Cyren Security Blog

How Do You Know Your Email Security Is Working?

by Duncan Mills

When was the last time you assessed the effectiveness of your email security infrastructure? Email is the main vehicle for introducing malware into an organization, so it is imperative that you do so — but it is difficult, so lots of people don’t. Here at Cyren we know how eye-opening such an evaluation can be, because during September and October, an average 10.5% of email reaching users protected by a number of email security products was spam or contained a threat. 

Fake Invoice Carries “Rescoms” Malware

by Maharlito Aquino and Kervin Alintanahin

Emails containing malicious attachments equipped with keyloggers and screen capture capabilities are targeting businesses worldwide, with noted attacks in Asia, Russia, and the Middle East. The campaign is designed to look like it comes from real affiliates and employees working for a well-known pharmaceutical distributor in order to make the emails more convincing and lure the recipients into opening the attached document.

Stealing Tax Refunds Soaring Worldwide

by Maharlito Aquino and Kervin Alintanahin

There appear to be only two things that are certain in life: death and cybercriminals trying to steal your tax refund.

As governments have moved tax systems online to facilitate life for the taxpayer, refund scams using phishing and social engineering to obtain personal financial information have become epidemic, with criminals diverting any tax refund due or even gaining access to personal bank accounts to steal funds directly. This week's case study is from Malaysia.

Locky Revived – A Roundup of New Variants

by Magni Reynir Sigurðsson

Locky, the ransomware which dominated 2016 and then disappeared for the first half of 2017, has been completely rescuscitated during the past three months with a series of new variants, and demanding three times the ransom rate. A possible reason for its disappearance and reemergence was explored in a recent SecurityWeek blog by Cyren's VP of Threat Research, Siggi Stefnisson.

Bad Rabbit Ransomware is Rebuilt NotPetya

by Magni Reynir Sigurðsson

The current "Bad Rabbit" ransomware outbreak has been generating quite a bit of news, with some conflicting accounts of its origin. Clarifying here that Bad Rabbit is a variant of the “NotPetya” ransomware, which we covered in a blog earlier this year.

Bank Phishing Scam Is Using Shortened Links

by Lordian Mosuela

Earlier this month, we witnessed a phishing attack on bank customers in Malaysia which combines some common social engineering techniques (scare tactics) with some newer technical misdirection techniques (URL shortening), and decided to provide a detailed blow-by-blow for you below on how this particular phishing campaign works.