Did you know that gift card scams are among the most popular cyber threats? The same things that make gift cards popular with consumers—convenience and ease of use—also make them attractive to scammers as a vehicle for fraud. Gift cards, also known as gift certificates or vouchers, have topped the list of reported fraud payment methods every year since 2018, according to the Federal Trade...

During the annual eCommerce bonanza known as Black Friday and Cyber Monday weekend, shopping websites will be swarming with people who are mostly unaware of cyber threats that can leave personal data vulnerable. In 2021, Europe, Canada, and the United States saw a 50% spike in transactions during the Black Friday and Cyber Monday window from the previous week. With the imminent spike in online...

Whether deployed as a cloud service or on-premises, email security—and especially email security gateways—is of growing importance to organizations of all sizes, particularly given the upheavals to the working world over the last several years. It is estimated that in the post-pandemic world, one quarter of the workforce will choose to permanently work remote. In some sectors, such as technology...

None of the innovations seen in workplaces over the years posed challenges as significant as remote work. Even before hybrid workforces were the norm, many companies worldwide found themselves consolidated in large multinationals with employees all over the globe. The leading problem companies face, no matter the industry, is giving all their employees the same working experience, regardless of...

When it comes to cyber crime, hackers like to locate the most high-value targets, whether it’s a piece of infrastructure or an individual with access to privileged information, all while expending the least effort possible. In most examples of spear phishing attacks, a criminal will send out targeted attacks via email to multiple users. In these emails, the attacker will use high-pressure...

Spoofing refers to an attack where hackers use various ways to disguise their identity so that their victims think they are talking to their coworker, boss, or business. The methods used to achieve this are the typical phishing tropes such as fake websites, links, and social engineering. When spoofing is involved, it’s often more helpful to focus on detecting the facade rather than looking at the...

Malware is perhaps the most widely known out of all IT security threats. Since 1986, malware has become a significant concern for enterprise users, with recent examples including the Colonial Pipeline attack, Kaseya ransomware attack, and the SolarWinds Dark Halo breach. However, these attacks are just the tip of the iceberg, with many businesses falling victim to malware and ransomware attacks...

In early July, IT solutions provider and remote management solution provider Kaseya announced that it had fallen victim to a supply chain ransomware attack. During the attack, hackers leveraged a vulnerability in Kaseya’s VSA platform to encrypt the data of hundreds of downstream MSPs and their clients. The Kaseya ransomware outbreak is one of the latest high-profile ransomware attacks targeting...

Imagine waking up one day and the organizations you deal with – your bank, your workplace, the tax office, your educational institution – don’t recognize you as you. Sounds like science fiction, right? In its extreme version, it is. But versions of this story are playing out for people and organizations daily as incidences of identity theft occur more frequently around the world. In 2022, the...

During the last week of January 2021, cyber security provider TrendMicro shared a blog post highlighting an Office-365 phishing campaign that criminals have targeted executives within manufacturing, tech, real estate, government, and finance since May 2020. As part of the scam, fraudsters sent the victims fake emails with links to a phishing site, where they harvested their credentials to sell...

Discover security awareness trends and best practices for 2021 Your employees are your first line of defense against cyber security attacks. The strength of your security awareness program depends on every employee in your organization. As part of your organizational goals and plans for 2021, you need to prioritize building a cyber secure and aware culture. This requires an ongoing commitment...

Actionable security awareness tips on how employees can prevent insider threats  A misplaced USB drive with confidential data. An opportunistic employee sharing confidential information with a competitor. An employee who accidentally clicks a phishing email. These are all examples of insider threats to your organization. Insider threats unfortunately are not simply the stuff of movies and crime...

With Black Friday, Cyber Monday, Thanksgiving, and the Christmas holidays fast approaching, cyber criminals are working round the clock to create new scams, such as the shipping notification scam, to phish for private information and commit identity fraud. As many employees will be shopping online during working hours, cyber security leaders need to educate employees on phishing threats and teach...

The holiday shopping season presents a target-rich environment for cybercriminals. In fact, as per the 2020 Trustwave Global Security Report, the retail industry is the most targeted sector for cyber attacks for the third year running. An increasing shift to a digital environment—a change due in no small part to the COVID-19 pandemic—isn’t making data protection easier for retailers either. ...

How to Protect Against Ryuk Ransomware As countries worldwide struggle to come to grips with the Covid-19 pandemic, attackers have attempted to capitalize by launching a wave of ransomware attacks on hospitals across the U.S. and Canada. These attacks have taken place in locations ranging from New York, Nebraska, Ohio, Missouri, and Michigan, to Montreal, by using Ryuk ransomware. But what is...

Security awareness training for financial services and bank employees must be a top priority. While financial services institutions have long been prime targets for cybercriminals, as most attacks are financially motivated, the shift to remote work business models and operations has heightened cyber security risk levels. Recent data reinforces why financial services CISOs and security leaders need...

Since December 2019, there has been a coordinated campaign of phishing attempts targeting Office 365 users. Cyber criminals have sent spoofed email, gathering the login credentials and payment details of Microsoft accounts in over 62 countries. According to one report, despite a 42% reduction in phishing attempts in 2019, scams like this Microsoft Office 365 campaign remain a significant threat...

Less than a week ago, Twitter fell victim to a monumental security breach that saw hackers successfully orchestrate a social engineering attack and take over high-profile Twitter user accounts, including world-renowned companies like Apple and business magnates like Bill Gates and Elon Musk. The cybercriminals used that access to launch a bitcoin scam that generated over $120,000. The attack is...

Know how to identify and prevent a spoofing attack Spoofing attacks are the ultimate form of cybercriminal trickery and deception. Cybercriminals disguise themselves and rely on trust to steal confidential information, install ransomware, and commit other cybercrimes. Spoofing comes down to trust. Cybercriminals hide behind trusted people, domains, URLs, and the technical elements that make up a...

Cyber Monday is right around the corner and this means employees will be shopping online at work. To prepare for the busiest online shopping day of the year, companies need to remind employees of how to be safe online. It’s very easy for even the most cyber-aware employees to get caught up in the rush of online holiday sales and promotions. Retailers know that shoppers want deals and start their...