The average ransomware payout has increased by 178% over the past year, according to researchers at Atlas VPN. In Q4 2019, the payments averaged $84,000. By Q3 2020, the average payment had risen to $234,000. These numbers have steadily increased each quarter.“From Q4 2019 to Q1 2020, the average payment demand rose by over $27 […]
Zoom Impersonation a New Variant of Familiar Phishbait
Zoom-themed phishing attacks have spiked since the start of the pandemic, the Better Business Bureau (BBB) warns. Attackers adapted quickly earlier this year when a large portion of workers began operating remotely, and the phishers tailored their lures to exploit organizations’ dependence on video-conferencing platforms.“Out of the blue, you receive an email, text, or social […]
2021 Prediction: Expect Ransomware Attacks Will Increase in Frequency and Variety
A new forward-looking report from security vendor FireEye Mandiant predicts the greatest single cyber threat today is only going to become a greater menace next year.With 2020 being a dumpster fire of a year, we’re all looking for some good news to shed some light at the end of this tunnel we’re living in. But […]
How Many Phishing Sites? Over 2 Million in 2020 (so far)
Google has flagged 2.02 million phishing sites since the beginning of the year, averaging forty-six thousand sites per week, according to researchers at Atlas VPN. The researchers note that the number of phishing sites peaked at the start of the year, which correlates with the start of the pandemic.“Data also reveals that in the first […]
WARNING: Americans’ Password Habits are Horrible, Putting Organizations at Risk
New data shows the average American uses short, uncomplicated, and often predictable passwords, practices which only increase the insecurity of corporate user accounts.Today, the password is a primary means of authenticating whether you are the owner of a given account or not. So, it stands to reason that passwords need to be secure. But new […]
New Ransomware, OldGremlin, Coming Soon to an Organization Near You!
Pay attention to this one. Despite only targeting Russian companies, the use of custom self-made malware and decidedly creative phishing campaigns makes them a potential danger.OldGremlin first showed in in late March of this year. Singapore-based GroupIB took note and has been tracking them continually.What makes this new kid on the block so interesting is […]
The Risk of Redirector Domains in Phishing Attacks
Researchers at GreatHorn warn that a large-scale phishing campaign is using open redirects to evade email security filters. Open redirects allow attackers to take a URL from a non-malicious website and tack on a redirect, so that when the link is clicked it will take the user to a phishing page. This results in a […]
Threat Actors Take Advantage of Exchange Online and Outlook on the Web with New Levels of Sophistication
New insight from Accenture Security highlights specific ways attackers are changing their tactics to make Microsoft’s email platform a tool rather than an obstacle for phishing attacks.We all tend to think of our email platform as something that helps create a more secure environment four our networks. But new disturbing information found in Accenture’s 2020 […]
The Geography of Business Email Compromise
Researchers at Agari have released a report on the global distribution of business email compromise (BEC) actors, and determined that 25% of these criminals are operating from within the United States. This makes the US the second-largest hub for BEC actors in the world. Criminals in Nigeria still account for the vast majority of BEC […]
![[Heads up] Paying Ransomware Criminals Might Land You A Steep Federal Fine](https://i0.wp.com/www.optricsinsider.com/wp-content/uploads/2020/10/euro-banknotes-3125605_1920.jpg?fit=600%2C337&ssl=1)
[Heads up] Paying Ransomware Criminals Might Land You A Steep Federal Fine
The US Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned multiple ransomware criminals over the last few years, most notably the Russian cybercrime syndicate aptly named Evil Corp. However, not only Eastern European hackers were sanctioned, various North Korean and Iranian actors are also on the list.Oct 1st, 2020 OFAC made it clear […]