Blog & Resources

Over the past few months, several devastating ransomware attacks on US companies, allegedly by Russian cybercriminals, shone a light on the scale and audacity of ransomware attacks. ...

Fraudulent new account applications by cybercriminals and fraudsters have been surging for quite some time. Through identity theft or synthetic identities (combinations of fictitious and real information, such as name, SSN, and other PII to create new identities), threat actors are applying for new...

Account takeover (ATO) scams have been growing quickly since early 2020, with estimates ranging from 2x – 6x vs. prior year. ...

On Wednesday, October 21, senior US national security officials alerted that Iran and Russia obtained voter data in their efforts to interfere in the upcoming US election...

Compromised employer recruiting accounts at employment websites (e.g. Indeed,CareerBuilder, ZipRecruiter) are in very high demand in the cybercriminal underground...

In the cybercriminal underground, the term “payment card enrollment” refers to the process of registering a payment card on an online account management service offered by the issuing bank....

Carding markets – illicit e-commerce platforms that facilitate the trafficking of huge volumes of compromised payment card data - have been a staple of the ‘Digital Underground’ for many years. Carding markets have evolved over the years in various ways. A recent trend suggests another evolution tha...

During the COVID-19 pandemic, millions of Americans have filed for unemployment benefits. Seizing the opportunity, fraudsters have seemingly found success by fraudulently filing for unemployment benefits, and the Dark Web has been bustling with chatter about the most effective techniques and best s...

Hackers can infiltrate people’s home networks through their routers using an attack called DNS Hijacking. This type of attack changes the router’s DNS settings to display malicious webpages chosen by the attacker. While this type of attack is not new, it has been more widely used over the past few m...

During the ongoing COVID-19 pandemic, we have seen more and more attacks targeting users of the popular teleconferencing application Zoom. These attacks have sometimes been described as data “breaches” or “leaks” when in reality they are something else....

If firewall is a castle’s moat and exterior wall to a corporate network, loosely speaking, then a drawbridge would be the VPN into the network. A VPN can be used for restricting access to protected resources with a secure connection. But, what use is this control device if the inner workings can be ...

Mobile devices are aggressively targeted by cybercriminals during the COVID-19 pandemic with crafty smishing campaigns. In a smishing attack, the cybercriminal sends a text message containing a malicious link. If clicked by the recipient, the mobile device may be infected with malware or the recipie...

As we enter into the month of April, the global shortage of basic supplies such as toilet paper and medical supplies such as face masks and ventilators continues. Additionally, demand has surged for medications touted as possible COVID-19 cures, creating a shortage impacting those patients requiring...

During the COVID-19 pandemic, many companies, schools, and other organizations have migrated personnel and students to remote work and education. This led to a surge in usage of video conferencing tools such as Zoom. Zoom is a popular video conferencing platform that is used to conduct online meetin...

Millions of people around the world are presently working from home (teleworking) due to the outbreak of coronavirus (COVID-19). This is the "new normal". Teleworking introduces a host of operational and cultural challenges for both employers and employees. One such challenge is security....

Around the world, public health officials are analyzing the coronavirus (COVID-19) transmission in countries with earlier outbreaks in effort to model scenarios, refine preparations, and identify mismanagement and best practices in dealing with the devastating epidemic. With Italy being a hotspot, w...

For cybercriminals, vulnerability and anxiety present opportunity. As the coronavirus (COVID-19) continues to spread around the world, cybercriminals are taking advantage of the widespread fear. Over the last several weeks, we have seen an increasing wave of social engineering and phishing campaigns...

For years, cybercriminals and fraudsters have dealt with many variations of the same problem: once they have obtained access credentials of their victims to a particular online application or website (e.g., online banking), how can they be easily exploited or monetized? Security and fraud preventio...

Black Friday and Cyber Monday are not only limited to legitimate retail business. They are aggressively promoted by criminal sellers on the Dark Web seeking to grow sales and customers. Both established markets and emerging vendors on the Dark Web have been actively promoting fresh inventory and ste...

Zelle is a United States-based digital network offering an easy and quick way to send money directly between almost any US bank accounts. With just an email address or mobile phone number, a user can quickly send and receive money, regardless of where both parties bank....

In recent years, cybercriminals implanted malicious skimming code directly on e-commerce shops and online content management and payment platforms as a way of stealing payment card data at scale. These attacks focused on identifying and exploiting vulnerabilities within these e-commerce platforms. W...