Over 18 Million Covid-19 Malware and Phishing Emails Blocked by Google

Google | April 27, 2020

  • Google says it has blocked 18 million daily malware and phishing emails related to COVID-19 over the past week.

  • Majority of malware and phishing emails involve impersonation.

  • This includes implementing multi-factor authentication methods that require people to prove their identity using two or more verification methods.


Google says it has blocked 18 million daily malware and phishing emails related to COVID-19 over the past week. The search giant also says it has encountered over 240 million daily spam messages related to the novel coronavirus. On a typical day, Google blocks over 100 million phishing messages daily. According to Google, the cybercriminals use both fear and financial incentives to create urgency to prompt users to respond.

Google says that the majority of malware and phishing emails involve impersonating government organizations such as the World Health Organization. Some of the coronavirus-related malware and phishing emails solicit fraudulent donations for various causes. In contrast, malware tricks attempt to deceive users into downloading files laced with malware on their devices. Other phishing attempts claim to possess information about the government stimulus packages for individuals and small businesses. Phishing scams targeting remote workers purport to be the recipient’s employer.

“The fact that 18 million Covid-19-related emails are blocked each day just by Google is a sign of just how prolific these attacks are,” Kron says. “In these times of high stress and change.

~ Erich Kron Cybersecurity Keynote Speaker


Learn more: PHISHING KITS BECOME “BESTSELLER” IN THE UNDERGROUND MARKET: RESEARCH
 

He added that criminals are aware of the system vulnerabilities arising from employees working at home away from secure corporate networks.
 

“The best thing organizations can do right now is to ensure that their employees have up-to-date training on how to spot and report phishing emails to their organization”.

~ LaSala, Director of Security Solutions


The search giant notes that most of the malware and phishing emails are not new but are existing campaigns updated to exploit the panic and curiosity caused by the current pandemic. The company adds that its machine learning AI algorithm can block 99.9% of spam phishing and malware from reaching its users. Google is also working on other techniques, such as implementing the Domain-based Message Authentication, Reporting, and Conformance (DMARC), to prevent fraudsters from impersonating the www.who.int domain. This method will also prevent WHO messages from accidentally being filtered out as spam due to the frequency of similar fraudulent messages.

Google advises people to avoid downloading files from untrusted users. Additionally, the search giant recommends using its email preview inbuilt tool to view documents before downloading. However, some experts have been critical of Google’s response to malware and phishing emails threats. Colin Bastable, CEO of security awareness training company Lucy Security says Google allows scammers to associate Gmail accounts with phishing links while virtue-signaling its users about security.

Learn more: WORK FROM HOME: CYBER SECURITY DURING COVID-19
 

Spotlight

Content—and how brands use it to interact with buyers at all stages of the engagement journey—has fundamentally reshaped every business’ go-to-market strategy. This shift has been particularly challenging for “top-of-the-funnel” demand generation marketers, most of who are under tremendous pressure to produce results. One study found that 70% of marketers surveyed expect their demand generation budgets to increase in 2018, with one-third expecting them to increase by more than 20%.1 Of course, generating demand is the job of marketing writ large. Marketers make markets. They work to create groups of viable buyers where none existed before.


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Barracuda recognized for industry-leading email security and data protection solutions

Barracuda | August 23, 2022

Barracuda, a trusted partner and leading provider of cloud-first security solutions, announced today that it is recognized as an innovator with two prestigious awards for email protection in the 2022 SC Awards and for data protection in the 2022 CRN Annual Report Card (ARC) Awards. 2022 SC Awards Barracuda Email Protection has been recognized as the winner of the Email Protection category in the 2022 SC Awards. Now in its 25th year, the SC Awards are cybersecurity's most prestigious and competitive program. Winners are recognized for outstanding solutions, organizations, and people driving innovation and success in information security. Barracuda Email Protection is a comprehensive, easy-to-use solution that delivers API-based inbox defense, phishing protection, incident response, gateway defense, data protection, and compliance capabilities. "We're thrilled that our solutions were named the best in the Email Protection category this year. "This win recognizes the value of our solutions, including our advanced ML capabilities, which enable our customers to fully automate detection and remediation. At Barracuda, it's our mission to deliver innovative security products that are easy to by, deploy, and use, and we see this award as a sign we are delivering on that." Don MacLennan, SVP of Engineering and Product Management, Email Protection, at Barracuda The 2022 SC Awards received a record 800 entries across 38 categories — a 21% increase over 2021. Entries for the SC Awards were judged by a panel of industry leaders, from sectors including healthcare, financial services, manufacturing, consulting, and education, among others. 2022 CRN Annual Report Card Barracuda was named the overall winner in the Data Protection Software category of CRN's 2022 Annual Report Card award. This award honors the industry's top technology vendors for success in providing high levels of satisfaction for channel partners through innovative products, services, and partner programs. Barracuda not only earned the highest score overall in the category, but also swept the four subcategories: Product Innovation, Support, Partnership, Managed & Cloud Services. With 37 years of history, CRN's ARC Awards recognize best-in-class vendors that are devoted to boosting IT channel growth through innovation in technology and partner strategy. Through the ARC Awards — known as one of the most prestigious honors in the IT industry — solution providers offer key feedback that commends technology manufacturers for designing channel-friendly product offerings, developing strong partner programs, and building long-term successful relationships with solution providers. This win recognizes both Barracuda Cloud-to-Cloud Backup and Barracuda Backup. Barracuda Cloud-to-Cloud Backup provides easy-to-use, cloud-native backup for Microsoft 365 data. Barracuda Backup combines storage, software, and inline deduplication, to ensure data is protected against loss no matter what happens. "We're honored by this recognition, and it is especially meaningful because it is based on input from channel partners," said Bill Fitzgerald, VP, Channel Sales, Americas. "I'd like to express my sincere thanks to all channel partners that participated in the CRN survey." The ARC Awards are based on an invitation-only research survey conducted by The Channel Company. Responses from 3,000 solution providers across North America were evaluated in this year's survey, rating 82 vendor partners across four criteria: product innovation, support, partnership, and managed cloud services. Scores were awarded in 25 major product categories in technology areas that are critical to channel partner success. About Barracuda At Barracuda we strive to make the world a safer place. We believe every business deserves access to cloud-first, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data, and applications with innovative solutions that grow and adapt with our customers' journey. More than 200,000 organizations worldwide trust Barracuda to protect them — in ways they may not even know they are at risk — so they can focus on taking their business to the next level.

Read More

PLATFORM SECURITY

Searchlight Security Elevates Dark Web Intelligence to Board Level with New Automated Reporting

Searchlight Security | August 02, 2022

Searchlight Security, the dark web intelligence company, has introduced new automated reporting functionality into its DarkIQ dark web monitoring solution to help security analysts and MSSPs to quickly and easily communicate external threats to executives. DarkIQ is a powerful dark web monitoring solution that utilizes the most comprehensive dark web dataset on the market, and the only one that includes dark web traffic to and from the organization’s network. It takes the attributes that are most important to a business - including employee credentials, software, devices, IP addresses, network components, and company datasets - and alerts organizations to their presence in deep and dark web marketplaces, forums, and conversations, which could indicate an imminent attack. This threat intelligence is specific to the organization, removing “alert fatigue” and allowing security teams to prioritize the most urgent threats to the business. DarkIQ’s new automated reporting function builds on its existing capabilities by helping analysts to more easily communicate the dark web intelligence they discover - improving response times to possible attacks and educating the wider business on dark web threats. “Our mission is to make dark web intelligence as relevant and actionable for businesses as possible and our new reporting function is a huge part of that. Threat intelligence is only powerful if it can be understood and acted on - otherwise it is just noise. Communication is everything.” Eric Milam, EVP product at Searchlight Security DarkIQ Reporting gives enterprise security teams and MSSPs the ability to: Generate slick reports with one click - with threat intelligence data automatically pulled, inputted, and presented from the DarkIQ platform. Select the right level of detail for the audience - with an “Executive” report option for a high level summary or “Detailed” report for security personnel, which includes recommended remediative actions that should be taken based on the threat data. Add and remove reporting fields - to further customize the report to suit the audience by adding, moving, or removing components, as well as the ability for security teams to add their own analysis, context and observations. Customize design - with the ability to brand reports and change the font and color scheme, a particularly important feature for MSSPs reselling DarkIQ to their customers. Resource more effectively - with less time spent on reporting so they can spend more time protecting the business. Demonstrate Return on Investment - with the ability to show imminent threats that have been identified and prevented through dark web intelligence. Milam concluded: “In threat intelligence, the job isn’t done until the report is filed. This is a burden on security teams that we wanted to - and have been able to - alleviate, because every minute less they spend reporting is a minute more they can spend stopping the bad guys. At the same time, they have a better solution to deliver pre-attack intelligence with more clarity so the business can be more proactive in stopping imminent threats.” About Searchlight Security Searchlight Security provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.

Read More

PLATFORM SECURITY

Talon Cyber Security Selected for Exclusive Microsoft for Startups Program

Talon Cyber Security | June 30, 2022

Talon Cyber Security, provider of the first secure enterprise browser, today announced it has been selected as a partner for Microsoft for Startups, a global program dedicated to accelerating the trajectory of high-potential startups. As a program member, Talon will receive access to Microsoft technology, mentorship and business support. “Talon is proud to be working with an established leader like Microsoft as we continue to aggressively scale to meet the demand for our secure enterprise browser. “Our goal is to make security for the future of work simple by enabling secure access for managed and unmanaged devices, and the feedback we have received from the world’s largest brands has been amazing. As we continue to gain traction, it is incredible to have the support of a true industry giant like Microsoft.” Ofer Ben-Noon, co-founder and CEO, Talon Cyber Security The traditional approach of enabling secure access to modern applications is complex, expensive and puts organizations at risk. The TalonWork browser acts as the first line of defense and control point for enterprise security, while drastically reducing complexity and cost. Talon brings enterprise-grade security to the browser, delivering native features like authentication, data loss prevention, zero trust controls and more. Customers leverage TalonWork to gain visibility into and secure SaaS applications, web activity, managed devices and unmanaged devices. Built on Chromium, TalonWork consistently delivers the high-quality user experiences required to secure the future of work. “Talon’s mission to help its customers simplify security programs for distributed workforces is a great fit for the program,” said Jeff Ma, Vice President, Microsoft for Startups, Microsoft. “We look forward to helping Talon deliver their innovative solution to our joint customers.” Talon leverages Microsoft’s infrastructure to facilitate seamless, real-time collaboration among its global team that enables it to deliver exceptional service to its customers. The company’s unique approach to security has led to significant corporate momentum. Talon won the Innovation Sandbox Contest at RSA Conference 2022, a prestigious competition where 10 industry leaders battle for the title of “Most Innovative Startup” each year. About Talon Cyber Security Talon Cyber Security is modernizing security programs and improving user experiences for hybrid work by delivering the first secure enterprise browser. Built on Chromium, the TalonWork browser provides customers with the consistent user experiences, deep security visibility, and control over SaaS and web applications needed to simplify security for the future of work. Talon was named the Most Innovative Startup of 2022 at the prestigious RSA Conference Innovation Sandbox Contest.

Read More

DATA SECURITY,PLATFORM SECURITY

SCYTHE New Version 4.0 Enhances Collaboration Across Multiple Security Team Roles

SCYTHE | September 09, 2022

SCYTHE, a leader in adversarial emulation, announced the release of version 4.0 of the company’s flagship cybersecurity platform, offering new features and functionality that will extend capabilities for greater collaboration between blue, red, and purple teams. SCYTHE runs real-world adversary emulations that help security teams reduce detection and response rates, validate controls, and optimize resources by enabling teams to prioritize vulnerabilities, and focus on the highest risk issues to the business. Its scalable platform automates adversary emulations and expands your team’s threat intelligence skills so that you can multiply your cybersecurity team’s velocity and reduce cybersecurity risk. SCYTHE has the largest, public library of threats in the breach attack simulation industry and has more capabilities than all other competitors combined as shown by Tidal Cyber’s Community Edition of their SaaS threat-informed defense platform. With a redesigned UI, SCYTHE 4.0 makes threats easier to manage by bringing campaign details to the surface, allows for greater communication between team members, and makes it simpler to take action via Jira integrations—all available as an on-prem or SaaS offering. Through automation, communication, and integrations, SCYTHE 4.0 is designed to help security teams collaborate, as a purple team, on adversary emulation. “The new SCYTHE 4.0 platform sets a new standard for adversary emulation automation for offensive, defensive, and hybrid purple teams to help customers strengthen defenses, share actionable data between teams to better resolve real-world cybersecurity concerns quickly, and improve collaboration,” said Stephanie Simpson, VP, Product. “Version 4.0 is based on feedback from our customers and prospects about what they need to optimize their teams’ breach and attack simulation (BAS) capabilities.” In addition to this, SCYTHE’s Cyber Threat Intelligence (CTI) Team just released offerings that are complementary to the SCYTHE platform capabilities and services that can serve as an extension of your security team. This includes emergency action emulation plans, custom plans, cloud-focused plans, and emulation plans covering more diverse tactics, techniques and procedures. What’s New With 4.0? SCYTHE version 4.0 was designed to enhance collaboration within security teams and improve the user experience. These updates include: Collaboration features — SCYTHE enables greater collaboration between blue, red, and purple teams to create and leverage existing adversary emulation plans. The updated, user-friendly dashboard clearly displays outcomes and severity of campaign results. Users can have different access levels to create and personalize realistic attacks or re-run existing attacks. In-platform messaging now allows for better and faster communication between users. Workflow automation — Users can take a more collaborative team approach and seamlessly share actionable insights through a Jira integration. SaaS and on-prem — Previously an exclusively on-prem solution, SCYTHE 4.0 now has a SaaS offering available to provide flexibility to customers in any type of environment. SCYTHE 4.0 will be available for customers in Q4. About SCYTHE SCYTHE is like hiring the hacker you always wanted, but could never afford. SCYTHE transforms your organization’s capabilities and defines a new technology category: Attack, Detect, and Respond to integrate cybersecurity risk management across people, process, and technology. The SCYTHE 4.0 platform enables collaboration between red, blue, and purple teams to build and emulate real-world adversarial campaigns. Customers can easily and quickly validate the risk posture and exposure of their business and employees and the performance of enterprise security teams and existing security solutions.

Read More

Spotlight

Content—and how brands use it to interact with buyers at all stages of the engagement journey—has fundamentally reshaped every business’ go-to-market strategy. This shift has been particularly challenging for “top-of-the-funnel” demand generation marketers, most of who are under tremendous pressure to produce results. One study found that 70% of marketers surveyed expect their demand generation budgets to increase in 2018, with one-third expecting them to increase by more than 20%.1 Of course, generating demand is the job of marketing writ large. Marketers make markets. They work to create groups of viable buyers where none existed before.

Resources