How resilient is healthcare to phishing? Healthcare is a favorite – and profitable – target for cyberattacks. If you work for a healthcare company, or if you’re a patient or subscriber, you’re familiar with all the data the industry gathers and threat actors crave: name, date of birth, Social Security number, mailing address, email address, and probably a credit card or … [Read more...] about Say “Ah!” A closer look at phishing in the healthcare industry
Features
When sharing isn’t caring: Phishing attacks are abusing file-sharing Sites
Cofense™ has predicted continued growth in phishing attacks that abuse file-sharing services, for example, Google Docs or Sharepoint. In this post, I’ll examine why and how threat actors are doubling down on this tactic. First, here’s the full prediction from Cofense threat analysts Nick Guarino and Lucas Ashbaugh: “The majority of phish seen in the wild in 2019 will … [Read more...] about When sharing isn’t caring: Phishing attacks are abusing file-sharing Sites
Here’s proof that corporate board members want stronger phishing defense
More and more, boards of directors are security decision-makers. One example: Cofense just published a case study on a company whose board lit a fire for a stronger phishing defense—and it’s paying dividends. This board took the lead in launching phishing simulations. Queensland Airports Limited (QAL) Aviation hails from my part of the world, … [Read more...] about Here’s proof that corporate board members want stronger phishing defense
Expect credential phishing to continue surging in 2019
“Hackers don’t need to break in, they only need to log in.” This was a quote mentioned at a conference I attended last December and which I repeated in an e-book Cofense™ recently published, 6 Phishing Predictions for 2019. My prediction was that hackers will continue to go full bore with credential phishing, emails that specifically ask for username and … [Read more...] about Expect credential phishing to continue surging in 2019
Catching the elusive big phish
By Todd R. Weiss First of two parts It starts out innocuously enough when an important-looking email comes in to a company employee. The sender’s email address is that of the company’s CEO, claiming that a payment needs to be made to a client or vendor immediately. The email, which contains some sense of urgency, tells the employee to wire transfer an amount of money, perhaps … [Read more...] about Catching the elusive big phish