BEC and Fund Transfer Fraud Top Insurance Claims
Email-borne fraud accounted for more insurance claims than any other category in 2023, says Coalition
Stay secure with the latest email security updates, best practices, and threat alerts to protect your inbox and sensitive information.
Search across headline titles and summaries.
Background for this topic.
Email is a system for exchanging digital messages, typically using mail servers and clients over a network. In security, it includes both the messages and the accounts, servers, domains, and authentication mechanisms that handle them. Email commonly carries phishing links, malicious attachments, and fraudulent requests for payments or credentials; compromised accounts can also be used to impersonate trusted people and conduct further attacks.
Defenses include filtering and malware scanning, phishing-resistant multifactor authentication, careful handling of links and attachments, and monitoring for unusual login or sending activity. Domain controls such as SPF, DKIM, and DMARC help receiving systems detect messages that are forged or sent without authorization, while encryption protects message contents in transit or at rest when correctly implemented. Security teams should preserve relevant headers and mailbox activity so suspicious messages can be investigated, removed, and used to identify affected accounts and other recipients.
Email-borne fraud accounted for more insurance claims than any other category in 2023, says Coalition
KnowBe4's First Deal Since 2021 Brings AI-Based Email Protection, Training TogetherKnowBe4 purchased an email security provider founded by a Check Point veteran to offer AI-based email protection and training that's automatically tailored relative to risk. Acquiring Egress will help organizations prevent, protect and defend against sophisticated email cybersecurity threats.
Firewalls, VPNs and Email Filter Resist Endpoint ScanningState-sponsored hackers have responded to improved network scanning by shifting their focus to edge devices characterized by patchy endpoint detection and proprietary software that hinders forensic analysis, warns Mandiant. "Attackers are focusing more on evasion," it says in a report.