Security Affairs

APRIL 30, 2020

Group-IB uncovered a new sophisticated phishing campaign, tracked as PerSwaysion, against high-level executives of more than 150 companies worldwide. . ybercriminals behind the PerSwaysion campaign gained access to many confidential corporate MS Office365 emails of mainly financial service companies, law firms, and real estate groups.

Phishing 136

Phishing Accountability Financial Services Cloud Migration 136

eSecurity Planet

OCTOBER 5, 2021

Passwords are the most common authentication tool used by enterprises, yet they are notoriously insecure and easily hackable. At this point, multi-factor authentication (MFA) has permeated most applications, becoming a minimum safeguard against attacks. Jump to: What is multi-factor authentication? MFA can be hacked.

Authentication 104

Authentication Passwords Mobile Accountability 104

Security Affairs

JUNE 11, 2023

Microsoft researchers warn of banking adversary-in-the-middle (AitM) phishing and BEC attacks targeting banking and financial organizations. Microsoft discovered multi-stage adversary-in-the-middle (AiTM) phishing and business email compromise (BEC) attacks against banking and financial services organizations.

Phishing 98

Phishing Banking Financial Services Passwords 98

Zero Day

SEPTEMBER 18, 2024

The move comes amid growing phishing attacks targeting the financial services sector; most impacted by brand impersonation scams.

Authentication 75

Authentication Banking Financial Services Scams 75

Thales Cloud Protection & Licensing

AUGUST 31, 2022

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor. It highlights the leadership of financial services in cybersecurity relative to other industries, but it also uncovers some surprising chinks in their cybersecurity armor. Thu, 09/01/2022 - 05:15.

Financial Services 62

Financial Services Cybersecurity Computers and Electronics Banking 62

Security Affairs

AUGUST 16, 2023

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. “Beginning in May 2023, Cofense has observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries.” com (Cloudflare’s Web3 services).

Phishing 98

Phishing Energy and Utilities Insurance Manufacturing 98

Responsible Cyber

NOVEMBER 23, 2024

Financial services have also faced significant incidents, with many institutions relying heavily on third-party technology partners to deliver essential services. Many vendors failed to implement robust security protocols, such as advanced encryption techniques, multi-factor authentication, and continuous monitoring.

Risk 81

Risk Healthcare Education Cybersecurity 81

Malwarebytes

AUGUST 21, 2024

” Toyota and Toyota Financial Services have suffered several breaches in the past, so it’s hard to tell where and when the information was obtained more precisely. Enable two-factor authentication (2FA). Some forms of two-factor authentication (2FA) can be phished just as easily as a password. Take your time.

Passwords 128

Passwords Manufacturing Data breaches Phishing 128

The Last Watchdog

MAY 24, 2021

billion hitting financial services organizations — an increase of more than 45 percent year-over-year in that sector. billion web app attacks last year, with more than 736 million targeting financial services. billion web attacks globally; 736 million in the financial services sector. A: Everything.

Financial Services 178

Financial Services Passwords Media Accountability 178

Adam Levin

NOVEMBER 17, 2020

Mobile payment platforms, like Apple Pay and Google Pay, use advanced technology, like fingerprint authentication and tokenization (in which credit card account numbers are replaced by randomly generated numbers) to provide brick-and-mortar shoppers with an added layer of security. Enable two-factor authentication.

Scams 243

Scams Retail Banking Passwords 243

Webroot

APRIL 22, 2025

Financial services industry: Banks, insurance companies and other financial organizations offer a wealth of opportunity for hackers who can use stolen bank account and credit card information for their own financial gain. In 2024, there were 14 data breaches involving 1 million or more healthcare records.

Data breaches 71

Data breaches Identity Theft Passwords eCommerce 71

Duo's Security Blog

DECEMBER 19, 2024

Phishing is still one of the most common attack vectors, and the holidays provide an especially appealing time to launch an attack thats been supercharged by modern natural language processing models and novel QR codes. No industry is spared this phishing season, though some are targeted more often than others.

Phishing 64

Phishing Authentication Social Engineering Passwords 64

The Last Watchdog

JULY 7, 2021

When you have a victim that came from a phishing attack on the financial services industry for example, and then later you obtain that victim’s gaming details, if there is a match on email addresses, username, address, etc. Some of the credential stuffing attacks can be traced back to existing data breaches or phishing.

Accountability 257

Accountability Mobile Passwords Authentication 257

Duo's Security Blog

NOVEMBER 20, 2023

One piece of evidence to support this hypothesis is the low adoption of a basic security control that protects against identity-based attacks - multi-factor authentication (MFA). Add to this, the risks of weak authentication factors such as SMS one-time passcodes and dormant or inactive accounts.

Threat Detection 138

Threat Detection Authentication Accountability Data breaches 138

SecureList

FEBRUARY 23, 2022

The research in this report is a continuation of our previous annual financial threat reports ( 2018 , 2019 and 2020 ), providing an overview of the latest trends and key events across the threat landscape. The term is also used to describe malware seeking access to financial organizations’ IT infrastructures. Financial Phishing.

Banking 140

Banking Phishing Cryptocurrency Malware 140

Centraleyes

DECEMBER 16, 2024

By focusing on identity and access management (IAM), multi-factor authentication (MFA), and micro-segmentation, ZTA provides a robust defense against modern threats. Attackers are becoming more organized, with ransomware-as-a-service (RaaS) operations providing easy access to malicious tools for even novice cybercriminals.

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Technology 98

Malwarebytes

SEPTEMBER 30, 2021

Two-factor authentication is a great way to protect your online accounts, and we always recommend you turn it on. Yesterday, security intelligence firm, Intel 147, revealed it had noticed an uptick of activity in threat actors providing access to services in Telegram that circumvent two-factor authentication (2FA) methods.

Social Engineering 105

Social Engineering Banking Authentication Passwords 105

Malwarebytes

JUNE 14, 2024

In 2020, Truist provided financial services to about 12 million consumer households. Enable two-factor authentication (2FA). Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished. Watch out for fake vendors.

Data breaches 118

Data breaches Banking Passwords Phishing 118

Thales Cloud Protection & Licensing

APRIL 22, 2025

This surge could be down to threat actors using AI and ML to automate credential stuffing and phishing, making them progressively sophisticated and more complicated to uncover. Block known proxy services to stop bots masking their activity. The table below summarizes these recommendations and maps them to Thales solutions.

Digital transformation 62

Digital transformation Accountability Internet Internet 62

Thales Cloud Protection & Licensing

JANUARY 10, 2022

The financial services ecosystem has evolved tremendously over the past few years driven by a surge in the adoption of digital payments. Security is paramount; digital payments are not only authorized but they must be authenticated as well. How Can We Secure The Future of Digital Payments? Tue, 01/11/2022 - 06:35.

Retail 126

Retail Financial Services Banking Authentication 126

Thales Cloud Protection & Licensing

OCTOBER 16, 2024

Individuals risk identity theft, financial loss, and privacy violations. Businesses, particularly those in financial services, healthcare, and retail sectors, suffer from operational disruptions and financial penalties. Employees play an integral role in the security of their organization.

DDOS 62

DDOS Encryption Data breaches Identity Theft 62

Malwarebytes

JULY 19, 2024

Financial services had the most breaches, followed by healthcare. Enable two-factor authentication (2FA). Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished. Better yet, let a password manager choose one for you.

Data breaches 123

Data breaches Passwords Identity Theft Phishing 123

SecureList

MARCH 31, 2021

Even though, in 2020, we have seen ever more sophisticated cyberattacks, the overall statistics look encouraging: the number of users hit by computer and mobile malware declines, so does financial phishing. In this research, by financial malware we mean several types of malevolent software. Financial phishing.

Banking 145

Banking Phishing Malware Mobile 145

Centraleyes

MARCH 13, 2025

If you’re part of the financial services ecosystem hereor interact with businesses regulated by the New York State Department of Financial Servicesyouve likely come across the NYDFS Cybersecurity Regulation. Multi-factor authentication (MFA) and role-based access controls are your best friends here.

Cybersecurity 52

Cybersecurity Financial Services Risk Encryption 52

IT Security Guru

NOVEMBER 4, 2022

Looking at particular attack methods, Obrela found that those most utilised were typically malware infection, reconnaissance, data exfiltration and phishing attacks, along with the exploitation of malicious insiders. . To decrease risk and make sure their security posture is up to scratch, organisations must remember to do the ‘basics’.

Banking 115

Banking Phishing Financial Services Government 115

Cisco Security

JANUARY 10, 2023

Traditionally CISOs have talked about the importance of improving security awareness which has resulted in the growth of those test phishing emails we all know and love so much. So, security will need to focus on supporting the introduction of flexibility and the ease of user experience, such as passwordless or risk-based authentication.

CISO 142

CISO Insurance Cyber Insurance Ransomware 142

Adam Levin

AUGUST 21, 2019

Among other things, this slowness means fewer clicked links in phishing emails. By now, we should expect to be seeing puppet shows on the dangers of phishing. They may offer continuous training programs to help thwart phishing attacks and malware infections. All that aside, the best solution is free.

Phishing 138

Phishing Accountability Hacking Cybersecurity 138

The Last Watchdog

SEPTEMBER 7, 2022

Healthcare and public health, financial services, and IT organizations are frequent targets, although businesses of all sizes can fall victim to these schemes. Likewise, lookalike and spoofed web domains and well-crafted phishing emails now easily trick employees into thinking they’re dealing with trustworthy sources.

Ransomware 124

Ransomware Education Financial Services Phishing 124

Dark Reading

DECEMBER 18, 2012

The recent article, “$850 Million Scheme Exploited Facebook: Authentication, Secure Browsing Would Have Reduced Losses,” illustrates just how important customer authentication is. Within the next two to five years, we will see stronger authentication everywhere, because the banks are going to get sick of the losses.”.

Banking 40

Banking Authentication Risk Identity Theft 40

CyberSecurity Insiders

MAY 24, 2023

Website impersonation (also known as “brandjacking”) draws users to fraudulent copies of a brand’s website to trick them into revealing personal and financial account information used to steal their identities and funds. Memcyco is trusted by leaders in financial services, eCommerce and other industries.

eCommerce 94

eCommerce Artificial Intelligence Scams Financial Services 94

Security Affairs

MARCH 19, 2022

. “AvosLocker is a Ransomware as a Service (RaaS) affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors. ransomware and phishing scams).

Ransomware 118

Ransomware DDOS Passwords Backups 118

Security Affairs

MARCH 24, 2021

Forex trading may be dominated by banks and global financial services but, thanks to the Internet, the average person can today dabble directly in forex, securities and commodities trading. The personal identifiable information (PII) exposed by the leak could be used in fraudulent authentication across other platforms.

Passwords 136

Passwords Accountability Media Identity Theft 136

eSecurity Planet

JUNE 16, 2022

However, basic cybersecurity tools and practices, like patching , strong passwords , and multi-factor authentication (MFA), “can prevent 80 to 90% of cyberattacks,” said Anne Neuberger, deputy national security advisor for cyber and emerging technologies, during a White House press conference in Sept. Ransomware. Crimeware and spyware.

Backups 145

Backups Ransomware Malware Firewall 145

Thales Cloud Protection & Licensing

NOVEMBER 20, 2023

The Verizon 2023 Data Breach Investigations Report reveals that system intrusion, phishing, and web app attacks are the predominant patterns that enable criminals to steal personal and financial information, including credit card data. In case of a lost phone, promptly informing these services can prevent unauthorized access.

Retail 83

Retail Cybersecurity Financial Services Mobile 83

SecureWorld News

APRIL 4, 2022

The most frequent targets of leakware are hospitals, law firms, and financial services organizations. Email phishing attacks are a common method hackers use to execute leakware. Filtering and analyzing can prevent phishing emails from ever making their way into an employee or executive's inbox.

Ransomware 98

Ransomware Digital transformation Phishing Small Business 98

Thales Cloud Protection & Licensing

SEPTEMBER 2, 2024

Breaking Free from Passwords: Passkeys and the Future of Digital Services josh.pearson@t… Mon, 09/02/2024 - 15:14 As passkeys offer a more secure and convenient way to authenticate users, it is no surprise that industry experts agree that they will become the standard authentication method used worldwide. How do we get there?

Passwords 62

Passwords Authentication Social Engineering Phishing 62

Malwarebytes

DECEMBER 1, 2022

Like other ransomware groups, its threat actors use double extortion tactics, predominantly targeting organizations in the US in five critical infrastructure sectors: critical manufacturing, financial services, government facilities, healthcare and public health, and information technology.

Ransomware 98

Ransomware Financial Services Accountability Malware 98