Just type your contacts
Just type your contacts
You accept the privacy policy by submitting the form.
Just type your contacts
You accept the privacy policy by submitting the form.
Social engineering news review
1
Hershey Company Suffers Data Breach Following Phishing Attack
According to The Register, America's largest multinational confectionery company, The Hershey Company, had the data of 2,214 individuals stolen following a phishing attack in early September.
Attackers were able to access full names, dates of birth, addresses and contact information, medical records, health insurance information, driver's licence numbers and digital signatures, as well as credit card numbers with security codes and victims' online financial account credentials.
Hershey said it has strengthened its data security measures and taken additional steps to prevent similar incidents in the future.
Statistics show that up to 90% of all ransomware attacks are carried out through email phishing.
On average, companies spend around $200,000 and three weeks recovering from such attacks. Victims often lose their jobs. In 23% of organisations affected by phishing attacks, victims resign or leave voluntarily. (Egress, WP-Stack, 2023).
It is very important to educate and train your employees in information security.
Attackers were able to access full names, dates of birth, addresses and contact information, medical records, health insurance information, driver's licence numbers and digital signatures, as well as credit card numbers with security codes and victims' online financial account credentials.
Hershey said it has strengthened its data security measures and taken additional steps to prevent similar incidents in the future.
Statistics show that up to 90% of all ransomware attacks are carried out through email phishing.
On average, companies spend around $200,000 and three weeks recovering from such attacks. Victims often lose their jobs. In 23% of organisations affected by phishing attacks, victims resign or leave voluntarily. (Egress, WP-Stack, 2023).
It is very important to educate and train your employees in information security.
2
BEC attacks increase in third quarter of 2023
Business email compromise (BEC) attacks increased in the third quarter of 2023, according to the Huntress threat report - more than half of all attacks were malware-free, meaning hackers used legitimate tools instead of malware.
???? The report found that 64 percent of identity-related incidents in Q3 2023 involved malicious forwarding or other malicious rules in incoming messages, a key BEC indicator.
Training that includes social engineering exercises and phishing simulations will help employees recognise and respond to subtle signs of fraud, however convincing they may appear.
This is how we raise employee awareness.
Email us if you would like to raise awareness in your organisation.
???? The report found that 64 percent of identity-related incidents in Q3 2023 involved malicious forwarding or other malicious rules in incoming messages, a key BEC indicator.
Training that includes social engineering exercises and phishing simulations will help employees recognise and respond to subtle signs of fraud, however convincing they may appear.
This is how we raise employee awareness.
Email us if you would like to raise awareness in your organisation.
3
Protect Your Business and Employees This Black Friday and Cyber Monday
Black Friday and Cyber Monday are the two biggest shopping days of the year for bargain hunters. They promise us huge discounts and promotions, but in addition to the delightful chaos in online stores, these days have become a veritable goldmine for cybercriminals.
Last year, consumer spending on Black Friday reached $9.12 billion and on Cyber Monday $11.3 billion, according to Adobe Analytics. And this year, sales are only expected to increase. But the sheer number of purchases and transactions also attracts the attention of cybercriminals.
Experts point out that these days, cybercriminals find it much easier to hide behind the heavy advertising campaigns of real brands. Their scams are usually disguised as attractive promotions and special offers.
One of the most common methods of attack is phishing. Phishing emails, texts or phone calls can be sent to customers disguised as promotional messages about fancy sales. The goal of these attacks is to infect the device with malware or steal personal and financial information.
And while fraudsters are primarily targeting consumers, it would be unwise for businesses to let their guard down.
"Criminals are most likely to target employees with shopping scams and use them as a way to infiltrate corporate networks, so it's important for organisations to educate their employees about hacking techniques in the run-up to Black Friday and Cyber Monday."
Educate your employees! We've created simple and straightforward cybersecurity courses just for you.
Last year, consumer spending on Black Friday reached $9.12 billion and on Cyber Monday $11.3 billion, according to Adobe Analytics. And this year, sales are only expected to increase. But the sheer number of purchases and transactions also attracts the attention of cybercriminals.
Experts point out that these days, cybercriminals find it much easier to hide behind the heavy advertising campaigns of real brands. Their scams are usually disguised as attractive promotions and special offers.
One of the most common methods of attack is phishing. Phishing emails, texts or phone calls can be sent to customers disguised as promotional messages about fancy sales. The goal of these attacks is to infect the device with malware or steal personal and financial information.
And while fraudsters are primarily targeting consumers, it would be unwise for businesses to let their guard down.
"Criminals are most likely to target employees with shopping scams and use them as a way to infiltrate corporate networks, so it's important for organisations to educate their employees about hacking techniques in the run-up to Black Friday and Cyber Monday."
Educate your employees! We've created simple and straightforward cybersecurity courses just for you.