PhishMe May Cybercrime Alert: Whaling Attacks, Employee Data Theft Expected to Surge
Human Phishing Defense Provider Launches Global Ransomware Resource Center
LEESBURG, VA–(Marketwired – May 17, 2016) – PhishMe Inc., the leading provider of human-phishing defense solutions, today released its May Cybercrime Alert, warning organizations that its threat researchers expect to see a rise in several phishing attack types, including Business Email Compromise (BEC) and Whaling:
- Business Email Compromise (BEC) — Attackers are impersonating executives and fellow employees and making fraudulent requests via emails designed to trick employees into providing them with sensitive information such as employee W2 and other tax information.
- Whaling — Attackers are targeting C-level executives with emails impersonating fellow executives and employees in an attempt to get them to give up user credentials and authorize high-dollar money transfers.
For several years, PhishMe researchers have tracked all forms of phishing attacks in the wild, including those related to malware, ransomware, wire fraud, data theft and more. Recently, PhishMe observed an increase in attacks across the board but has also noticed cybercriminals’ concentrating efforts around BEC scams and Whaling.
PhishMe isn’t the only organization warning businesses to be vigilant. In April, the Federal Bureau of Investigations (FBI) warned US businesses that it had received reports of BEC scams that have victimized organizations in all 50 states and that since October 2013, related crimes accounted for $2.3 billion in losses. As early as the fourth quarter in 2015, the Internal Revenue Service (IRS) began warning consumers and businesses to be on the lookout for phishing scams requesting personal and employee information related to tax returns and W2 information.
Condition Employees, Pay Close Attention to Requests for Money and Data
BEC and Whaling attacks often bypass perimeter and end-point security controls, as they are typically designed to identify malware and URLs contained in email attachments that download malicious payloads and link to suspicious websites. In these cases, the emails don’t necessarily contain attachments or links, leaving humans as the only line of defense.
PhishMe advises organizations to condition employees to identify and report attacks through phishing simulations that leverage real-world scenarios and empower them to respond to phishing incidents. To prevent cybercriminals from turning your organization into their next victim, take extra steps to ensure that:
Employees are conditioned to pay special attention to emails requesting money transfers and to report any that appear suspicious to the respective incident response teams.
- Workers with access to information about employees remain on the lookout for requests seeking documents containing payroll, W2 or other personnel data.
- In some cases, taking an added step to authenticate anyone making such requests through a secondary communications channel, such as a quick phone call confirming a requesters’ identity, could prevent compromise.
Additionally, PhishMe has produced multiple blog posts recently that anyone in the security community can leverage to help defend their organizations against related phishing attacks, including:
- University W2 Phishing and CEO Impersonation: https://cofense.com/universities-face-w2-phish-president-impersonation/
- Tax Time is Phishing Time: Here’s How to Help: https://cofense.com/tax-time-phishing-time-heres-help/
- More Tax Scams: https://cofense.com/tax-time-scams/
- Wire Fraud Phisher Attempts to Phish PhishMe, Instead Gets Phished by PhishMe: https://cofense.com/wire-fraud-phisher-attempts-to-phish-phishme-instead-gets-phished-by-phishme/
Global Ransomware Resource Center
In April, PhishMe warned that ransomware could fuel one of the biggest digital cybercrime waves to date. Ongoing attacks that have continued to target every industry, and most recently the US Congress, are further evidence that this cybercrime vector will remain a top concern for global organizations. In response, PhishMe launched a global resource center providing its customers and the security community with fast access to:
- The latest information on ransomware attacks and targeted industries
- Valuable resources such as whitepapers and ebooks on ransomware defense
- Premium video content and social news feeds covering ransomware trends
Visit the resource center: http://ransomware.cofense.wpengine.com/
Connect with PhishMe Online
- Follow PhishMe on Twitter: https://twitter.com/phishme
- Follow PhishMe’s Blog: https://cofense.com/blog/
- Follow PhishMe on LinkedIn: https://www.linkedin.com/company/phishme-inc-
PhishMe® is the leading provider of human-focused phishing defense solutions for organizations concerned about their susceptibility to today’s top attack vector — spear phishing. PhishMe’s intelligence-driven platform turns employees into an active line of defense by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats. Our open approach ensures that PhishMe integrates easily into the security technology stack, demonstrating measurable results to help inform an organization’s security decision making process. PhishMe’s customers include the defense industrial base, energy, financial services, healthcare, and manufacturing industries, as well as other Global 1000 entities that understand changing user security behavior will improve security, aid incident response, and reduce the risk of compromise.