From Advanced Threats

Dating Site Breached: 20M Credentials Stolen

Share Button

A hacker calling himself “Mastermind” is claiming to be in possession of over 20 million credentials for an unnamed dating site. These credentials are claimed to be 100% valid in a posting to a paste site. Included in the list are over 7 million credentials from Hotmail, 2.5 million from Yahoo and 2.2 million from Gmail.com. Read more

State of the Union Address

Cybersecurity Becomes a Focus in 2015 State of the Union Address

Share Button

In last night’s State of the Union address, President Obama urged Congress to pass legislation to better protect Americans from cyberattacks. The directive comes on the heels of concerning findings recently unveiled by ISACA:

Read more

DMARC Compass Offers New Powerful Features

Share Button

Easy Solutions is committed to supporting the emerging DMARC email authentication standard to help our customers communicate confidently and securely with their customers. We listened to your feedback and included some key features in this DMARC Compass™ release that improve performance, usability and management. Read more

Phishing

“Data URI” Phishing Attacks Now Target US Banks

Share Button

Over time there is a natural tendency towards attack complexity as defensive countermeasures improve. The Easy Solutions DMS team is focused on attack detection and removal on behalf of our clients and we have monitored this trend for years. Recently we’re detected a resurgence in an attack type called “Data URI” phishing. Read more

Year in Review: Top Fraud Stories

Share Button

Top Fraud StoriesWhile many are looking ahead at 2015, with both relief and some anxiety, we believe its worth taking a look back at the biggest security and fraud stories of 2014, to serve as a reminder of how the fraud landscape has evolved over the last twelve months and what you should be doing to protect your business when, not if, the next security event happens. Read more

Phishing Attacks Rise Again During the Holidays – Even for DMARC Protected Brands

Share Button

It is no secret that phishing attacks are growing in scope and the reason is quite simple: they are still effective. For the past several years, we have seen a marked increase in the number of email driven phishing scams that coincide with the holidays. Below you’ll find an email-driven phishing scam which shows a notification from FedEx—we’ve seen this with other brand-recognized delivery couriers like UPS and DHL. You can view the US-CERT advisory here. In this instance, the notification indicates that FedEx was unable to deliver a package because there was nobody available to sign for it. Once the recipient clicks on the invoice, the phishing attack is launched. With this kind of attack, the company purported to be sending the message is also a victim as the brands themselves become associated with fraudulent activities. Read more

2015 Fraud Outlook – Mobile Heats Up, EMV Not the Promised Land

Share Button

2015 Fraud Outlook Most of us in the business of fighting fraud understand it is and will be an ever-changing challenge. And we expect 2015 to be no different, unfortunately. One of the most difficult expectations placed on fraud organizations is the anticipation of where fraud will occur and how often. In an effort to help you understand what the fraud landscape might look like in the year ahead, I have outlined some considerations that should be understood along with suggestions on how they should be addressed. Read more

Business Partners Beware – Man in the Middle Becomes Man in Your Bank Account

Share Button

We have recently become aware of a new scheme targeting businesses through some of the partners they trust and are closest to – their vendors and third-party providers. We are seeing evidence of these schemes popping up in the Deep Web – the black markets where criminals often sell the credentials or information they have to offer to other criminals eager to act on that information. In this emerging man in the middle scheme, fraudsters convince businesses that their vendors’ bank account information has changed, thereby funneling legitimate payments into illegitimate accounts.

Read more

Webinar Replay: The Fraud Economy

Share Button

Fraud Economy WebinarAlmost every day we hear of a new retailer that has experienced a data breach, frustrating financial institutions that must then deal with the fall-out. According to the recent Faces of Fraud survey, conducted by ISMG, over 70% of financial institutions were impacted by the Target breach last December alone. But how does the fraud economy work? What exactly happens to all this data that is stolen? How is it sold, and what is it worth?

Read more

Apple Pay Secure? Not so Fast…Overlooked Security Concerns and Predictions

Share Button

Apple PayApple Pay went live yesterday. And while there has been much talk about how it's going to disrupt the payment system, and how easy it will be to use, security is once again being overlooked in the urgency for speed and convenience above all else. Read more