Cyren recently gathered opinions from the Spiceworks IT community membership about the state of email security. We received almost 80 responses and were surprised at what appears to be a general feeling that the respondents are losing the battle against email threats.
It’s tax season, and in the 21st century that means that not only are government revenue agents awaiting your data and looking to settle accounts, but that cybercriminals are hard at work with a variety of cyber scams aimed at diverting tax refunds and stealing sensitive personal information, such as social security numbers and birthdates.
We've been tracking cryptocurrency mining activity here at the Cyren Security Lab and have confirmed a massive run-up in the number of web sites hosting "cryptomining" scripts globally. Based on the monitoring of a sample of 500,000 sites, we've found a 725% increase in the number of domains running scripts on one or more pages -- knowingly or not -- in the four-month period from last September to January 2018.
A warning to individuals filing taxes in the United Kingdom: Cyren has identified a tax refund phishing email that, at first glance, appears to come from HM Revenue & Customs (HMRC), the UK’s tax, payments, and customs authority. The fraudulent email tries to trick the recipient into opening a PDF by suggesting that the victim’s tax refund information is now available for viewing. Once the email is opened, the victim is encouraged to click a link which redirects to a phishing site seeking the victim’s personal credentials. These phishing documents are detected and blocked by Cyren as PDF/Phishing1.CYO.
With tremendous money to be made in a short period of time, phishing has become commonplace within the cryptocurrency exchange world, particularly at the moment when a new currency comes along and debuts with its initial coin offering (ICO), an event not unlike an initial public offering with corporate stock. Initial coin offerings are happening with frequency as there are now over 1,200 (and counting) cryptocurrencies out there. Phishers are exploiting the ICO frenzy by first hacking into these participant email databases and then sending phishing emails to ICO participants, with instructions to deposit funds into the phisher’s cryptocurrency account.
Business email compromise (BEC) attacks have been increasing in number over the last few years, driven by their relative success rate compared to other financially motivated attacks. They appear to be quite simple – the attacker sends an email to the intended victim, usually a member of the finance team, and requests that they transfer money to an account controlled by the attacker. But why would the victim do so? Well, the attacker has actually invested a fair amount of time and effort into crafting the attack. He uses various social engineering tactics to generate a sense of urgency. He has researched the target organisation, understands the chain of command and the email will appear to have been sent from a member of the leadership team, often the CEO, hence the alternative names for this type of attack – CEO fraud or imposter emails.
