According to the FBI, Business Email Compromise (BEC) and Email Account Compromise (EAC) have caused $12 billion in losses since October 2013.1 These scams target businesses and individuals performing wire transfer payments, using social engineering and intrusion techniques to gain access to business email accounts. With financially-sensitive information constantly owing through company emails, these inboxes are lucrative targets for attackers. In this research, Digital Shadows outlines the declining barriers to entry for this type of fraud. Check out our key findings.
Most Recent Flipbooks

This guide outlines best practices for cyber threat intelligence and features resources to leverage when developing or improving your organization's cyber threat intelligence capabilities.

Initial access brokers are benefitting from a rise in adoption of remote access software. This Initial Access Brokers Report analyzes this phenomenon and what it means for security practitioners.

This guide draws from best practices suggested in SearchLight’s playbooks, so security professionals can improve their tools and processes to prevent employee account takeover.

Over the past 2.5 years, we have been analyzing how cybercriminals conspire to prey upon users of online services by “taking over” the accounts they all use...

Digital Shadows has contributed to Optiv's 2020 Threat Intelligence Landscape Estimate, which provides a view of the cyber-threat landscape to help organizations mitigate risk and strengthen their...
We took a deep-dive into the cybercriminal underground to investigate the persistence of forums, uncovering several reasons they remain attractive amid appealing alternatives.
A quick guide to understanding how your company looks to attackers.

We define the strengths and weaknesses of ACH in the cyber-threat domain, with a "customer-centric" view that can aid analysts in presenting intelligence to a decision maker.

A technical assessment of the most popular mitigation for account takeover attacks

There are now 750 million more files exposed than we reported last year; not all of them are blatantly sensitive, but there is plenty of gold in these mountains.

This practical guide provides advice to help understand how to identify critical business assets, understand the threat, monitor for exposure, and take action.

Digital Shadows’ Photon Research Team has found that cybercriminals have diversified their extortion methods, and the threat landscape is as wide and varied as it’s ever been.

In this report, you will learn the emergence of Digital Risk Protection, a framework for protecting against Digital Risks, questions the C-Suite should be asking.

The findings of this joint research between Digital Shadows and Onapsis shed light into how nation-state actors, cybercriminals and hacktivist groups are actively attacking these applications and what
Underground Marketplace model in decline as cybercriminals switch to chat channels to trade illegal goods.

Digital Shadows finds 1.5 billion business and consumer files exposed online – just one month before businesses face €20m fines under GDPR legislation.

Digital risk protection consists of monitoring and remediating external risk exposure online. In this blog, I take a look at the current state of digital risk protection and where I see its future.

Cybercriminals have developed several schemes to defraud those looking to profit from the growth in cryptocurrencies.
The availability of tools found by Digital Shadows research team means that barriers to entry are lower than ever.

CISOs and risk officers must adopt a thorough digital risk management strategy that includes monitoring, filtering, prioritizing, and responding to threats across the public Internet and dark web.