FCPA Compliance Report-Episode 408, Brad Davis on Social Engineering for Data Protection
Every year, BakerHostetler collects, analyzes and compares key metrics on the incident response matters we handled in the prior year. The Data Security Incident Response (DSIR) Report presents key findings and trends, along...more
A recent court case has unveiled a new level of sophistication in attacks targeting high-net-worth cryptocurrency holders. In a meticulously orchestrated scheme, hackers managed to steal more than $40 million in bitcoin from...more
At this point, your IT department has almost certainly warned you to approach your e-mail inbox with skepticism--for good reason. Cybercriminals regularly and effectively impersonate our legitimate contacts for illegitimate...more
HaveIBeenPwned is a website that allows users to check whether their data has been involved in data breaches. The website’s creator, Troy Hunt, was the subject of a phishing attack earlier this week....more
We have educated our readers about phishing, smishing, QRishing, and vishing scams, and now we’re warning you about what we have dubbed “snailing.” Yes, believe it or not, threat actors have gone retro and are using snail...more
CrowdStrike recently published its 2025 Global Threat Report, which among other conclusions, emphasized that social engineering tactics aimed to steal credentials grew an astounding 442% in the second half of 2024....more
As part of Data Privacy Awareness Week, Ward and Smith is spotlighting the most common types of data breaches that businesses encounter. In Part 1, we explored the industries most vulnerable to cyberattacks, highlighting the...more
Ask any chief information security officer (CISO), cyber underwriter or risk manager, or cybersecurity attorney about what controls are critical for protecting an organization’s information systems, you’ll likely find...more
Editor’s Note: This webcast brings together some of HaystackID’s top experts to dissect the intricacies of Business Email Compromise (BEC) attacks—a rapidly growing threat impacting organizations globally. During the...more
Ransomware attacks that shut business down to zero and data breaches that disclose the personal information of customers, vendors and employees justifiably strike fear in the hearts of executives everywhere. Organizations can...more
Retool, a software development firm offering modular code for customizable enterprise software, recently notified 27 customers that a threat actor had accessed their accounts. The attacker was able to navigate through...more
CYBERSECURITY - World Economic Forum’s Global Cybersecurity Outlook for 2023 Is Bleak - Sorry to be the bearer of bad news but remember that I am only the messenger. According to the World Economic Forum’s Global...more
This year’s deadline for filing individual tax returns is April 18. Malicious actors routinely target human resources professionals, certified public accountants, and individual employees with social engineering attacks...more
CYBERSECURITY - Twilio Hit with Social Engineering Smishing Scheme - We’ve explained smishing schemes before. Smishing is like phishing, but uses SMS texting to deliver malicious code to users’ phones, or tricks the user...more
The Twilio and Cloudfare smishing attacks [view related post] provide a timely reminder of how sophisticated smishing attacks are and how they can affect businesses and their customers. But threat actors don’t just attack...more
We’ve explained smishing schemes before. Smishing is like phishing, but uses SMS texting to deliver malicious code to users’ phones, or tricks the user into visiting a malicious website to steal their credentials or money....more
Buzzy brokerage app Robinhood Markets is the latest victim of a cyberhack, disclosing earlier this week that the personal information of some 7 million users was exposed. According to Bloomberg, the “intruder made off with...more
New dictionary words have been formed to describe online scams. Phishing, one that everyone knows by now, is when a scammer uses a pretext in an email to get someone to click on a link or attachment in the email to deploy...more
If you have been following Verizon’s annual data breach investigation reports like I have over the years, you get excited when the new one comes out. If you have never read the report, now’s your chance, as the 2021 report...more
When the Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) get together to issue an alert to warn us about a security threat, you can bet that the threat is real, and that...more
GovCon Co., a successful government contractor, receives an email from the billing or accounting representative of a trusted vendor, subcontractor, or teaming partner asking for payment of an outstanding invoice stating,...more
Attorneys are well aware of the ways in which corporate clients are increasingly conducting their business and affairs electronically. A business may routinely place orders with trusted vendors via e-mail, rely on the...more
Media outlets recently reported that Barbara Corcoran, one of the judges on the popular ABC show "Shark Tank," was the victim of a "spear phishing" scam....more
Tailgating is a physical security breach in which an unauthorized person gains access to a building or other protected area, usually by waiting for an authorized user to open and pass through a secure entry and then following...more
According to Verizon’s 2018 Data Breach Investigations Report, phishing or other forms of social engineering cause 93% of all data breaches. In order for phishing or social engineering attacks to be successful, the attacker...more