CyberheistNews Vol 14 #32 QR Code Phishing is Nonetheless on the Rise

QR Code Phishing is Nonetheless on the Rise – The SEG is Lifeless

Organizations want to concentrate on the menace posed by QR code phishing (quishing), in line with researchers at Development Micro.

“Phishing emails proceed to be the primary assault vector for organizations,” the researchers write.

“A QR code phishing, or quishing assault, is a contemporary social engineering cyber assault method manipulating customers into freely giving private and monetary data or downloading malware. It targets C-level executives and the best strategic roles inside an organization.”

Since QR codes do not use a text-based hyperlink, they’ll slip previous electronic mail safety filters to focus on people straight. People likewise cannot analyze the hyperlink itself earlier than scanning the code.

The SEG is Lifeless

“Quishing can bypass conventional safety electronic mail gateways, evading electronic mail filtering instruments and identification authentication,” Development Micro says. “This permits cyberattacks to maneuver from a protected electronic mail to the person’s much less safe cell system, the place cybercriminals can receive confidential data, similar to fee particulars, for fraudulent functions.

“For example, a malicious QR code hidden in a PDF or a picture (JPEG/PNG) file connected to an electronic mail can bypass electronic mail safety safety, similar to filtering and flagging. This permits the e-mail to be delivered on to the person’s inbox with out being analyzed for clickable content material.”

Development Micro says customers ought to be looking out for the next pink flags related to QR codes:

• “No context. Train warning if the QR code lacks context or seems misplaced, similar to QR codes randomly positioned in a public space
• Internet hyperlinks. Keep away from websites accessed by way of QR codes that request funds. As an alternative, enter a identified and trusted URL for transactions
• Overlays. Be cautious if the QR code is positioned over present indicators or labels, as scammers might attempt to cowl up respectable data
• An excessive amount of data: Be skeptical of QR codes that ask for extreme permissions (e.g., entry to your digital camera, contacts, or location) past what is critical”

Weblog put up with hyperlinks and a free QR-code phishing check you’ll be able to run:
https://weblog.knowbe4.com/qr-code-phishing-is-still-on-the-rise

[BUDGET AMMO] “E mail Threats Are Coasting Previous SEGs, And CISOs Are Waking Up To It”:
https://www.forbes.com/websites/forbestechcouncil/2024/07/26/email-threats-are-coasting-past-segs-and-cisos-are-waking-up-to-it/

[New Features] Ridiculously Straightforward Safety Consciousness Coaching and Phishing

Outdated-school consciousness coaching doesn’t hack it anymore. Your electronic mail filters have a mean 7-10% failure charge; you want a powerful human firewall as your final line of protection.

Be part of us Wednesday, TOMORROW, August 7, @ 2:00 PM (ET), for a stay demonstration of how KnowBe4 introduces a new-school method to safety consciousness coaching and simulated phishing.

Get a have a look at THREE NEW FEATURES and see how simple it’s to coach and phish your customers:

• NEW! Callback Phishing permits you to see how seemingly customers are to name an unknown telephone quantity supplied in an electronic mail and share delicate data
• NEW! Particular person Leaderboards are a enjoyable approach to assist improve coaching engagement by encouraging pleasant competitors amongst your customers
• NEW! 2024 Phish-prone™ Proportion Benchmark By Trade allows you to evaluate your share along with your friends
• Good Teams permits you to use staff’ conduct and person attributes to tailor and automate phishing campaigns, coaching assignments, remedial studying and reporting
• Full Random Phishing robotically chooses completely different templates for every person, stopping customers from telling one another about an incoming phishing check

Learn how 65,000+ organizations have mobilized their finish customers as their human firewall.

Date/Time: TOMORROW, Wednesday, August 7, @ 2:00 PM (ET)

Save My Spot!
https://information.knowbe4.com/kmsat-demo-2?partnerref=CHN2

Fortune 50 Ransomware Sufferer Pays an Eye-Watering $75 Million

The Darkish Angels ransomware group bought paid a staggering $75 million ransom from an undisclosed Fortune 50 sufferer.

This eye-watering sum shatters the earlier report of $40 million paid by insurance coverage large CNA Monetary in 2021, setting a brand new and alarming benchmark within the ransomware panorama.

The revelation comes from the most recent ZScaler ThreatLabz ransomware report, which paints a grim image of the present state of cybersecurity. Chainanalysis, a cryptocurrency monitoring agency, additionally confirmed it noticed the $75 million fee to Darkish Angels.

Focuses On One Massive Firm At A Time

In comparison with different ransomware teams, Darkish Angels stands out by specializing in a “single massive firm at a time,” and demanding a excessive sum, Zscaler says. “That is in stark distinction to most ransomware teams, which goal victims indiscriminately and outsource a lot of the assault to affiliate networks.”

For example, Zscaler reported that in September 2023, Darkish Angels breached a global conglomerate specializing in constructing automation programs and different providers. The group stole 27 TB of company knowledge whereas encrypting the corporate’s VMware ESXi digital machines and subsequently demanded a $51 million ransom.

93 % Improve in Ransomware Assaults Focusing on the U.S

In response to the report, world ransomware assaults have surged by 18% YoY, with healthcare, manufacturing and expertise sectors bearing the brunt of those malicious actions. Significantly regarding is the manufacturing sector, which has skilled greater than double the assaults in comparison with the opposite two industries mixed.

Geographically, america stays the prime goal for ransomware assaults, accounting for practically half of all incidents worldwide. The UK follows carefully behind. What’s much more alarming is the 93% improve in ransomware assaults focusing on the U.S. in comparison with the earlier 12 months, highlighting the pressing want for improved cybersecurity measures throughout the nation.

The Impression of Main Ransomware Teams

Whereas the Darkish Angels group might not be a family identify like a few of their extra infamous counterparts, their current payday actually places them within the highlight. The cybercrime panorama is consistently shifting, with new teams rising and others fading away. ZScaler has tracked a complete of 391 ransomware gangs over time, with 19 new ones recognized between April 2023 and April 2024 alone.

Regardless of legislation enforcement efforts to disrupt their operations, established ransomware teams proceed to dominate the scene. LockBit stays on the prime of the record, adopted by BlackCat (ALPHV), 8Base, Play, and Clop. These teams persistently exhibit their capacity to adapt and evolve, staying one step forward of safety measures.

The record-breaking ransom paid to the Darkish Angels group serves as a stark reminder of the important significance of safety consciousness and coaching. As ransomware assaults develop in each frequency and severity, organizations should prioritize educating their staff about potential threats and finest practices for prevention.

Wanting Forward: 2025 Predictions

• As ransomware threats evolve, a number of key developments are set to form the cybersecurity business in 2025, as highlighted within the ransomware report. Amongst these developments, one part that caught everybody’s consideration is the rise of extremely focused assault methods. Teams like Darkish Angels are setting a precedent by specializing in a number of high-value targets for substantial ransoms, which can affect different menace actors to undertake related approaches.
• One other pattern is the usage of voice-based social engineering by specialised preliminary entry brokers similar to Scattered Spider, who will seemingly proceed to take advantage of this tactic to infiltrate company networks.
• Generative AI is anticipated to play a big function in ransomware assaults, enabling menace actors to create extra convincing and personalised assaults, together with AI-generated electronic mail and voice impersonations.
• Excessive-volume knowledge exfiltration assaults, which exploit the worry of knowledge leaks slightly than counting on encryption are anticipated to rise. The healthcare sector will stay a major goal as a consequence of its useful knowledge, necessitating enhanced safety measures.

Worldwide collaboration is essential in disrupting world ransomware networks and combating cybercrime successfully. KnowBe4 empowers your workforce to make smarter safety selections day by day. Over 65,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and cut back human threat.

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/dark-angels-ransomware-group-scores-record-breaking-75-million-payday

[WEBINAR] 2024 Phishing Insights: What 11.9 Million Consumer Behaviors Reveal About Your Threat

Your secret weapon to fight cyber threats is likely to be just below your nostril! As cybercriminals proceed to take advantage of tried and examined assault strategies, whereas concurrently upping their recreation with extra superior strategies, your human protection layer is likely to be your ace within the gap.

However how resilient are your customers in the case of heading off these threats? We checked out 11.9 million customers throughout 55,675 organizations to search out out.

On this webinar Perry Carpenter, KnowBe4’s Chief Evangelist and Technique Officer, and Joanna Huisman, KnowBe4’s Senior Vice President of Strategic Insights and Analysis, overview our 2024 Phishing By Trade Benchmarking Examine findings and finest practices.

You’ll study extra about:

• New phishing benchmark knowledge for 19 industries
• Understanding who’s in danger and what you are able to do about it
• radically decrease Phish-prone™ Percentages inside 90 days
• Actionable tricks to create your “human firewall”
• The worth of new-school safety consciousness coaching

Have you learnt how your group compares to your friends? Watch this webinar to search out out!

Date/Time: Wednesday, August 14 @ 2:00 PM (ET)

Cannot attend stay? No worries — register now and you’ll obtain a hyperlink to view the presentation on-demand afterwards.

Save My Spot:
https://information.knowbe4.com/2024-phishing-insights?partnerref=CHN

Practically All Ransomware Assaults Now Embrace Exfiltration of Knowledge…However Not All Are Notified

Organizations are falling sufferer to ransomware assaults the place knowledge is stolen, however the sufferer is not being advised about it. I’ve a principle as to why that is occurring.

Many assume knowledge is being exfiltrated as a part of a ransomware assault and it is going for use as a part of the extortion part of the assault. However in line with Arctic Wolf’s The State of Cybersecurity: 2024 Traits Report, that does not appear to be the case.

I just lately coated that ransomware is now felt by 91% of organizations — half of them throughout the final 12 months, in line with Arctic Wolf. However, of the sufferer organizations, solely 57% have been notified of the information exfiltration by the ransomware perpetrators!

I imagine the explanation for that is espionage.

I additionally just lately talked about how espionage-intent menace teams are utilizing ransomware as a diversion tactic in cyber assaults. In essence, the aim is to steal secrets and techniques, however to cowl their tracks, menace actors launch ransomware.

However, whatever the motivation, the dearth of notification can simply as simply be motivated by sustaining persistence to promote the entry to a different menace group. Whatever the motive, all this makes the case of why it is important to make sure your group has the best degree of controls in place — which ought to embrace new-school safety consciousness coaching.

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/nearly-all-ransomware-attacks-now-include-exfiltration-of-data-but-not-all-are-notified

KnowBe4 Establishes August 6 as Nationwide Social Engineering Day

We’re excited to announce the institution of Nationwide Social Engineering Day, to be noticed yearly on August 6. This new nationwide day, formally acknowledged by the Nationwide Day Calendar, goals to coach people and organizations concerning the dangers related to social engineering ways utilized in cyber assaults.

Cybercriminals leverage social engineering ways in an estimated 98% of cyber assaults, averaging over $4.5 million in damages.

The institution of Nationwide Social Engineering Day serves as a vital reminder that cybersecurity isn’t just about expertise — it is about individuals. By founding Nationwide Social Engineering Day, we’re creating an annual reminder for everybody to remain vigilant and knowledgeable concerning the evolving ways utilized by cybercriminals.

It is a phishy social engineering ocean on the market and we have to equip ourselves with the appropriate expertise and data to navigate it safely. By educating ourselves and our groups, we will remodel the human component from the weakest hyperlink to the strongest protection towards cyberthreats.

The inaugural Nationwide Social Engineering Day will happen on August 6, 2024, coinciding with the birthday of the late Kevin Mitnick, famend hacker and former Chief Hacking Officer of KnowBe4. Mitnick, sometimes called the world’s most well-known social engineer, performed a big function in shaping the cybersecurity panorama.

Learn The Full Press Launch:
https://www.knowbe4.com/press/knowbe4-establishes-august-6-as-national-social-engineering-day

Let’s keep protected on the market.

Heat Regards,

Stu Sjouwerman, SACP
Founder and CEO
KnowBe4, Inc.

PS: Forbes selected my article as an Editor’s Selection: “5 Steps To Decoding AI-Powered Impersonation Assaults”:
https://www.forbes.com/websites/forbestechcouncil/2024/06/21/five-steps-to-decoding-ai-powered-impersonation-attacks/

PPS: A terrific article in Info Week about Our North Korean IT Employee Classes:
https://www.informationweek.com/cyber-resilience/what-can-be-learned-from-knowbe4-s-north-korean-it-hire-

“Attempt to not react merely within the second. Pull again from the scenario. Take a wider view. Compose your self.”
– Epictetus, a Greek thinker (55 – 135 AD)

“It’s inconceivable to start to study that which one thinks one already is aware of.”

You’ll be able to learn CyberheistNews on-line at our Weblog
https://weblog.knowbe4.com/cyberheistnews-vol-14-32-qr-code-phishing-is-still-on-the-rise-the-seg-is-dead

Scammers Exploit Curiosity in Generative AI Instruments

Researchers at Palo Alto Community’s Unit 42 are monitoring phishing assaults exploiting curiosity in generative AI instruments. The researchers noticed spikes in suspicious area registrations over the previous 12 months that correlated with present information.

“The area registration pattern is clearly correlated to the fluctuating recognition of the subject, with knowledge peaks aligning with main ChatGPT milestones,” the researchers write.

“Following Microsoft’s announcement of ChatGPT integration with Bing on Feb. 7, 2023, we noticed a surge within the variety of new domains the place lots of them comprise each emblems (e.g., msftchatgpt[.]com). One other vital spike occurred on March 14, 2023, coinciding with the official launch of GPT-4.

The following peak corresponds to the announcement of recent GPTs on Nov. 6, 2023, throughout which quite a few associated domains, like gptsotre[.]com, have been registered.”

The time period “gpt” is utilized by the vast majority of these websites, since ChatGPT is likely one of the most well-known generative AI instruments.

“Probably the most abused key phrase is gpt, whose suspicious charge is 76%,” the researchers clarify. “This phrase, although not completely associated to the GenAI matter, demonstrates a big correlation with it. After filtering out domains unrelated to GenAI, this time period was hardly ever used for area creation previous to 2023, whereas its recognition surged together with the GenAI pattern.”

The researchers additionally noticed many suspicious domains themed round tutorials for immediate engineering.

“As curiosity in GenAI grows and extra individuals search to turn into specialists in its use, immediate engineering emerges as a sizzling matter,” Unit 42 says. “We additionally noticed that ‘immediate’ often coexists with ‘gpt’ and ‘engineering’ in domains. Our findings counsel that individuals should train warning when visiting web sites providing tutorials on immediate engineering, as a big share of them are shady.”

Weblog put up with hyperlinks:
https://weblog.knowbe4.com/scammers-exploit-interest-in-generative-ai-tools

Spear Phishing Poses Important Dangers For Firms of All Sizes

Researchers at Barracuda have printed a report wanting on the phishing assault surfaces of firms of various sizes, discovering that smaller firms are likely to obtain a better charge of phishing assaults unfold throughout the group.

That is seemingly as a result of smaller variety of potential targets and the upper degree of entry possessed by every worker. At bigger organizations, spear phishing assaults usually deal with particular, high-value targets, similar to executives or staff with entry to monetary selections.

“Smaller firms are likely to have flatter organizational constructions with simpler entry to names or contact particulars,” Barracuda explains. “This might imply that attackers can goal a variety of staff. Because of their smaller dimension, they’re additionally prone to have extra individuals with privileged entry to knowledge and programs.

“There are fewer levels of separation between staff, enabling attackers to maneuver laterally rapidly. In consequence, inbound assault emails are extra evenly distributed throughout the enterprise and will goal the intern in addition to the CEO.”

Phishing stays a prime menace for big organizations as properly. Barracuda discovered that assaults towards massive firms usually contain lateral phishing, by which menace actors use compromised accounts to ship phishing emails to different accounts throughout the group.

“Slightly below half (42%) of the focused electronic mail assault detections within the largest firms concerned lateral phishing, in comparison with solely 2% for the smallest orgs,” the researchers write. “This inside assault vector is a significant threat for big companies. The prevalence of account compromises amongst bigger companies might replicate the truth that credentials for a lot of firms are seemingly already obtainable for buy on the darkish net, making lateral phishing an easy assault.”

New-school safety consciousness coaching can provide your group a necessary layer of protection towards social engineering assaults. KnowBe4 empowers your workforce to make smarter safety selections day by day.

Barracuda has the story:
https://weblog.barracuda.com/2024/07/30/threat-spotlight-company-size-email-threats

What KnowBe4 Clients Say

“I wished to let you know the way impressed I’m along with your colleague Truett. He reached out for a common consumer replace, and in addition gave me a brief demo which was terrific. Tremendous pleasant, consumer dealing with and educated. He additionally provided to assist us (internally) with optimizing the platform if we select to take action. Have a terrific vacation!”

– R.S., Senior Regional Director

Hey Stu,

I am reaching out to you to share my unimaginable expertise with our account rep, JennB. My identify is Derek, I am our IT Coordinator and am at the moment the purpose particular person for all issues KnowBe4 at my group. We started our journey with KnowBe4 someplace round February 2023 and have had Jenn as our account rep since October 2023.

In between that point, we misplaced our IT Director and a whole lot of his work fell onto my plate, together with the setup, launch, and upkeep of KnowBe4. I can truthfully say that Jenn has been my absolute favourite account rep to work with throughout my time right here and she or he has finished unimaginable work to ensure we’re using your platform to the very best of our talents.

Once we initially bought KnowBe4, our Director arrange one single phishing check and that is about it. When he left, I made a push to make KnowBe4 one thing our org makes use of frequently. Shortly after, Jenn scheduled a while for us to speak and ensure we have been proud of our expertise.

After I defined our scenario and what we have been making an attempt to perform, Jenn guided us by way of a lot of the setup of KnowBe4, and scheduled a number of extra conferences to ensure we have been undertaking our targets and supplied assist after we had questions.

She helped overview our setup insurance policies and procedures, gave us recommendations on finest practices and customary use circumstances, and gave a number of demos to showcase what the platform may do for us. Once we had technical points, Jenn partnered with different groups at your org to resolve them inside 24 hours.

After I advised her that we had an organization retreat developing, she mailed us an enormous field of swag. When that package deal had been despatched to the mistaken tackle, Jenn made certain one other one was on the way in which that very same day.

I’m so over-the-moon proud of our relationship with KnowBe4. Your product is unimaginable: Since our launch, now we have run 7-8 phishing campaigns, and our annual cybersecurity coaching. Our phish-prone share is at the moment 1.9%! Moreover, the service and compassion Jenn has proven to us over the previous 9 months has been nothing in need of spectacular.

I actually requested her on your electronic mail tackle so I may share my expertise with you. Please, I am begging you, discover some method to acknowledge this hard-working lady. She actually cares about what you do at KnowBe4 and the advantages it supplies small firms like us.

I am pleased to speak extra for those who’re . If there’s something I can do for Jenn on my finish, please let me know. I hope you’ve gotten an excellent weekend!

– S.D. IT Coordinator