According to the FBI, Business Email Compromise (BEC) and Email Account Compromise (EAC) have caused $12 billion in losses since October 2013.1 These scams target businesses and individuals performing wire transfer payments, using social engineering and intrusion techniques to gain access to business email accounts. With financially-sensitive information constantly owing through company emails, these inboxes are lucrative targets for attackers. In this research, Digital Shadows outlines the declining barriers to entry for this type of fraud. Check out our key findings.
Error - something went wrong!
Episode 55: Tackling Phishing
Simon Hall and Richard Gold join Rafael Amado to wade in on the topic of phishing. By looking at details re...
Error - something went wrong!
Other content in this Stream
How to Secure Your Online Brand
What is online brand security? As we outlined in our Practical Guide to Reducing Digital Risk, the integrity of brand ...
Typosquatting and the 2020 U.S. Presidential election: Cyberspace as the new political battleground
we detected over 550 typosquats for the 34 candidate- and election-related domains we gathered from open-source research. Not every single one was something interesting; most of the time the typosquat
Detecting Spoof Domains - Domain Infringement | Case Study
See how one global retailer detected almost 2,000 domains impersonating their brand.
Best Practices Protecting Your Brand Online - Webinar Recording
Learn how to combat Online counterfeiting, Trademark infringement, Fake social media sites, Fraudulent websites, and Fake mobile apps. Check out this recorded webinar for more.
Detecting Fake Social Media Profiles | Case Study
See how a bank removed a spoof social media profiles targeting customers.
Typosquatting and the 2020 U.S. Presidential election
Photon Research Team thought it would be interesting to use this pool of candidates as a backdrop for research into typosquatted domains
Dark Web Typosquatting: Scammers v. Tor
Time and time again, we see how the cybercriminal ecosystem often mirrors what happens in the business world. This can ...
Online Brand Security Overview
Cybercriminals impersonate your brand by registering spoof domains, social media accounts, and mobile applications. SearchLight enables you to detect Domain Impersonation, Malicious Mobile Apps...
Weekly Intelligence Summary 24 Oct - 31 Oct 2019
In the spotlight this week: A card skimming operation targeted the online retailer First Aid Beauty and evaded notice for months.
7.5M Adobe Creative Cloud User Records Exposed, City Of Joburg Ransomware Attack, and APT28 Updates
Adam Cook, Philip Doherty, and Viktoria Austin host this week’s ShadowTalk update around an unsecured Elasticsearch database exposing account information of aboutt 7.5 million Adobe Creative Cloud...
Cybercriminal credit card stores: Is Brian out of the club?
In this blog, we determine whether this targeted attack on BriansClub will impact the wider cybercriminal credit carding landscape, and speculate whether it could galvanize the community to push anoth
Domain Squatting: The Phisher-man’s Friend
Simon talks about how easy it is to conduct domain squatting and typosquatting, and how little monitoring still goes on around them in the industry.
Dark Web Monitoring: The Good, The Bad, and The Ugly
Gaining access to dark web and deep web sources can be extremely powerful – if you focus on relevant use cases. The most successful strategies we observe have clear requirements, such as fraud detecti
ANU Breach Report: Mapping to Mitre ATT&CK Framework
We decided to map this intrusion to the Mitre ATT&CK framework, as we have done previously for:
Two-Factor in Review
A technical assessment of the most popular mitigation for account takeover attacks
How to Reduce Your Extortion Risks: Avoiding the Shakedown
In this webinar we will cover recent sextortion tactics, thedarkoverlord, and SamSam Group campaigns to demonstrate how the barriers to entry for extortionists are decreasing, and how businesses can r
Too Much Information: The Sequel | New Research
There are now 750 million more files exposed than we reported last year; not all of them are blatantly sensitive, but there is plenty of gold in these mountains.
A Tale of Epic Extortions - How Cybercriminals Monetize Our Online Exposure
Digital Shadows’ Photon Research Team has found that cybercriminals have diversified their extortion methods, and the threat landscape is as wide and varied as it’s ever been.
Fitbit and Digital Shadows: Protecting Brands from Digital Risks and the Dark Web
Watch this on demand webinar to learn how to identify and eliminate counterfeit digital sites, social media, and apps and how to identify and mitigate threats from the dark web.
Episode 59: Practitioner’s Guide to Email Spoofing