Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
FBI Fraud Alert: Business E-mail Compromise (PhishLabs)
Federal law enforcement officials and the Financial Services Information Sharing and Analysis Center (FS-ISAC) have released a fraud alert to heighten awareness around the continued rise of business email compromise (BEC) attacks.
Magazine publisher loses $1.5M in cyberfraud (New York Post)
Cyberhackers believed to have originated in China scammed Bonnier Publications out of $1.5 million last month, Media Ink has learned.
Hershey Park Investigates Card Fraud Pattern (KrebsOnSecurity)
Hershey Park, a popular resort and amusement park in Hershey, Pa. has hired a security firm to investigate reports from multiple financial institutions about a possible credit card breach.
How '.bank' Improves Email Authentication Experts Explain Ancillary Benefits of the New TLD (BankInfoSecurity)
Adoption of ".bank", the financial services top-level domain, can help ensure banking websites are not easily compromised or spoofed, backers say.
Adobe Releases Emergency Patch for Flash Zero-Day Vulnerability (The Hacker News)
Adobe has rolled out an emergency software patch for its Flash Player to patch a critical zero-day vulnerability that is already exploited by the hackers in the wild.
Stolen logins for US government agencies found all over the web (Naked Security)
CIA and Google Ventures-backed private company Recorded Future says stolen government login credentials have been spotted all over the web, leading to the possible exposure of logins for 47 US government agencies spread across 89 unique domains.
Phishers Change Tack to Target Corporates (Info Security)
Cyber-criminals have rapidly adapted their phishing campaigns over the past year, abandoning social media lures in favor of a new focus on business users with communication notification templates, according to Proofpoint.
Macros big again with cybercriminals (CSO)
Up to a year ago, most phishing emails were all about tricking users into clicking on malicious links that led to malware downloads. Starting last fall, however, the use of attachments increased eight-fold, and that increase has persisted to this day, according to a new report from Proofpoint.