Phishing

In the lead-up to a data breach, phishing is second only to use of stolen credentials in terms of how attackers infiltrate institutions. Here's what else you need to know.

Researchers recently described a scheme that allows affiliates to buy access to phishing materials. The case provides an insight into the methodical nature of some cybercrime.

Fraudsters sometimes target customers of credit unions and smaller banks because the institutions lack the cybersecurity resources of larger players.

A recent campaign targeting Quickbooks users claimed customers had their accounts suspended because of problems verifying their business information. It’s the latest example of scams that slither through multiple lines of defense.

As risk rises and budgets tighten post-pandemic, training all employees about security risks and conducting quarterly penetration tests helps to offset threats and potential losses.

Fraudsters have increased their attempts to steal data through email scams since much of the financial services sector moved to remote work when the pandemic began.

Executives and technology analysts offered a host of concerns that are likely to dog credit unions well into the new year.

Netwalker attacks are known to target victims using phishing emails disguised as COVID-19 updates from their organization, taking advantage of the heightened fears and anxieties that come with the current pandemic, says Stealthbits Technologies' Dan Piazza.

In a new twist on an old scam, cybercriminals have tried to get thousands of people to surrender their Wells bank account information by sending authentic-looking emails containing malicious links that lead to a fake website bearing the company's name.

In a new twist on an old scam, cybercriminals have tried to get thousands of people to surrender their Wells bank account information by sending authentic-looking emails containing malicious links that lead to a fake website bearing the company's name.

Fraudsters are licking their chops at the prospect of businesses and financial services extending remote working because of the coronavirus pandemic.

Cybyer criminals have become more aggressive as employees are working from home. Credit unions should take these steps to ensure they block those efforts.

As phishing and other attacks mount, a personal ID number can act as a second authentication factor, says LogRhythm Labs' James Carder.

Many credit union employees are currently working from home to slow the spread of COVID-19 but this can invite more attacks from cyber criminals.

Hacker emails disguised as pleas for aid have surged in the past month, and they're targeting bank employees and the many others working from home.

Card fraud risks — already soaring prior to the coronavirus outbreak — are changing rapidly as the pandemic deepens, forcing issuers and merchants to rethink protective measures.

Financial institutions need to alert customers about emails or websites that pretend to offer important COVID-19 information but instead could end up stealing their account numbers or logins.

Traditional phishing attacks on email are easier for most users to spot, causing crooks to migrate to new venues, argues The ai Corporation's James Crawshaw.

Detecting virtual bad actors means paying more careful attention to the digital interactions and touch points within your business, and how users interact with you through apps, websites or customer service centers, writes Accertify's Andrew Mortland.

Cybercriminals have become extremely adept at crafting emails that are indistinguishable from legitimate emails, says Valimail's Peter Goldstein.