanced threat actors. Well-crafted spear phishing attacks easily slip past layers of defenses and target the only vulnerability that cannot be patched -- people. The vast majority of headline data breaches in recent years have all begun with spear phishing attacks....
A penny saved is a penny earned, as Benjamin Franklin made familiar in Poor Richard's Almanac in 1737 - and every penny of fraud loss recovered (or better yet, avoided) goes straight to the organization's bottom line.
Present-day examples span the gamut of industries. The losses are in the billions and growing -...
The FBI estimates fraud losses linked to so-called business email compromise scams worldwide have exceeded $1.2 billion in less than a year. But some financial fraud experts say the losses from this largely overlooked threat could be even higher.
Hacker attacks often start with spear-phishing attempts, but healthcare entities can take steps to help prevent these scams from being successful, says Connie Barrera, CISO of Jackson Health System in Miami, who describes her organization's approach.
A $46.7 million fraud scheme that hit Ubiquiti Networks Inc. shows the new & improved face of wire fraud - and just how easy it is for cybercriminals to fool employees into helping to pilfer their own enterprises.
The prices for stolen payment card data and other cybercrime products and services on Russian underground forums continue to fall. But the cybercrime ecosystem is more automated, effective and robust than ever, Trend Micro reports.
Customer authentication is a very difficult challenge for financial institutions in faceless delivery channels due to the ready availability of consumer information from social media sites and data breaches. Fortunately, technology is up to the challenge, and voice solutions have emerged that can provide a wide range...
An unconfirmed post-breach report for bitcoin exchange Bitstamp shows the organization was targeted by a sustained attack that combined phishing via email and Skype with macro malware to successfully steal almost 19,000 bitcoins, worth $5 million.
Cisco announced plans to pay $635 million to purchase cloud security firm OpenDNS to better secure the "Internet of Everything." OpenDNS says the acquisition will leave its products and personnel intact.
Typically the traditional Healthcare Information "culture" has not been managed or even significantly influenced by centralized IT or InfoSec personnel. The current environment can be heavily fragmented into various functional and geographic groups, each with very different governance programs and priorities which...
How does an advanced threat adversary operate for 10 years, undetected? FireEye APAC CTO Bryce Boland shares details of the decade-long APT30 campaign that targeted organizations in India and Southeast Asia.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.