Cyber scams hit hard: Deepfake video fraud costs $25M! | CybSec Wizard

Cyber Security Wizard

Wizardry for Cyber

Cyber Security Wizard

TLDR:

A multinational firm lost $25 million after an employee fell for a deepfake video scam. The employee, who worked in the finance department, received an email setting up a video call that appeared to be from the company’s chief financial officer (CFO). During the call, the employee was convinced to wire the money to the scammers. This incident highlights the need for companies to train staff to independently verify money transfer requests, especially for large amounts. In another scam, fake calls sounding like President Joe Biden telling New Hampshire voters not to vote were linked to two Texas companies, and cease and desist orders have been issued. In addition, C-suite executives are 42 times more likely than ordinary employees to receive QR code attacks, according to a report by Abnormal Security. Furthermore, researchers at Trustwave warn that job ads on Facebook are being used to spread malware that steals data from victims’ computers.

Key points:

A company lost $25 million after an employee fell for a deepfake video scam, highlighting the need for better training to independently verify money transfer requests.
Scammers created fake calls sounding like President Joe Biden telling New Hampshire voters not to vote, which have been linked to two Texas companies. Cease and desist orders have been issued.
C-suite executives are 42 times more likely to receive QR code attacks compared to ordinary employees.
Facebook job ads are spreading malware that steals data from victims’ computers.

A multinational firm lost $25 million after an employee fell for a deepfake video scam. The employee, who worked in the finance department, received an email setting up a video call that appeared to be from the company’s chief financial officer (CFO). During the call, the employee was convinced to wire the money to the scammers. This incident highlights the need for companies to train staff to independently verify money transfer requests, especially for large amounts. In another scam, fake calls sounding like President Joe Biden telling New Hampshire voters not to vote were linked to two Texas companies, and cease and desist orders have been issued. In addition, C-suite executives are 42 times more likely than ordinary employees to receive QR code attacks, according to a report by Abnormal Security. Furthermore, researchers at Trustwave warn that job ads on Facebook are being used to spread malware that steals data from victims’ computers.

Post Views: 107

Adrian Johnson

Latest from Blog

Moody’s: Cyber insurance competition rises, prices fall

Moody’s Ratings: Cyber Insurance Competition Up, Prices Down TLDR: Cyber insurance market poised for growth due to increased demand. New players entering the market may decrease premiums. Article Summary The cyber insurance

Syxsense acquires Absolute to beat cyber vulnerabilities with strength

TLDR: Absolute Security has acquired Syxsense to enhance its cyber resilience platform. The acquisition will simplify patching and remediation issues through automation. Article Summary: Absolute Security has acquired Syxsense to improve its

Apache’s OFBiz gets new fix for RCE exploits

TLDR: Apache released a security update for OFBiz to patch vulnerabilities, including a bypass of patches for two exploited flaws. The bypass, tracked as CVE-2024-45195, allows unauthenticated remote attackers to execute code

Feds caution: Russia-linked CVE threats target essential infrastructure

TLDR: Threat groups linked to Russia’s military intelligence service are targeting critical infrastructure in various sectors. The attackers have defaced websites, scanned infrastructure, and leaked stolen data. Summary: Federal authorities in the

Allies blame Russian military for destructive cyber-attacks

TLDR: US and allies accuse Russian military of launching cyber-attacks targeting critical infrastructure for espionage and sabotage purposes. Unit 29155, a cyber group affiliated with the Russian military, is responsible for deploying

Brazil bans X, and Tom Alcock on cybersecurity talent hunt

TLDR: Key Points: Brazil banned X (Twitter) due to misinformation during the presidential election. Tom Alcock, founder of Code Red Partners, discussed the importance of cybersecurity talent recruitment beyond traditional methods. In

Palo Alto Networks acquires IBM’s QRadar Assets in SIEM victory

Article Summary TLDR: Palo Alto Networks has acquired IBM’s QRadar SaaS assets to enhance its cybersecurity capabilities. The integration of QRadar’s assets into Palo Alto Networks’ Cortex XSIAM platform will lead to

NIST CSF 20: Secure your cyber world with confidence framework

TLDR: NIST has released Version 2.0 of its Cybersecurity Framework (CSF) with an enhanced focus on Privileged Access Management (PAM) and Identity & Access Management (IAM). Key updates in NIST CSF 2.0

NSFOCUS launches digital shield for superior cyber defense capabilities

TLDR: NSFOCUS has introduced a Digital Risk Protection Service (DRPS) to protect against evolving threats like fraud and data breaches in the digital landscape. The service offers features such as monitoring for

Russian military hackers behind US attacks according to NSA Report

TLDR: A recent NSA report has attributed U.S. cyber attacks since 2020 to Russian military hackers. The hackers are affiliated with the Russian Unit 29155 and have targeted critical infrastructure globally. Summary: