Ian Hawes wants you to have dinner with Donald Trump. He is a 25-year old, self-proclaimed entrepreneur, and “registered genius." Ian’s story broke Monday morning on Politico and it is a cautionary tale for anyone who values their online reputation.
This morning the headlines shouted out about another Business
Email Compromise (BEC) attack. It seems that an employee of the professional basketball team, the Milwaukee Bucks, received a seemingly legitimate email message from a spoofed email address. The email requested W2 records for the teams players and staff, and the targeted employee fell for the scam and released the information.
The fallout was immediate and intense.
“The communication received on this major security breach is unacceptable,” an agent for a Bucks player told The Vertical. “The players need to know the exact measures being taken by the Bucks and the FBI to ensure each and every player’s identity and financial information will not be compromised. There needs to be accountability for such a mistake, details on the steps taken to rectify it and a process put in place to make sure this never happens again.”
New Features Enhance Proactive Defenses Against Modern Cyber Exploits, Including Socially Engineered Spear Phishing, Ransomware and other BEC Attacks
TORONTO – April 27, 2016 – BrandProtect™ has significantly extended its industry leading threatSMART™ platform for cyber threat monitoring, intelligence, and mitigation with key features designed to speed analysis and enhance proactive defenses against modern cyber exploits, including socially engineered spear phishing, ransomware, and other business email compromise (BEC) attacks. New platform enhancements include MX-Record Monitoring, Advanced Incident Correlation, the BrandProtect ThreatCenter™, and new direct connections of threatSMART data feeds to popular enterprise threat analytics platforms Splunk and HP ArcSight.
“Enterprise-targeted cyberattacks are evolving rapidly. Socially engineered phishing, BEC and other focused, and unfortunately, effective schemes dominate the concerns of enterprise CISOs everywhere,” said Roberto Drassinower, BrandProtect CEO. “Today we announce the latest of our continuous enhancements to our threatSMART platform, again directly addressing the most important pain points that CISOs now face. We are filling the gaps for threat detection, intelligence, and mitigation of cyber threats that arise beyond the traditional security perimeter.”
Over the past 18 months there has been a phenomenal increase in the frequency of socially targeted email attacks.
The FBI recently reported that global losses related to these Business Email Compromise (BEC) scams experienced a 270% increase from January to August 2015. These kinds of attacks do real damage, including the compromise of internal networks, the inappropriate disclosure of company IP or PII, the incorrect transfer of funds from the company treasury, to name a few of the most common outcomes. Hundreds of millions of dollars have been stolen through these schemes, directly affecting corporate bottom lines.
In these sophisticated attacks, employees, and/or business partners are targeted
As part of the BrandProtect 2016 Elections Project, we’ve been looking at The Donald’s use of Twitter.
Or, more accurately, we’ve been looking at how others have been using Donald Trump's identity to promote their twitter activity. There are lots of them.....
That sound you hear is a bunch of the staffers at jeb2016.com (the official Jeb Bush website) trying to make it seem like they are on top of their web presence. Or is that the Trump team, laughing? We can't be sure.
The Washington Post reported yesterday that people who type "jebbush.com" into a browser found themselves redirected to Donald Trump's official site, donaldjtrump.com. You read that right -- one of the leading candidates for the Republican nomination for President of the United States has found himself on the wrong side of one of the most basic domain abuse issues. Someone else has registered a similar domain and is using it to confuse the public. Try it: jebbush.com (It's fun!)
Yes, it's funny for a moment. But in reality it is very scary. In fact, it is potentially devastating.
The massive breach at Anthem earlier this year originated from spear phishing emails that were sent from domains that impersonated Anthem. The employees who recieved the emails did not notice that the emails originated from a rogue address. They unwittingly opened attachments or clicked on links that gave the attackers inside access to Anthem networks.
When others appropriate your web presence by registering or appropriating a similar or easily mistaken domain, they put themselves in a position to confuse your message, siphon revenues or worse.
How big a problem can it be?...
Topics: Brand Protection, data breach, scam, brand abuse, Domain Management, cybersquatting, Phishing, gTLD, brandprotect, infographic, cyber threats, online risk, brandjacking, Health Care, OSINT, Jeb Bush, Legal, Spear Phishing, CISO, CSO, InfoSec, Donald Trump, 2016 Elections, Anthem, CMO
To say that the expansion of the ICANN’s New Generic Top Level Domains is a great concern for trademark owners is an understatement. The impact on an organization’s bottom line will certainly be affected, particularly in the area of trademark protection. In a recent AFP news article, Francis Gurry, head of the World Intellectual Property Organization, explained that he believes this expansion will have a great impact on businesses as it is an “opportunity for misuse of trademarks”. What people may not know and what he points out is that registering a domain name is quick, relatively inexpensive and does not require an approval process to ensure the registration does not conflict with the rights of a trademark holder. Due to these very real concerns it is not surprising that there are a lot of discussions and debates around the New gTLDs, but what about the original 22 gTLDs like .com, .net and .info? Do businesses and their customers still need to be concerned about them? The answer in short is, yes. Below is a list of issues that should still be on your radar.
Too good to be true usually is! I know that many people will spend part of this gorgeous weekend at their computers, browsing domain registrar sites. Their objective is to find, purchase and monetize a high profile domain name that has become available on the Domain Name Aftermarket. These prospective registrants believe they can generate a lucrative revenue source for themselves by making a very small investment. It sounds so easy on the registrar sites!