Threat Brief: Your Child Could Be The Next Victim of Identity Theft

Posted by Alexa Villanueva on Tue, May 01, 2018
In 2017, over one million children’s records were stolen, study shows

Child identity theft is a crime that occurs when a person uses the information of a minor in order to commit fraud. There’s a number of reasons why children’s information is attractive for thieves. Mostly because a children’s credit report is clean, which allows thieves to use it for financial purposes and the crime can go unnoticed over a long period of time until it’s too late.

Read More

Topics: Identity Theft, identity theft prevention, threat brief, child identity theft

How to Be Prepared for the Oldest Trick in the Book....

Posted by Greg Mancusi-Ungaro on Wed, Jul 27, 2016



Regardless of their politics, the recent news of the DNC server hack, allegedly by Russian-government-backed hackers, should have security teams pulling their hair out.  Why?  Because the first phase of the attack used one of the oldest tricks in the book -- a phishing email attack, leveraging a copycat domain. 

"For example, the first group, APT 28, often uses the same tactic: registering a domain whose name is similar to that of its target, to trick users into disclosing their passwords when logging into the wrong site. In this case, hackers set up — switching two letters — to target users of MIS Department, which manages networks for the Democratic committee."  NY TImes, July 27, 2016

It should be no surprise to learn that almost every devastating cyber breach, from Target to the DNC, starts with the same exploit:

Read More

Topics: Identity Theft, data breach, hackers, Domain Management, Phishing, cybercrime, Spear Phishing, 2016 Elections, MX Records

APWG - the Anti Phishing Working Group - is coming to Toronto

Posted by Greg Mancusi-Ungaro on Wed, May 18, 2016

In just two week's time, June 1-3, 2016, BrandProtect and Toronto will play host to one of the most influential cross-industry consortiums in the security industry, the Anti Phishing Working Group

With phishing and especially spear phishing/socially-engineered phishing effectively targeting enterprises with devastating ransomware, malware, or BEC attacks, the role of the Anti-Phishing Working Group (APWG)  has never been more important. The latest data on trends, attack specifics, and defensive strategies to fight phishing and social engineered phishing will be shared at the annual gathering of APWG, this year themed: eCrime2016.

BrandProtect is proud to be a key partner and local host for this event.

Read More

Topics: Identity Theft, Phishing, Spear Phishing, MX Records

BrandProtect Anti Phishing Adds MX Record Monitoring.
CISOs: Why This Matters To You.

Posted by Greg Mancusi-Ungaro on Thu, Mar 24, 2016

Over the past 18 months there has been a phenomenal increase in the frequency of socially targeted email attacks. 

The FBI recently reported that global losses related to these Business Email Compromise (BEC) scams experienced a 270% increase from January to August 2015. These kinds of attacks do real damage, including the compromise of internal networks, the inappropriate disclosure of company IP or PII, the incorrect transfer of funds from the company treasury, to name a few of the most common outcomes. Hundreds of millions of dollars have been stolen through these schemes, directly affecting corporate bottom lines.

In these sophisticated attacks, employees, and/or business partners are targeted

Read More

Topics: Identity Theft, Domain Management, cybersquatting, Phishing, cyber threats, online risk, Spear Phishing, CISO, CSO, FFIEC

191 Million Voter Records Have Been Exposed. What Does it Mean To You?

Posted by Greg Mancusi-Ungaro on Fri, Jan 08, 2016


Over the past weeks there has been a lot of reporting, including these great pieces by Steve Ragan at and Mathew J. Schwartz at about a December 20, 2015 discovery that a database containing 191 Million voter records had been exposed online. As part of the BrandProtect 2016 Elections Project, we dug into the situation, and what it means to you.

Because of the nature of the exposure – effectively a database containing the records was left unlocked and unprotected – there is no way to know who might has downloaded the information.

Make no mistake, this is a big number. And it is an important number.  Consider this: the US Census Bureau estimated that there were approximately142 Million registered voters in 2014. This means that the recent exposure of 191 million voting records is not just a large data breach.  It’s a national issue -- effectively every registered voter in America has had their PII exposed... Wow...

Read More

Topics: Identity Theft, data breach, Social Media Monitoring, cybercrime, social media, online risk, PII, Spear Phishing, Voting Records, 2016 Elections

Healthcare Markets Are Under Threat

Posted by Greg Mancusi-Ungaro on Tue, Apr 21, 2015

Recently, on Dark Reading, Sara Peters and Ericka Chickowski wrote a great piece that ran about PII-centric attacks and threats in the healthcare market.

As the Health Care marketplace moves online, opportunistic criminals are retraining their attacks to focus on Health Care consumers.

Over the past decade, there has been enormous pressure on the healthcare industry to move health records online.  Today, according to studies recently published by the U.S. Department of Health & Human Services, almost 90 percent of all doctors and almost 75 percent of all hospitals have deployed at least a basic electronic health record system. And, these adoption rates have soared over the past five years. Insurance reimbursements have been managed online for years, and healthcare enrollments through employers are increasingly managed through a Web browser. The rollout of the Affordable Care Act, with its online purchase model, further accelerated the migration of healthcare to a predominantly online model.

Read More

Topics: Identity Theft, Security, Brand Governance, Internet Threats, Chief Security Officer, PII, CIO,, Health Care

Deflecting the Social Engineer: CSO Guidance from BrandProtect

Posted by Ben Bradley on Fri, Sep 20, 2013

The grifter, conman and the thief makes a great story and an even better film. But in today’s reality, what once was the debonair Paul Newman in the Sting, has become a social engineer.

Read More

Topics: Identity Theft, Brand Protection, Security, data breach, scam, risk management, Privacy Protect, defamatory

Phishing Attacks: The Truth about Average Takedown Times

Posted by Minal Pithia on Tue, Sep 18, 2012

As an Incident Response Analyst, I am often asked the question “what is your average takedown time for phishing sites?” Here’s the truth, there is no “average” takedown time.  The lifetime of phishing sites vary greatly, each phishing attack has different characteristics, sources and potential impact. With that said, the concept of “average” takedown time can be very misleading.

Average takedown time depends on the type of phishing attack and the origin of the phishing attack.

Read More

Topics: Identity Theft, Phishing, cybercrime

Recent Posts

Posts by Topic

see all