The activist group known as Distributed Denial of Secrets (DDoSecrets) has published almost one terabyte of data originally
leaked to dark web sites by ransomware operators. In addition, they are privately making another 1.9 terabytes of stolen data available to journalists or academic researchers.
Look-alike domains remain some of the most consistent elements of cyber attacks targeting organizations. At a high-level, there are two ways to mitigate the threat of a
look-alike domain: remove the threat completely by taking it offline, or block attacks on your users by implementing IT security controls. If we dissect the construction of a look-alike domain, we see where each step in its creation represents a point where actions can be taken to mitigate the threat.
In 2020, cybercrime has seen a dramatic evolution in ransomware attacks. This threat type has adopted increasingly malevolent tactics and targeted some of the year's most vulnerable industries. Operators are linking up, franchising their attacks, extorting their victims, then expecting organizations to
believe them trustworthy. By 2021, ransomware is anticipated to cause
$20 billion in loss.
Topics: Ransomware
Cybercriminals register hundreds of thousands of look-alike domains every year to impersonate reputable organizations and make a profit. These domains are used for a variety of attacks including phishing emails, fraudulent websites, web traffic diversion, and malware delivery.
Topics: Spear Phishing Protection, business email compromise, Digital Risk Protection, Domains
The novel coronavirus has dominated 2020, and in the cyber community, threat actors have capitalized on its impact from the beginning.
In early March we saw the first of what would be an onslaught of criminal activity using the pandemic to manipulate users, and over the course of the year these attacks have been modified to reflect local and global fallout.
Topics: COVID-19
The Anti-Phishing Working Group (APWG), known for its collaborative analysis of phishing attacks and identify theft techniques, has released its Phishing Activity Trends Report for Q3 of 2020. Highlights from the report include more than two hundred thousand unique
phishing websites detected in August and September, SSL encryption for phishing sites overtaking SSL deployment for general websites, and a 10 percent increase in BEC attacks originating from free webmail accounts.
Topics: Phishing, BEC, business email compromise, https, Domains
Impersonation enables threat actors to manipulate victims into disclosing sensitive information as well as enhance their ability to commit fraud. An organization's name, logo, or messaging can be incorporated into almost any threat type, making it an easy and versatile element of a cyber attack. Impersonation is an especially difficult technique to defend against because of its diverse range of use cases, and in order to protect themselves against attacks, organizations should learn to identify its range of malicious applications.
In this article, we explore the variety of ways impersonation can be used to target a single entity. All examples originate from the same financial institution (FI).
Topics: Digital Risk Protection, DRP, Domains, Brand Abuse
By definition, a look-alike domain is a nearly identical, slightly altered domain name, registered with intent to deceive. Cybercriminals register hundreds of thousands of look-alike domains each year with the goal of impersonating legitimate businesses and making money, usually by committing fraud.
In this post, we’ll describe how domains help us communicate on the Internet, the anatomy of a look-alike domain and why we fall for them, how attackers create them, and the best place to begin when facing this common threat.
Topics: Digital Risk Protection, Domains
Today’s enterprises are experiencing an accelerated digital transformation due to the pandemic, and adoption of initiatives that would normally span years are being fast-tracked to support remote workforces and transition to new platforms. The external digital landscape is also rapidly expanding, and organizations are being required to conduct business more frequently through non-traditional channels. This digital evolution is leaving enterprises increasingly susceptible to attacks outside the network perimeter.
In order to detect and respond to today's most relevant threats, security teams are investing in operational Digital Risk Protection (DRP) capabilities.Topics: Digital Risk Protection, DRP