Breaking up the Phishing Attack Chain
Phishing remains a popular attack method for malicious actors. This attack method is made possible by the wealth of services phishers can purchase on illicit markets: mass mailers, email lists, fake websites etc. Phishing attacks have been on the rise, registering a 250% growth between 2018 and 2019 according to a Microsoft report. In this […]
The Winners and Losers of the Empire Market Shutdown
Updated: November 26th, 2021As the article below is a bit out of date, here’s a breakdown of most of the large changes in the dark web marketplace scene: Empire Market exit scammed in August 2020 DarkMarket was sized in January 2021 Yellow Brick exited a few days after DarkMarket BigBlue was seized by Interpol in April […]
How To Identify The Next Major Cyber Threats through Job Postings
A significant challenge for security teams is to extract intelligence from open-source information. Malicious actors routinely post advertisements like the one below. This actor is offering up a method, but provides little to no clues as to how that method works, and how to protect against it. This is just an example of how challenging […]
Why all the Spam? How Phishing Emails Get to You
A phishing attack is any communication (email, SMS, instant messaging) campaign launched by a malicious actor to steal personal data and credentials. Phishing attacks are one of the biggest threats to data security. According to a Microsoft report, the frequency of phishing attacks grew by 250% between 2018 and 2019. Phishing has now supplanted malware […]
Ransomware and Supply Chains
Ransomware is a growing threat to any organization, government or business. In Canada alone, it is estimated that ransomware attacks and the associated downtime cost our economy CAD$2.4 billion in 2020. HOW RANSOMWARE ATTACKS WORK Spread as malware through emails and insecure download links, ransomware programs embed themselves in the computer systems of firms. Ransomware […]
Credential Stuffing Attacks And CRA
The Canada Emergency Response Benefit (CERB) is an essential part of the Canadian Federal Government response to the COVID-19 pandemic. With an estimated cost of over $71 billion dollars and limited vetting of applicants, the CERB program has been known to be vulnerable to fraud since launch. Since the program’s launch, media outlets have reported that between 200,000 […]
5 Trends in Loyalty Program Fraud in Canada
Loyalty programs have grown tremendously in the last decade. Memberships rose to 3.8 billion members recently , with a total value of USD$323 billion for the ecosystem. Loyalty program fraud has significantly increased as well, increasing by 89% in the first quarter of 2019 alone. We previously explored how loyalty program fraud happens. To […]
Dorking: Preventing Leaks From Hurting Your Firm
While readily available, malware is far from being the only tool that malicious actors use to steal data and illegally access computer networks. Malicious actors indeed threaten firms’ security using far more mundane and everyday techniques. Case in point: taking advantage of Google, the world’s most popular search engine, to find confidential information and vulnerabilities […]
How Loyalty Program Fraud Happens
Loyalty programs have grown tremendously in the last decade. Memberships rose from 2.6 billion to 3.8 billion from 2012 to 2016, and are projected to increase to 5.5 billion by the end of the year. The total value of all loyalty program points was estimated at USD$48 billion in 2017 (Wise Marketer, 2017). This rapid […]
What Does the “Free” in Free Food Really Mean?
Hijacked accounts are one of the most common items available for purchase on online illicit markets. On our blog, we’ve discussed in the past the issue of bank credentials being put up for sale. We now want to highlight how fraudsters also target other industries – namely the food delivery industry. This has been […]
