In this series of blog posts we examine the most common forms of phishing attacks and appropriate countermeasures to protect both individuals and organizations – in this post we explore hacktivism and the growing range of victims.

Politically Motivated & Hacktivism

The threat of cyber criminals pursuing a political agenda and seeking to disrupt critical infrastructures has been well documented. However, hacktivists are now increasingly relying on high volumes of email communication to provide a new window of opportunity for attack. 

In a recent blog, where we covered why government bodies are prime targets for phishing, we asked whether you’d be able to recognize a spoofed email from a federal agency.

With cyber warfare increasingly dominating headlines, the digital security measures of governments have come under growing scrutiny. The US government is one that constantly makes the news for being a prime target for cybercriminals and other nation-states.

What would you do if you received a confidential email from your CEO asking you to wire money to an attorney as part of an acquisition? This is what happened to Texas manufacturing firm, Ameriforge Group Inc., whose director of accounting wired $480,000 to the Agricultural Bank of China, before realizing that it was an email scam. Unfortunately, these kinds of highly targeted phishing scams, known as Business Email Compromise (BEC), are becoming more and more common.

Steve Katz - “Phishing and social engineering is still a global threat to every business around today.”

Last year, phishing attacks cost organizations $4.5 billion in losses, but as we all know the loss is not only monetary. These attacks exploit the trust we as customers have in the brands we use.

 At Agari, we are vocal about the steps organizations can take to protect their brands and customers from the impact of phishing attacks. But what exactly are the hard numbers behind our mission?

Let’s look at some phishing statistics showing a clear need for change when it comes to mitigating the phishing problem.

A rising threat

[et_pb_section admin_label="section"][et_pb_row admin_label="row"][et_pb_column type="4_4"][et_pb_text admin_label="Text" background_layout="light" text_orientation="left" use_border_color="off" border_color="#ffffff" border_style="solid"]

In the second in our series of blogs on the Fundamentals of Phishing we will explore how to identify fraudulent emails.

Not that long ago, phishing attempts were quite primitive and often full of errors, and it was easier for consumers to identify when something was amiss. In addition, consumers weren’t accessing their inboxes from multiple devices and mobiles, nor did they expect to receive highly personalized emails detailing their transaction history with a company.

Threat intelligence exchange will benefit Agari and RiskIQ customers through heightened security awareness and the ability to respond to discovered threats

By Danielle DeWereWolf

One dark and stormy night, Shawn was working late on his computer. Usually he would be in bed by now, but the loud clap of lightning and roar of the wind made sleep impossible. Instead, Shawn thought he would catch up on some email. He walked over to the kitchen and set the kettle on the stove to boil. Sitting back down at the dining room table he opened up his email.

Junk, junk, junk … Oh! A coupon for a smoothie … Junk, junk, junk … Shawn’s eyes got heavier with every scroll of his mouse.