BEC Scams Affect Every Industry, Even the NBA. But CISOs are Not Helpless

Posted by Greg Mancusi-Ungaro

Fri, May 20, 2016

This morning the headlines shouted out about another Business
Email Compromise (BEC) attack
. It seems that an employee of the professional basketball team, the Milwaukee Bucks, received a seemingly legitimate email message from a spoofed email address.  The email requested W2 records for the teams players and staff, and the targeted employee fell for the scam and released the information. 

The fallout was immediate and intense. 

“The communication received on this major security breach is unacceptable,” an agent for a Bucks player told The Vertical. “The players need to know the exact measures being taken by the Bucks and the FBI to ensure each and every player’s identity and financial information will not be compromised. There needs to be accountability for such a mistake, details on the steps taken to rectify it and a process put in place to make sure this never happens again.”

Read More

Topics: cybersquatting, Phishing, cybercrime, Spear Phishing, BEC Attacks

APWG - the Anti Phishing Working Group - is coming to Toronto

Posted by Greg Mancusi-Ungaro

Wed, May 18, 2016

In just two week's time, June 1-3, 2016, BrandProtect and Toronto will play host to one of the most influential cross-industry consortiums in the security industry, the Anti Phishing Working Group

With phishing and especially spear phishing/socially-engineered phishing effectively targeting enterprises with devastating ransomware, malware, or BEC attacks, the role of the Anti-Phishing Working Group (APWG)  has never been more important. The latest data on trends, attack specifics, and defensive strategies to fight phishing and social engineered phishing will be shared at the annual gathering of APWG, this year themed: eCrime2016.

BrandProtect is proud to be a key partner and local host for this event.

Read More

Topics: Identity Theft, Phishing, Spear Phishing, MX Records

BrandProtect Announces Major Updates to threatSMART Platform

Posted by Greg Mancusi-Ungaro

Thu, Apr 28, 2016

New Features Enhance Proactive Defenses Against Modern Cyber Exploits, Including Socially Engineered Spear Phishing, Ransomware and other BEC Attacks

TORONTO – April 27, 2016BrandProtect has significantly extended its industry leading threatSMART™ platform for cyber threat monitoring, intelligence, and mitigation with key features designed to speed analysis and enhance proactive defenses against modern cyber exploits, including socially engineered spear phishing, ransomware, and other business email compromise (BEC) attacks. New platform enhancements include MX-Record Monitoring, Advanced Incident Correlation, the BrandProtect ThreatCenter™, and new direct connections of threatSMART data feeds to popular enterprise threat analytics platforms Splunk and HP ArcSight.

“Enterprise-targeted cyberattacks are evolving rapidly. Socially engineered phishing, BEC and other focused, and unfortunately, effective schemes dominate the concerns of enterprise CISOs everywhere,” said Roberto Drassinower, BrandProtect CEO. “Today we announce the latest of our continuous enhancements to our threatSMART platform, again directly addressing the most important pain points that CISOs now face. We are filling the gaps for threat detection, intelligence, and mitigation of cyber threats that arise beyond the traditional security perimeter.”

Read More

Topics: Domain Management, cybersquatting, Phishing, cyber threats, Spear Phishing, CSO, threatSMART, ThreatCenter, MX Records, Splunk, ArcSight

threatSMART Platform Now Connects to HP ArcSight and Splunk

Posted by Greg Mancusi-Ungaro

Sat, Apr 23, 2016

 

BrandProtect has completed testing on new connections between its threatSMART threat detection, intelligence, and mitigation platform, and Splunk and HP ArcSight, popular enterprise security operations center applications. These connections are now officially released and usable by BrandProtect customers who wish to take advantage of these new data transfer options.  The initial release of HP ArcSight and Splunk support focuses on phishing data. 

Read More

Topics: analytics, threatSMART, Threat Intelligence, Splunk, SOC, ArcSight

BrandProtect ThreatCast: Cast Your Nets to Catch Next Generation Phishers

Posted by Greg Mancusi-Ungaro

Tue, Apr 12, 2016

Webcast Replay:

The Latest on Attack Trends, Threat Evolution 
and Defensive Strategies for Top Cyber Threats

At the 2015 Black Hat conference, leading CISOs, asked about their top ten security pain points, ranked sophisticated cyber-attacks, phishing, and spear phishing far ahead of all other cyber risks. Even after 20+ years, phishing and related attacks are still the number one concern. And no industry is immune to phishing, spear phishing, and BEC attacks.

Phish in the wild threaten customers
• Specifically targeted phish attack executives, employees and partners
• Sophisticated spear phish can directly threaten institutional business processes.

In this one hour webcast, targeted specifically to CISOs and Security Operations leaders at financial institutions, insurance companies, health care providers, and other firms that are threatened by phishing, spear phishing and BEC attacks,

Read More

Topics: Phishing, cyber threats, Spear Phishing, CISO, BEC Attacks

Marilee Philen, Senior Cyber Threat Analyst, To Speak At Atlanta Cyber Security Summit

Posted by Greg Mancusi-Ungaro

Thu, Mar 31, 2016

Marilee Philen, senior cyber threat analyst at BrandProtect, will be speaking at next week's Atlanta Cyber Security Summit .  She will join U.S. Assistant Attorney General, the Honorable John P. Carlin along with experts from the FBI, US Secret Service and other cyber security leaders in an all day exploration of emerging cyber threats related to new risks presented by Internet of Things, the vulnerabilities of big data and cloud computing deployments. The day will close with a discussion of the state of cyber threats and the strategies to combat them.

Philen is uniquely qualified to join in this discussion, she is an ex-USAF Intelligence Analyst, with a 20+ year career in intelligence collection, analysis, and reporting.

She has served with the U.S. Air Forces-Europe, U.S. Air Force Special Operations Command, and the U.S. Strategic Command Center (USSTRATCOM).

Read More

Topics: cybercrime, Internet Threats, cyber threats, OSINT, CISO, InfoSec, Internet of Things, Threat Intelligence

BrandProtect Anti Phishing Adds MX Record Monitoring.
CISOs: Why This Matters To You.

Posted by Greg Mancusi-Ungaro

Thu, Mar 24, 2016

Over the past 18 months there has been a phenomenal increase in the frequency of socially targeted email attacks. 

The FBI recently reported that global losses related to these Business Email Compromise (BEC) scams experienced a 270% increase from January to August 2015. These kinds of attacks do real damage, including the compromise of internal networks, the inappropriate disclosure of company IP or PII, the incorrect transfer of funds from the company treasury, to name a few of the most common outcomes. Hundreds of millions of dollars have been stolen through these schemes, directly affecting corporate bottom lines.

In these sophisticated attacks, employees, and/or business partners are targeted

Read More

Topics: Identity Theft, Domain Management, cybersquatting, Phishing, cyber threats, online risk, Spear Phishing, CISO, CSO, FFIEC

Latest Political Cyber Fraud: Warren Endorses Sanders??!  No... It's Fake. (She Remains Neutral)

Posted by Greg Mancusi-Ungaro

Sat, Mar 05, 2016

2016 Elections Project Update:  On Monday, just before the Super Tuesday Democratic Primaries, this "NY Times" article made the rounds on social media:

It wasn't legitimate.  And it wasn't a parody.  It was a fraud, pure and simple. 

News of this fake article exploded on Monday, sending the NY Times and many other news organizations scrambling to disavow the article and have it removed from the web. Within a few hours, it was gone. But the damage may have already been done - the article was shared over 50K times, including 15K Facebook shares.  It was probably viewed by hundreds of thousands of people across all kinds of social channels.  Enough to swing an election? Possibly!   

Read More

Topics: scam, brand abuse, Reputation Management, Social Media Monitoring, cyber threats, impersonation, CISO, threatSMART, 2016 Elections

Webcast Replay

Cast Your Net To Catch Next Generation Phishers

The Latest on Attack Trends, Threat Evolution and Defensive Strategies for Top Cyber Threats

Watch the Webinar

 

 

Subscribe to receive a weekly summary of our latest posts

Posts by Topic

see all