Security Breach – 26 Apr 2024

brand spoofing and impersonation

Security Breach – 26 Apr 2024

Today’s savvy cybercriminals are not just exploiting technical vulnerabilities. They are using every tool at their disposal to enhance their cybercrime efforts from advanced social engineering tactics to artificial intelligence (AI). As AI improves, employees are facing more hard-to-detect cyberattacks than in the past. But common cyber threats like phishing, ransomware and business email compromise (BEC) aren’t the only email-based cyber threats that employees will encounter.

In brand impersonation cyberattacks, cybercriminals imitate a trusted brand to trick victims into disclosing sensitive information or providing their credentials. Hackers typically use domain-spoofing techniques or lookalike domains in phishing emails to trick their targets in these attacks. Cybercriminals can leverage advanced tools and techniques to design highly convincing email templates that resemble emails from trusted brands. An estimated 25% of all branded emails companies receive are spoofing or brand impersonation attempts. Spoofed emails from trusted brands allow adversaries to make a compelling case through social engineering by preying on employees’ likelihood to trust familiar things.

Recent Breaches

 

Australia – Pandemonium Rocks – Music Festival

Exploit: Misconfiguration

Risk to Business: Moderate: The troubled Pandemonium Rocks music festival has taken another massive blow after a major data breach. First, seven of the 10 acts scheduled to perform canceled their appearances. That led to a rush for refunds from angry ticketholders. OrganiSers said that a clerical error in the refund forms it used left the Administrator tab open. That gave bad actors a window on April 14, 2024, between 5.47 pm and 7.20 pm, to steal ticketholders’ personal data including bank details, email addresses and phone numbers. 

United States – Home Depot – Home Improvement Retailer

Exploit: Supply Chain Data Breach

Risk to Business: Severe: Notorious threat actor IntelBroker claims that it stole data belonging to 10,000 Home Depot employees. Home Depot confirmed the data breach, pointing the finger at an unnamed third-party Software-as-a-Service (SaaS) vendor. Home Depot said the vendor inadvertently made some Home Depot associates’ names, work email addresses and User IDs public during the testing of their systems. Home Depot is still investigating the incident.

Talk to a TCT team member today about implementing cyber security plan for your business.

Robert Brown
26/04/2024

Related Articles:
Common Smart Home Issues
Spot the Different Types of Deepfakes