Attacks Target AmEx, NetFlix Users with Phishing

Infosecurity Magazine | March 20, 2019

Attacks Target AmEx, NetFlix Users with Phishing
Windows Defender Security Intel has reported two major phishing attacks targeting American Express and NetFlix. The Office 365 research teams discovered the attacks, which reportedly emerged over the weekend, hitting unsuspecting customers with well-crafted phishing campaigns that attempt to steal credit card information. According to a tweet from Windows Defender Security, “Machine learning and detonation-based protections in Office 365 ATP protect customers in both campaigns.” Additional tweets warned, "The Netflix campaign lures recipients into giving away credit card and SSN info using a 'Your account is on hold' email and a well-crafted payment form attached to the email." Phishing emails such as these are not only easy to craft but also easy to deploy. When aimed at unsuspecting users, they are highly successful. “They are designed to make us afraid that if we don’t click on that link or open that attachment something bad will happen,” said Colin Little, senior threat analyst, Centripetal Networks. Cyber-criminals continue to employ the social engineering tactics of brevity and urgency, understanding that threatening user accounts or suggesting something may be amiss will evoke action.

Spotlight

It happens all the time. You hear about it in the news. You see businesses suffer through the loss of millions. Cyber breaches are a known threat in the digital world, affecting big and small retailers alike. No one is safe from cyber crime. Much akin to the move retail has made from physical to digital organized crime has also made a shift. Over the past couple of years mass merchants have shown the world that they aren’t impervious to criminal activity online. In 2014 specifically was a year for high profile breachers, with digital giant eBay getting hacked thus effecting 145 million customers. Cyber crime is not limited to retail, in September of the same year the Apple iCloud accounts of several celebrities were accessed by hackers. With more of the world online and operating in the digital space security and privacy incidents have increased, impacting all industries globally. Cyber attacks create a ripple effect causing disruptions in supply chains, manufacturing downtime, defects in CRM and more! To learn more about 5 digital giants that were brought down by cyber attacks, check out the infographic below.

Related News

SOFTWARE SECURITY

Talon Launches First Corporate Secure Browser for the Hybrid Work Era Backed by Renowned Cyber Security Industry Leaders

Talon | October 08, 2021

Talon Cyber Security, the leader in browser-based security solutions for the distributed workforce, launched TalonWork, a first-of-its-kind browser-based endpoint solution created to address the unique threats imposed by the hybrid workforce and designed with employee experience in mind. Talon also announced investment from top cyber security global leaders: George Kurtz, CEO of CrowdStrike, John Thompson, until recently Microsoft's Chairman of the Board and former CEO of Symantec, and Mark Anderson, CEO of Alteryx and previously the President of Palo Alto Networks. "Today's work from anywhere world demands a flexible and secure working environment, and as a result, modern security must be frictionless by design," said George Kurtz, co-founder and CEO of CrowdStrike. "Talon's browser-based security solution takes a fresh approach, putting the user experience front and center while extending the security of the enterprise." Talon is working with some of the largest employers in the US to protect their evolving global hybrid workforce via its unique patent-pending technology. Talon's corporate browser can be deployed across the organization in less than an hour, empowering security leaders to make the browser their first line of defense with minimum complexity, cost and without additional hardware. With hassle-free operation, Talon allows organizations to better secure and control access to sensitive data and resources, accelerates onboarding in multiple work scenarios and enables rapid and efficient endpoint disaster recovery. "With the shift towards a hybrid workforce, more known and unknown devices are accessing the organization's most sensitive data on premise and in the cloud. Therefore, we must ensure frictionless and secure access to the data, no matter the device or the employee location. Talon provides exactly that," explained John Thompson, recent former Microsoft Chairman. "It is equally important that the next generation of cyber solutions are designed for ease of use, and optimized for a remote work environment," explained Mark Anderson, former President of Palo Alto Networks. "In this regard, Talon's solution is spot on." The workforce revolution and increasing reliance on SaaS services, accelerated by the pandemic, made the browser a main gateway to the organization. The browser is also the most vulnerable application according to CVE; and the industry has witnessed info-stealers extracting credentials stored in browsers, malicious extensions stealing corporate data and browser zero-days exploited in the wild. Earlier this month, Google issued a critical fix for 2 billion Chrome users, Chrome's 11th 'zero day' exploit reported this year. On top of it all, malicious downloads and phishing attacks, which are the means for ransomware, are most likely to occur in the browser, where the user is more susceptible to these attacks. Talon's multi-layered approach provides enterprise-grade security regardless of the endpoint: resilience against malware on the device, browser hardening against zero-day exploits and data leakage prevention mechanisms integrated in the browser. With Talon, security leaders gain full context-aware visibility into all work-related activity in the browser, gaining better control and governance across sanctioned and unsanctioned SaaS services as well as internal web applications. To enable this instant shift to distributed workforce, many organizations were forced to quickly patch security gaps using their current IT stack. Talon offers a new and first to market approach and a strategic alternative that is practical and more sustainable,We are honored to have the leaders who shaped the face of cybersecurity on board with us, sharing our vision and mission. Ofer Ben Noon, Talon's Co-founder and CEO About Talon Cyber Security Talon Cyber Security is the pioneer in cyber security solutions for the hybrid workforce. Talon's browser-centric security approach is redefining enterprise cyber security by making the browser the organization's first-line of defense and leveraging it to enable and secure the distributed workforce. Deployed in less than one-hour, Talon provides security leaders with unprecedented visibility into all employee corporate activity across locations, devices and SaaS services. Talon's technology is built with employee-experience and privacy in mind, providing a native and frictionless experience, on top of superior enterprise-grade security. Talon's founders include proven entrepreneurs and former leaders of Unit 8200, Israel's elite military technology and intelligence unit.

Read More

Check Point software collaborates with New York University to close cybersecurity workforce gap

globenewswire | August 05, 2020

Check Point Software Technologies Ltd, a leading provider of cyber security solutions globally, extends its cyber security academia cooperation with New York University (NYU) to nurture the next generation of computer engineers. For the first time, NYU is partnering with a cyber-security software company that addresses multi vector protections: cloud, network, endpoint, and mobile. Leveraging Check Point’s unmatched experience and expertise in the cyber landscape, NYU Tandon School of Engineering students will receive full visibility and understanding of the Check Point Infinity Architecture via Check Point's eLearning system. The Infinity eLearning program gives students access to the following innovative Cyber Security learning paths.

Read More

Cyber Survey shows a deficit in cybersecurity skills threatens job efficiency in the face of rising global cyber attacks

prnewswire | September 22, 2020

Cybrary, the world's largest online cybersecurity career development platform, today released the findings from the "Cybrary Skills Gap Research Survey and Report," which examines the current challenges, perceptions, and impacts of the cybersecurity skills gap faced by IT and security teams worldwide. The survey questioned respondents about the employer contributions towards their skill development, their level of personal commitment to growing their skills, and the current level of organizational support and opportunities offered for skill development.

Read More

Spotlight

It happens all the time. You hear about it in the news. You see businesses suffer through the loss of millions. Cyber breaches are a known threat in the digital world, affecting big and small retailers alike. No one is safe from cyber crime. Much akin to the move retail has made from physical to digital organized crime has also made a shift. Over the past couple of years mass merchants have shown the world that they aren’t impervious to criminal activity online. In 2014 specifically was a year for high profile breachers, with digital giant eBay getting hacked thus effecting 145 million customers. Cyber crime is not limited to retail, in September of the same year the Apple iCloud accounts of several celebrities were accessed by hackers. With more of the world online and operating in the digital space security and privacy incidents have increased, impacting all industries globally. Cyber attacks create a ripple effect causing disruptions in supply chains, manufacturing downtime, defects in CRM and more! To learn more about 5 digital giants that were brought down by cyber attacks, check out the infographic below.