2014 INTERNET COMMERCE CASE STUDY. The Battle Against Phishing and Fraudulent s. 100 S. Ellsworth Ave 4th Floor San Mateo, CA
|
|
- Pearl Thornton
- 5 years ago
- Views:
Transcription
1 2014 INTERNET COMMERCE CASE STUDY The Battle Against Phishing and Fraudulent s 100 S. Ellsworth Ave 4th Floor San Mateo, CA
2 ABOUT AGARI Agari analizes big data from the world s in-boxes to provide a new way of stopping brand abuse and phishing. We proactively prevent any unauthorized purporting to be from your brand from reaching your customers. Our cloud-based solution guarantees rejection of these phishing messages across the Internet to protect your brand, stop phishing, reduce your liability and enhance your consumer trust. AGARI IS TRUSTED BY: The largest bank in the United States The largest Internet Commerce payments processing firm The most admired consumer electronics brand in the world The top three most popular social media sites The third largest global shipping company Pamela Moore - Senior VP Administrative Services and Chief Financial Officer at NACHA, the Electronic Payments Association. Pamela Moore is on the front lines of the battle against phishing and fraudulent s. As Senior Vice President of Administrative Services and CFO at NACHA, the Electronic Payments Association, she endured a massive attack on her organization in NACHA manages the development, administration, and governance of the ACH Network, the backbone for the electronic movement of money and data in the United States. It s a not-for-profit association representing nearly 11,000 financial institutions via 17 regional payments associations and direct membership. So when a sustained and ever evolving phishing attack began in February 2011, with consumers and business 2
3 receiving fraudulent s that appeared to be coming from NACHA, the organization experienced turmoil and sought a way to fight back. The fraudulent s, sent globally, typically made reference to an ACH transfer, payment, or transaction and had a link or attachment that infected a recipient s computer with malicious code when clicked on or opened. Compounding the problem was the fact that the s purported to come from actual NACHA employees and /or departments and even carried a counterfeit NACHA logo along with association s physical mailing address and telephone number. By July 2011, we were starting to see the same servers sending IRS, Federal Reserve and FDIC spam as we were seeing the phishing attacks evolve, Moore told participants during a recent Agari webinar. By September 2011 we were starting to identify polymorphic malware. And by November 2011, we were seeing a bonnet building environment where Dirt Jumper and Zeus variants, such as Gameover, were tied to the current campaign. By then Moore had already engaged Patrick Peterson, CEO and Founder of Agari, to help provide a solution to the problem and concluded that the Trusted Registry serviced by Agari was of great importance to her association and financial institutions around the world. Many consumers already assume that Many consumers already assume that s are genuinely from who they say s are genuinely from who they say they re from, Moore said. There s a lot they re from, Moore said. There s a lot of communication out there regarding of communication out there regarding phishing s. I think there s a report out there that indicated that in 2011, phishing s. I think there s a report 75 percent of the s were phishing out there that indicated that in 2011, s. So that s why this type of 75 percent of the s were phishing solution is so important. s. So that s why this type of We were constantly working with law solution is so important. enforcement, with other experts in the field to try and address what was happening with phishing campaigns. By late December 2011, FS-ISAC and Microsoft reached out to us about being involved in this case that they were developing. In combination with the financial services industry, Microsoft and others, we became involved in this case, which was filed in March of We were able to build a lot of background information and documentation regarding the case that we had been going through in Through Agari and the Trusted Registry we had a lot of information that we were able to include as part of this case because it identified so clearly the number of s that were purporting to be from the NACHA.org domain, and the number of compromised servers they were coming from. Our threat level was very high. In excess of 99 percent of the s that were going out were not from NACHA.org. As a result of the various reports that we received form Agari, it became part of the background documentation to support our claim. 3
4 Because of those efforts, 39 different John Does were identified in a civil lawsuit and two command-and-control servers were seized in March Since the initial seizure of the commandand-control servers and about 25 percent of others, the number of infected computers has been cut in half, Moore said. Additional discovery evidence was filed with the Eastern Court in Brooklyn, New York, in Of the 39 John Does, two defendants are serving time in the United Kingdom. The rest of the information has been turned over to law enforcement and the FBI for additional follow-up, she added. Data from Agari and the Trusted Registry was crucial in the case. We re able to see what top 20 IP addresses are sending out spoof NACHA.org s. Data from Agari and the Trusted Registry was crucial in the case, she explained. We received a number of different reports as a result of the Trusted Registry. We re able to see what top 20 IP addresses are sending out spoof NACHA.org s. We re able to then track the number of s that have been blocked as well as the number of servers that they were coming from. And from that, we were about to identify how high a threat the numb roy s that are going out there were, those that or not NACHA.org versus those that are authentic s. So it was very compelling from a civil lawsuit perspective to see this type of information and the reporting capabilities that were coming out of it. From those reports, we were also able to utilize the information that we were getting for the purposes of partnering with technology vendors to monitor our domains and take down malware sites, because you are receiving those top IP addresses that are sending out that . It would also alert us fairly quickly in terms of what was happening if there was an active SPAM campaign, for example. Moore said that NACHA uses the trusted Registry as part of its overall anti-spam strategies. Many of the folks that were receiving this phishing were consumers. We re a corporate trade association, so our normal type of outreach isn t even to the individuals who were starting to receive these suspicious s. So it was important to use to set up consumer education as well as We re a corporate trade business educational efforts, so that they could be association, so our normal reporting those suspicious s. From there what type of outreach isn t even we were able to do is establish auto-feeds of the information to appropriate organizations, whether to the individuals who were that s law enforcement, other anti-phishing work starting to receive these groups, or our technology vendors who assisted us suspicious s. with that malware take down. 4
5 We also had to expand our outreach to smaller anti-spam and anti-virus vendors too. When you think about why this Trusted Registry Service does relative to the authentication of your domain and of that through the SPF and DKIM, one of the areas that we were finding needed additional help was that small business, mid-size business that may not be utilizing some of these broader Internet service providers that are part of this Trusted Registry Service. As a result of the volume that started coming through in the bounce backs of NACHA.org spoofed s, we had to start outsourcing our spam filtering to high-volume, spam-filtering services and then leverage those analytics. About the Founder Patrick Peterson, CEO and Founder of Agari is a technology visionary, entrepreneur and noted security evangelist. He has held major security and engineering posts for IronPort Systems and Cisco; Pat currently serves as Founder and CEO for Agari, whose platform provides revolutionary visibility and protection from threats. 5
Phishing Activity Trends Report August, 2006
Phishing Activity Trends Report, 26 Phishing is a form of online identity theft that employs both social engineering and technical subterfuge to steal consumers' personal identity data and financial account
More informationPhishing Activity Trends Report October, 2004
Phishing Activity Trends Report October, 2004 Phishing is a form of online identity theft that uses spoofed emails designed to lure recipients to fraudulent websites which attempt to trick them into divulging
More informationPhishing Activity Trends Report March, 2005
Phishing Activity Trends Report March, 2005 Phishing is a form of online identity theft that uses spoofed emails designed to lure recipients to fraudulent websites which attempt to trick them into divulging
More informationPhishing Activity Trends
Phishing Activity Trends Report for the Month of, 27 Summarization of Report Findings The number of phishing reports received rose to 24,853 in, an increase of over 1, from February but still more than
More informationTABLE OF CONTENTS Introduction: IS A TOP THREAT VECTOR... 3 THE PROBLEM: ATTACKS ARE EVOLVING FASTER THAN DEFENSES...
The Guide TABLE OF CONTENTS Introduction: EMAIL IS A TOP THREAT VECTOR... 3 THE PROBLEM: ATTACKS ARE EVOLVING FASTER THAN EMAIL DEFENSES... 4 Today s Top Email Fraud Tactics...5 Advanced Malware...8 Outbound
More informationProtect Your Data the Way Banks Protect Your Money
Protect Your Data the Way Banks Protect Your Money A New Security Model Worth Understanding and Emulating Enterprise security traditionally relied on a fortress strategy that locked down user endpoints
More informationDMARC Continuing to enable trust between brand owners and receivers
DMARC Continuing to enable trust between brand owners and receivers February 2014 1 DMARC Defined DMARC stands for: Domain-based Message Authentication, Reporting & Conformance (pronounced dee-mark ) 2
More informationHow to Conquer Targeted Threats: SANS Review of Agari Enterprise Protect
How to Conquer Targeted Email Threats: SANS Review of Agari Enterprise Protect A SANS Product Review Written by Dave Shackleford May 2017 Sponsored by Agari 2017 SANS Institute Introduction: Email Is a
More informationA CFO s Guide to Cyber Security in the Coming Year
CYBER SECURITY A CFO s Guide to Cyber Security in the Coming Year LEVERAGE TECHNOLOGY AND YOUR FINANCIAL INSTITUTION TO BUILD BETTER DEFENSES www.cfo.com www.huntington.com A CFO s Guide to Cyber Security
More informationCYBER SECURITY RESOURCE GUIDE. Cyber Fraud Overview. Best Practices and Resources. Quick Reference Guide for Employees. Cyber Security Checklist
CORPORATE & INSTITUTIONAL BANKING CYBER SECURITY RESOURCE GUIDE Cyber Fraud Overview Best Practices and Resources Quick Reference Guide for Employees Cyber Security Checklist 2 5 7 9 AWARENESS OF CYBER
More informationPhishing Activity Trends
Phishing Activity Trends Report for the Month of September, 2007 Summarization of September Report Findings The total number of unique phishing reports submitted to APWG in September 2007 was 38,514, an
More informationRSA FRAUDACTION ANTI-PHISHING SERVICE: BENEFITS OF A COMPREHENSIVE MITIGATION STRATEGY
RSA FRAUDACTION ANTI-PHISHING SERVICE: BENEFITS OF A COMPREHENSIVE MITIGATION STRATEGY RSA CYOTA PROJECT PROPOSAL RSA FRAUDACTION ANTI-PHISHING SERVICE V.1 2011 Overview This brief highlights the benefits
More informationEvolution of Spear Phishing. White Paper
Evolution of Spear Phishing White Paper Executive Summary Phishing is a well-known security threat, but few people understand the difference between phishing and spear phishing. Spear phishing is the latest
More informationThe BUSINESS of Fraud. Don t let it put you out of business. AFFILIATE LOGO
The BUSINESS of Fraud. Don t let it put you out of business. Veenindra J. Singh, First Vice President, Treasury Management Consultant California Bank & Trust 300 Lakeside Drive, Suite 800 Oakland, Ca 94612
More informationDHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017
DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.
More informationPhishing Activity Trends Report August, 2005
Phishing Activity Trends Report August, 25 Phishing is a form of online identity theft that employs both social engineering and technical subterfuge to steal consumers' personal identity data and financial
More informationwith Advanced Protection
with Advanced Email Protection OVERVIEW Today s sophisticated threats are changing. They re multiplying. They re morphing into new variants. And they re targeting people, not just technology. As organizations
More informationCybercrime and Information Security for Financial Institutions. AUSA Jared M. Strauss U.S. Attorney s Office So. District of Florida
Cybercrime and Information Security for Financial Institutions AUSA Jared M. Strauss U.S. Attorney s Office So. District of Florida Defining Cybercrime Stealing and Monetizing Financial and Identity Data
More informationKnowBe4 is the world s largest integrated platform for awareness training combined with simulated phishing attacks.
KnowBe4 is the world s largest integrated platform for awareness training combined with simulated phishing attacks. About Us The world s most popular integrated Security Awareness Training and Simulated
More informationEBOOK. Stopping Fraud. How Proofpoint Helps Protect Your Organization from Impostors, Phishers and Other Non-Malware Threats.
EBOOK Stopping Email Fraud How Proofpoint Helps Protect Your Organization from Impostors, Phishers and Other Non-Malware Threats www.proofpoint.com EBOOK Stopping Email Fraud 2 Today s email attacks have
More informationFRAUD DEFENSE: How To Fight The Next Generation of Targeted BEC Attacks
EMAIL FRAUD DEFENSE: How To Fight The Next Generation of Targeted BEC Attacks Brian Westnedge bwestnedge@proofpoint.com November 8, 2017 1 2017 Proofpoint, Inc. THE BUSINESS PROBLEM BUSINESS EMAIL COMPROMISE
More informationUNITED STATES DISTRICT COURT WESTERN DISTRICT OF WASHINGTON AT SEATTLE ) ) ) ) ) ) ) ) ) ) ) ) I. INTRODUCTION
Microsoft Corporation v. Does Doc. 1 1 1 MICROSOFT CORPORATION, a Washington Corporation, v. Plaintiff, JOHN DOES 1-0, Defendants. UNITED STATES DISTRICT COURT WESTERN DISTRICT OF WASHINGTON AT SEATTLE
More informationWHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?
WHAT IS CORPORATE ACCOUNT TAKEOVER? Corporate Account Takeover (also referred to as CATO) is a type of fraud where criminals gain access to a business financial accounts to make unauthorized transactions.
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationBotnets: major players in the shadows. Author Sébastien GOUTAL Chief Science Officer
Botnets: major players in the shadows Author Sébastien GOUTAL Chief Science Officer Table of contents Introduction... 3 Birth of a botnet... 4 Life of a botnet... 5 Death of a botnet... 8 Introduction
More informationTackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud
Tackling Cybersecurity with Data Analytics Identifying and combatting cyber fraud San Antonio IIA iheartaudit Conference February 24, 2017 What We ll Cover + Current threat landscape + Common security
More informationIRONSCALES Federation Combines Human Intelligence with Machine Learning to Discover & Stop Spear-Phishing Attacks
IRONSCALES Federation Combines Human Intelligence with Machine Learning to Discover & Stop Spear-Phishing Attacks Phishing attacks have evolved in sophistication and frequency since they first originated
More informationUsing Security to Lock in Commercial Banking Customers
EXECUTIVE SUMMARY Webinar Using Security to Lock in Commercial Banking Customers Commercial banking is a market opportunity that financial institutions (FIs) should not ignore. Tens of billions of dollars
More informationSecurity & Phishing
Email Security & Phishing Best Practices In Cybersecurity Presenters Bill Shieh Guest Speaker Staff Engineer Information Security Ellie Mae Supervisory Special Agent Cyber Crime FBI 2 What Is Phishing?
More informationTrustwave SEG Cloud BEC Fraud Detection Basics
.trust Trustwave SEG Cloud BEC Fraud Detection Basics Table of Contents About This Document 1 1 Background 2 2 Configuring Trustwave SEG Cloud for BEC Fraud Detection 5 2.1 Enable the Block Business Email
More informationPhishing Activity Trends
Phishing Activity Trends Report for the Month of July, 2007 Summarization of July Report Findings For the first time recorded by the APWG, China has surpassed the United States as the country hosting the
More informationWhy you MUST protect your customer data
Why you MUST protect your customer data If you think you re exempt from compliance with customer data security and privacy laws because you re a small business, think again. Businesses of all sizes are
More informationAT&T Endpoint Security
AT&T Endpoint Security November 2016 Security Drivers Market Drivers Online business 24 x 7, Always on Globalization Virtual Enterprise Business Process / IT Alignment Financial Drivers CapEx / OpEx Reduction
More informationGLBA. The Gramm-Leach-Bliley Act
GLBA The Gramm-Leach-Bliley Act Table of content Introduction 03 Who is affected by GLBA? 06 Why should my organization comply with GLBA? 07 What does GLBA require for email compliance? 08 How can my organization
More informationCybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City
1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the
More informationPhishing Activity Trends Report January, 2005
Phishing Activity Trends Report January, 2005 Phishing is a form of online identity theft that uses spoofed emails designed to lure recipients to fraudulent web sites which attempt to trick them into divulging
More information716 West Ave Austin, TX USA
Fundamentals of Computer and Internet Fraud GLOBAL Headquarters the gregor building 716 West Ave Austin, TX 78701-2727 USA TABLE OF CONTENTS I. INTRODUCTION What Is Computer Crime?... 2 Computer Fraud
More informationPhishing in the Age of SaaS
Phishing in the Age of SaaS AN ESSENTIAL GUIDE FOR BUSINESSES AND USERS The Cloud Security Platform Q3 2017 intro Phishing attacks have become the primary hacking method used against organizations. In
More informationTurning the Tide: Fending off Cyber Threats
SESSION ID: SPO1-W05A Turning the Tide: Fending off Cyber Threats Authenticate / Protect / Respond Roy Murdoch SE Manager NEMEA Proofpoint Who s in the Actors Sights? Attacks Increasingly Target Individuals,
More informationRegulator s Perspective of Best Practices in Combatting Cybercrime Executive Fraud Forum October 30, 2013
Regulator s Perspective of Best Practices in Combatting Cybercrime Executive Fraud Forum October 30, 2013 Tony DaSilva, AAP, CISA Senior Examiner Federal Reserve Bank of Atlanta Disclaimer The views and
More informationCYBER SOLUTIONS & THREAT INTELLIGENCE
CYBER SOLUTIONS & THREAT INTELLIGENCE STRENGTHEN YOUR DEFENSE DarkTower is a global advisory firm focused on security for some of the world s leading organizations. Our security services, along with real-world
More informationCLICK TO EDIT MASTER TITLE STYLE Fraud Overview and Mitigation Strategies
Fraud Overview and Mitigation Strategies SUNTRUST TEAM: DOUG HICKMAN SENIOR VICE PRESIDENT FOUNDATIONS AND ENDOWMENTS SPECIALTY PRACTICE JAMES BERNAL ASSISTANT VICE PRESIDENT FOUNDATIONS AND ENDOWMENTS
More informationSee how proofpoint helps you connect with confidence across all digital channels
See how proofpoint helps you connect with confidence across all digital channels Manage security, compliance, and fraud in an era of digital transformation See how companies like yours rely on Proofpoint
More informationThe Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015
The Cost of Phishing Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015 Executive Summary.... 3 The Costs... 4 How To Estimate the Cost of an Attack.... 5 Table
More informationSecurity Protection
Email Security Protection Loay Alayadhi Abstract: Email is the most important business communication tool. Security has been an issue in mail from ancient times. Therefore, email security protection has
More information(Botnets and Malware) The Zbot attack. Group 7: Andrew Mishoe David Colvin Hubert Liu George Chen John Marshall Buck Scharfnorth
(Botnets and Malware) The Zbot attack Group 7: Andrew Mishoe David Colvin Hubert Liu George Chen John Marshall Buck Scharfnorth What Happened? Type of Attack Botnet - refers to group of compromised computers
More informationThreat-Agnostic Defense tm is the New Security Paradigm
Company Overview Nyotron Overview Threat-Agnostic Defense tm is the New Security Paradigm Nyotron is bringing innovation to cybersecurity with a Threat-Agnostic Defense approach to endpoint security products
More informationAnti-Phishing Working Group
Anti-Phishing Working Group www.antiphishing.org DNS Policy Sub-Committee Overview Rod Rasmussen Rod.Rasmussen@InternetIdentity.com Anti-Phishing Working Group Launched in 2003 2600+ members 1600+ companies
More informationSTOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.
Intelligence-driven security STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions. BETTER INTELLIGENCE. BETTER DEFENSE. The
More informationSafeguarding company from cyber-crimes and other technology scams ASSOCHAM
www.pwc.com Safeguarding company from cyber-crimes and other technology scams ASSOCHAM Rahul Aggarwal - Director The new digital business ecosystem is complex and highly interconnected The new business
More informationMarketing Performance in Executive perspective on the strategy and effectiveness of marketing
Executive perspective on the strategy and effectiveness of email marketing Table of Contents Introduction 2 The state of email marketing performance 3 Successfully achieving objectives 4 Most important
More informationCybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m.
Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m. It is crucial that small financial firms take proper cybersecurity measures to protect their customers and their firm. During
More informationPhishing: When is the Enemy
Phishing: When E-mail is the Enemy Phishing, once only a consumer worry, is creating headaches for e-mail administrators as businesses become the next target. CONTENTS Understanding the Enemy 2 Three Things
More informationAnti-Phishing Working Group
Phishing Attack Trends Report April, 2004 Phishing attacks use spoofed e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account
More informationKASPERSKY SECURITY FOR MICROSOFT OFFICE s are sent every second. It only takes one to bring down your business.
Kaspersky KASPERSKY SECURITY for Business FOR MICROSOFT OFFICE 365 emails are sent every second. It only takes one to bring down your business. 2 When Oice 365 meets cyberthreat 24/7 Most businesses have
More informationUK Healthcare: DMARC Adoption Report Security in Critical Condition
UK Healthcare: DMARC Adoption Report Email Security in Critical Condition Executive Summary Email is one of the primary digital channels for digital engagement. But email has never been secure. Phishing
More informationFAQ. Usually appear to be sent from official address
FAQ 1. What is Phishing Email? A form of fraud by which an attacker masquerades as a reputable entity in order to obtain your personal information. Usually appear to be sent from official email address
More informationAwareness and training programs OPTUS MACQUARIE UNIVERSITY CYBER SECURITY HUB
Awareness and training programs OPTUS MACQUARIE UNIVERSITY CYBER SECURITY HUB 2 OPTUS MACQUARIE UNIVERSITY CYBER SECURITY HUB In today s digital world, safeguarding data, intellectual property, financial
More information9/11/ FALL CONFERENCE & TRAINING SEMINAR 2014 FALL CONFERENCE & TRAINING SEMINAR
1 2 1 Agenda: Types of Fraud Things you can do internally Things that companies can do Services Provided by the Bank 3 Because that is where the money is. 4 2 Checks Credit Cards ACH (Debits / Credits)
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationIdentity Theft Prevention Program. Effective beginning August 1, 2009
Identity Theft Prevention Program Effective beginning August 1, 2009 I. PROGRAM ADOPTION Christian Brothers University developed this Identity Theft Prevention Program pursuant to the Federal Trade Commission's
More informationPhishing Discussion. Pete Scheidt Lead Information Security Analyst California ISO
Phishing Discussion Pete Scheidt Lead Information Security Analyst California ISO 2 Phish What is Phishing Types of Phish 3 Phish What is Phishing Attackers (Phishers) would email (cast their nets) far
More informationHow to recognize phishing s
Phishing email messages, websites, and phone calls are designed to steal money, steal data and/or destroy information. Cybercriminals can do this by installing malicious software on your computer or stealing
More informationCyber Insurance: What is your bank doing to manage risk? presented by
Cyber Insurance: What is your bank doing to manage risk? David Kitchen presented by Lisa Micciche Today s Agenda Claims Statistics Common Types of Cyber Attacks Typical Costs Incurred to Respond to an
More informationAbout Us. Overview Integrity Audit Fighting Malicious & Deceptive August 13, 2014
2014 Email Integrity Audit Fighting Malicious & Deceptive Email August 13, 2014 Craig Spiezle Executive Director & President, OTA Mike Jones Director of Product Management, Agari About Us The Online Trust
More informationDMARC ADOPTION AMONG
DMARC ADOPTION AMONG Top 100 Chinese Brands Q1 2018 Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok TABLE OF CONTENTS Introduction... 03 Research Overview... 04 Top 100 Chinese Brands...
More informationREPORT. proofpoint.com
REPORT proofpoint.com Email fraud, also known as business email compromise (BEC), is one of today s greatest cyber threats. These socially engineered attacks seek to exploit people rather than technology.
More informationWeb Cash Fraud Prevention Best Practices
Web Cash Fraud Prevention Best Practices Tips on what you can do to prevent Online fraud. This document provides best practices to avoid or reduce exposure to fraud. You can use it to educate your Web
More informationAre You Protecting Your & Your Customers? Learnings from the 2017 OTA Trust Audit. August 1, 2017
Are You Protecting Your Email & Your Customers? Learnings from the 2017 OTA Trust Audit August 1, 2017 2017 All rights reserved. Online Trust Alliance (OTA) Slide 1 Panel Kevin Gallant Manager, Intelligence
More informationDecember 10, Statement of the Securities Industry and Financial Markets Association. Senate Committee on Banking, Housing, and Urban Development
December 10, 2014 Statement of the Securities Industry and Financial Markets Association Senate Committee on Banking, Housing, and Urban Development Hearing Entitled Cybersecurity: Enhancing Coordination
More informationEBOOK. Stopping Fraud. How Proofpoint Helps Protect Your Organisation from Impostors, Phishers and Other Non-Malware Threats.
EBOOK Stopping Email Fraud How Proofpoint Helps Protect Your Organisation from Impostors, Phishers and Other Non-Malware Threats www.proofpoint.com EBOOK Stopping Email Fraud 2 Today s email attacks have
More informationPhishing Activity Trends
Phishing Activity Trends Report for the Month of June, 2007 Summarization of June Report Findings In the June 2007 report the APWG introduces a brand-domain pairs measurement (page 4) which combines the
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More information6 Ways Office 365 Keeps Your and Business Secure
6 Ways Office 365 Keeps Your Email and Business Secure Acora House, Albert Drive, Burgess Hill, West Sussex, RH15 9TN T: +44 (0) 844 264 2222 W: acora.com E: sales@acora.com Introduction Microsoft have
More informationThe Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It
The Credential Phishing Handbook Why It Still Works and 4 Steps to Prevent It Introduction Phishing is more than 20 years old, but still represents more than 90% of targeted attacks. The reason is simple:
More informationBest Practices Guide to Electronic Banking
Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have
More information9 Steps to Protect Against Ransomware
9 Steps to Protect Against Ransomware IT Support Analyst Task Overview Security Manager Security Dashboard Self Service log Secur Devices With Vulnerabilities Critical Important/High Moderate/Medium 40
More informationGetting Started with DMARC A Guide for Federal Agencies Complying with BOD 18-01
Getting Started with DMARC A Guide for Federal Agencies Complying with BOD 18-01 The DHS Mandate Adopt DMARC for Email Security On October 16, 2017, the U.S. Department of Homeland Security issued a Binding
More informationBUILDING AN EFFECTIVE PROGRAM TO PROTECT AGAINST FRAUD
BUILDING AN EFFECTIVE PROGRAM TO PROTECT AGAINST EMAIL FRAUD Navindra Ramnauth CISSP Principal Sales Engineer 1 2017 Proofpoint, Inc. Proofpoint at a Glance LEADING CUSTOMERS DEEP SECURITY DNA UNIQUE VISIBILITY
More informationPROTECTING YOUR BUSINESS ASSETS
PROTECTING YOUR BUSINESS ASSETS How to Spot Danger Before Your Computer Gets Infected, Your Site Hosts Malware, and Your Credit Card Number Gets Stolen A MyNAMS Presentation by Regina Smola @2012 Regina
More informationOn the Radar: Cloudmark Trident addresses spear phishing
On the Radar: Cloudmark Trident addresses spear phishing Context and behavioral analysis pick up attacks that may have no malicious payload Publication Date: 17 Feb 2016 Product code: IT0022-000603 Rik
More informationSecuring Information Systems
Chapter 7 Securing Information Systems 7.1 2007 by Prentice Hall STUDENT OBJECTIVES Analyze why information systems need special protection from destruction, error, and abuse. Assess the business value
More informationThe Challenge of Spam An Internet Society Public Policy Briefing
The Challenge of Spam An Internet Society Public Policy Briefing 30 October 2015 Introduction Spam email, those unsolicited email messages we find cluttering our inboxes, are a challenge for Internet users,
More informationA Privacy and Cybersecurity Primer for Nonprofits Nonprofits in the Digital Age March 9, 2016
A Privacy and Cybersecurity Primer for Nonprofits Nonprofits in the Digital Age March 9, 2016 Panelists Beverly J. Jones, Esq. Senior Vice President and Chief Legal Officer ASPCA Christin S. McMeley, CIPP-US
More informationENDPOINT SECURITY WHITE PAPER. Endpoint Security and the Case For Automated Sandboxing
WHITE PAPER Endpoint Security and the Case For Automated Sandboxing A World of Constant Threat We live in a world of constant threat. Every hour of every day in every country around the globe hackers are
More informationPCI DSS v3. Justin
PCI DSS v3 Justin Leapline justin.leapline@giftcards.com @jmleapline My Experience With PCI Just to lay the groundwork Currently work at Largest ecommerce in Pittsburgh My experience includes: QSA Acquirer
More informationWHITEPAPER. Protecting Against Account Takeover Based Attacks
WHITEPAPER Protecting Against Account Takeover Based Email Attacks Executive Summary The onslaught of targeted email attacks such as business email compromise, spear phishing, and ransomware continues
More informationSECURITY SERVICES SECURITY
SECURITY SERVICES SECURITY SOLUTION SUMMARY Computacenter helps organisations safeguard data, simplify compliance and enable users with holistic security solutions With users, data and devices dispersed
More informationAuthentication GUIDE. Frequently Asked QUES T ION S T OGETHER STRONGER
Email Authentication GUIDE Frequently Asked QUES T ION S T OGETHER STRONGER EMAIL AUTHENTICATION Marketers that use email for communication and transactional purposes should adopt and use identification
More information2018 Edition. Security and Compliance for Office 365
2018 Edition Security and Compliance for Office 365 [Proofpoint has] given us our time back to focus on the really evil stuff. CISO, Global 500 Manufacturer Like millions of businesses around the world,
More informationDMARC ADOPTION AMONG. SaaS 1000 Q Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok
DMARC ADOPTION AMONG SaaS 1000 Q1 2018 Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok TABLE OF CONTENTS Introduction... 03 Research Overview... 04 SaaS 1000... 05 DMARC Adoption Among SaaS
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationBut it Was Such a Little Phish February 2016 Webinar
But it Was Such a Little Phish February 2016 Webinar Firestorm Insights February 2016 1000 Holcomb Woods Parkway Suite 130 Roswell, GA 30076 770-643-1114 Fax: 1-800-418-9088 www.firestorm.com Page Intentionally
More informationToday s cyber threat landscape is evolving at a rate that is extremely aggressive,
Preparing for a Bad Day The importance of public-private partnerships in keeping our institutions safe and secure Thomas J. Harrington Today s cyber threat landscape is evolving at a rate that is extremely
More informationIPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions
IPS Effectiveness IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions An Intrusion Prevention System (IPS) is a critical layer of defense that helps you protect
More informationTHE RISE OF GLOBAL THREAT INTELLIGENCE
THE RISE OF GLOBAL THREAT INTELLIGENCE 1 THE RISE OF GLOBAL THREAT INTELLIGENCE IN THE DIGITAL BUSINESS WORLD In developing the Global Threat Intelligence Report (GTIR), the NTT Group security team used
More informationFraud Update: Why Fraudsters Love Wires and How to Stop Them. Luis Rojas, Director, Product Management WesPay 2014
Fraud Update: Why Fraudsters Love Wires and How to Stop Them Luis Rojas, Director, Product Management WesPay 2014 Competitive Pressures Drive Fraud and Operational Risk Availability Of Information Creates
More informationCYBERSECURITY SAVE YOUR BOTTOM LINE IBC Annual Convention Anne Benigsen, Bankers Bank of the West
CYBERSECURITY SAVE YOUR BOTTOM LINE I t s n o t a l l a b o u t m o n e y - r e a l l y 1 WHO AM I? 24 years in IT. 10 years in IS. 7 years in banking. Small business. Large business. Government. Entertainment
More informationNEXT GENERATION ENCRYPTION AND KEY MANAGEMENT MEDIA OVERVIEW
NEXT GENERATION ENCRYPTION AND KEY MANAGEMENT MEDIA OVERVIEW MEDIA OVERVIEW PKWARE is a global leader in business data security, providing encryption and compression solutions to more than 35,000 enterprise
More informationProactive Protection Against New and Emerging Threats. Solution Brief
Proactive Protection Against New and Emerging Threats Solution Brief Executive Summary With new and variant strains of malware emerging at an unprecedented rate, heuristic malware detection has become
More information