Tag Archives: Spear-phishing

Botnet Necurs Turns Its Focus On Banks

Just days after the FBI issued a private warning to the banking industry (read more here), the botnet network known as Necurs began a spamming campaign that targeted the banking industry. The activity was discovered by the security research firm Cofense. According to Cofense, the Necurs network started a concentrated spear phishing campaign against approximately … Continue Reading

HaoBao Malware Hitting Banks Scans for Bitcoin Activity

Lazarus, the well-known hacking group responsible for the WannaCry ransomware attack from last year, as well as the attack on the Bangladesh Central Bank and Sony, is now targeting global financial firms and Bitcoin adopters with a phishing campaign dubbed “HaoBao.” The phishing campaign was discovered by McAfee Labs in mid-January. The way it works … Continue Reading

FBI reports $3.1 billion lost by businesses through “business email compromise”

This article co-authored with guest blogger David Wang, a R+C summer associate and student at Boston College Law School Wire fraud crime has long been a problem for financial institutions and banks. However, wire fraud through email is a completely different beast. Originally characterized by law enforcement as an extension of traditional wire fraud, wire fraud by … Continue Reading

Spear-phishing campaigns continue to infiltrate critical infrastructure

The Department of Homeland Security’s Industrial Control Systems Cybersecurity Emergency Response Team (ICS-CERT) has reported that critical infrastructure systems in the U.S. experienced a 20% increase in cybersecurity incidents in 2015. ICS-CERT responded to 295 incidents involving critical infrastructure in 2015. The good news is that the industry that is the most targeted—Energy—had a 42 … Continue Reading

2016 year of peak phishing attacks?

Early studies on the causes of data breaches found many occurred after laptops, flash drives or other mobile devices were lost or stolen. But in recent years, data breaches have largely resulted from organized online-targeted phishing, scanning or skimming attacks against individuals and companies.  The attackers sought personal and financial data to use or sell … Continue Reading
LexBlog