In The News

Anti-phishing startup INKY raises $20M to ramp up enterprise adoption Anti-phishing startup Inky  has raised $20 million in its Series B round of funding, led by Insight Partners .
Read More
Most Phishing Attacks Originate from US, says INKY CEO Dave Baggett 'Impersonating sites of reputable organizations has become super-easy,' says Dave Baggett, Co-Founder and CEO of INKY Cybercriminals are exploiting the COVID-19 pandemic to hook unsuspecting people curious for information on the crisis. They are bombarded with fabricated new work from home policies or fake layoff/furlough notifications. The Internet Crime Complaint Center (IC3), the online crime reporting mechanism of the Federal Bureau of Investigation (FBI), has seen the frequency of complaints shoot up since the beginning of the pandemic. According to reports, the number of complaints has tripled or quadrupled. Origin of The Perpetrators According to several reports and social media, most of these attacks are executed by criminals in Russia, China, or North Korea. However, INKY, a cloud-based cybersecurity company, has a totally different view. Its latest report traces most phishing attacks to the US. Dave Baggett, Co-Founder and CEO of INKY, says a large number of IP addresses tracked in the phishing email headers originated from somewhere in the US. Asked why the US figures so prominently in the phishing attack ecosystem, Dave claimed: "The majority of our users are American. Phishers prefer to target victims within their own geography because it's more natural to research and impersonate since it's the same culture and language. Non-American attackers also spoof a USA origin to evade geographical filters." In an exclusive interview with the International Business Times, the INKY co-founder and CEO gives his detailed take on the attacks. Excerpts from the interview: IBT: What are the new trends you have observed recently in the phishing world? Dave: Malicious HTM or HTML attachments that build credential harvesting sites on a victim's local network. Bad actors get stolen credentials directly emailed to them if the victim uses it. We have also observed dynamic algorithms that impersonate the recipient's domain in a phishing email. IBT: How easy is it for someone to execute an attack of this nature? Dave: Executing a phishing attack is easier than you can think. Anybody could buy a cheap confusable domain name and some hosting space to execute an attack. And impersonating sites of any reputable organizations have become super-easy. Anyone can just download real company logos, trademarks, copyrights, and HTML/CSS codes from the internet and add them on a site to imitate.
Read More
Majority of COVID phishing attacks coming from US IP addresses An anti-phishing firm discovered that most of the malicious coronavirus emails were coming from the United States. COVID-19 phishing emails have been bombarding inboxes since the virus began to spread in December and January. Cybercriminals have tried to push all kinds of scams to the masses using coronavirus-related topics, headers and organizations to get people to open malicious emails, files, or links.    Complaints about phishing attacks have tripled since the concerns about COVID-19 became widespread, according to the FBI's Internet Crime Complaint Center.   Cybersecurity company INKY pored through the months of coronavirus-themed phishing emails and compiled a report on where most of them were coming from, finding that the majority of IP addresses found in email headers originated from the United States.    Dave Baggett, CEO of INKY, acknowledged that these IP addresses might be easily spoofed by more skilled attackers but explained that there were a number of reasons most attackers would be in the US.    "The majority of our users are American. Phishers prefer to target victims within their own geography because it's easier to research and impersonate since it's the same culture and language," he said in an email interview, adding that non-American attackers may also want to spoof a US origin to evade geographical filters.
Read More
Phishing spoofs US Federal Reserve to steal online bank accounts Scammers have been sending out emails that impersonate the U.S. Federal Reserve and lure recipients with financial relief options through the Payment Protection Program.
Read More
Phishing emails impersonate the White House and VP Mike Pence Phishing scammers have started to impersonate President Trump and Vice President Mike Pence in emails that distribute malware or perform extortion scams.
Read More
Coronavirus-themed phishing emails and websites spoof the White House Phishing emails and their associated websites often impersonate well-known organizations, brands, businesses, and other familiar subjects to try to trap potential victims. They can spoof banks and financial establishments, hospitals and healthcare groups, and even one's own employer. A series of recent phishing emails examined by INKY targeted people curious or anxious about COVID-19 by impersonating the White House and some in the administration.
Read More
Phishers Try 'Text Direction Deception' Technique to Bypass Email Filters With COVID-19 concerns running high, attackers are trying new tactics to get to users.
Read More
Office 365 Phishing Uses CSS Tricks to Bypass Email Gateways A phishing campaign using Office 365 voicemail lures to trick them into visiting landing pages designed to steal their personal information or infect their computers with malware.
Read More
Coronavirus pandemic creates 'perfect storm' for cybercriminals As the country grapples with the burgeoning coronavirus pandemic, cybersecurity experts are warning that employees working from home are increasingly being targeted by aggressive cybercriminals trying to capitalize on their unfamiliarity with remote work.
Read More
Mass telecommuting is an opportunity for hackers Working from home is the new reality for hundreds of millions of Americans and their companies. That means lots of workers in their studies or kitchen tables are in far more vulnerable cyber environments. And there’s ample evidence the bad guys are out in force.
Read More