International Fraud Awareness Week has kicked off amidst an evolving and increasingly pernicious threat landscape.
In the U.S. alone, individuals and organizations lose more than $2 billion each year due to cyber fraud. In many cases, victims find themselves with no recourse from their banks or their insurance carriers.
Cyber criminals play on the emotions of their victims to trick them into providing account information or to change transfer information. Because social engineering requires an action by the victim, that intervening act generally absolves banks of liability under the Electronic Finds Transfer Act and disqualifies many from insurance coverage.
And the criminals are only becoming more clever in their efforts to bypass security controls. While anti-phishing tools provide protection from traditional phishing attacks, criminals are again attempting to compromise the weakest link in security: the human.
In a recent trend in phishing, criminals are using a simple trick. To access the embedded URL, victims are instructed to hold down the Ctrl key and click — a subtle yet highly effective action designed to evade email security scanners and automated detection tools. By asking for this human interaction, the attackers hope to bypass automated systems that don’t expect such a behavior in an attack.
/Passle/66b0def3aa4cc7d33a644d87/SearchServiceImages/2024-11-18-20-11-53-559-673b9f8925126ee9da0855a6.jpg)
/Passle/66b0def3aa4cc7d33a644d87/SearchServiceImages/2024-11-17-20-52-23-903-673a5787976ee296dda2eeac.jpg)
/Passle/66b0def3aa4cc7d33a644d87/SearchServiceImages/2024-11-05-04-03-31-740-67299913993885aa52c3f288.jpg)