account hijacking
What can merchants do to avoid falling victim to large-scale ATO attacks?
Account Takeover (ATO) attacks happen when a bad actor gains access to a legitimate customer’s eCommerce store account and uses that account for fraud. The impact of ATO …
Phishers are trying to bypass Office 365 MFA via rogue apps
Phishers are trying to bypass the multi-factor authentication (MFA) protection on users’ Office 365 accounts by tricking them into granting permissions to a rogue …
Preventing account takeover and social engineering attacks
Since the COVID-19 outbreak, digital fraud has increased significantly, especially when it comes to account takeover. In this Help Net Security podcast, Angie White, Senior …
Government-backed cyber attackers increasingly targeting journalists
Since the start of the year, journalists and news outlets have become preferred targets of government-backed cyber attackers, Google’s Threat Analysis Group (TAG) has noticed. …
As consumers turn online for purchases, many are targeted by pandemic-related digital fraud
There has been a spike in digital commerce since social distancing became widespread globally, according to a TransUnion research. The research found a 23% increase in global …
How to protect your online streaming accounts from cybercriminals?
Have you secured your streaming services’ accounts? Are you sure someone else, unbeknown to you, isn’t using them as well? As people around the world are being …
Compromised passwords used on 44 million Microsoft accounts
44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking due to use of compromised passwords, Microsoft has shared. The discovery was …
Phishers have been targeting UN, UNICEF, Red Cross officials for months – and still do
Researchers have brought to light a longstanding phishing campaign aimed at the UN and its various networks, and a variety of humanitarian organizations, NGOs, universities …
Avast breached by hackers who wanted to compromise CCleaner again
Czech security software maker Avast has suffered another malicious intrusion into their networks, but the attackers didn’t accomplish what they apparently wanted: …
Researchers reveal the latest lateral phishing tactics
Emails coming from legitimate, compromised accounts are difficult to spot, both for existing email protection systems and the recipients themselves. Lateral phishing tactics …
Business security in the age of malicious bots
As most technologies, bots can be used for good and bad purposes, and the information security industry is doing its best to minimize the adverse effects of the latter …
How effective are login challenges at preventing Google account takeovers?
Despite implementation bugs that might affect the security of physical security keys, they are the strongest protection against phishing currently available, Google maintains. …