Multiple Experts On Puerto Rico $2.6M Phishing Scam


EXPERTS COMMENTS
Peter Goldstein, CTO and Co-founder,  Valimail
February 14, 2020
The FBI found that the cost of BEC attacks reached $26 billion over a three-year period.
Contrary to popular belief, phishing emails are not always easy to identify. They do not always contain obvious typos, broken English or clearly come from unknown senders. Cybercriminals have become adept at crafting emails that are difficult to discern from legit messages that recipients receive daily, and even though many organizations invest in employee email security training to prevent these ....
[Read More >>]
Mark Waggoner, Advanced Technical Engineer ,  LogRhythm Labs
February 14, 2020
It’s unfortunate to see incidents like this occur.
It’s unfortunate to see incidents like this occur, but there are certainly tactics that Puerto Rico — or any other entity that experiences a phishing event like this — can take to ensure that moving forward, they’re more protected. For example, implementing a policy that requires confirmation for transactions over X dollar amount either in-person or with other known contacts at the organiz ....
[Read More >>]
James Carder, Chief Information Security Officer & Vice President,  LogRhythm Labs
February 14, 2020
In addition, establishing formalized processes or systems used to manage the process of exchanging money can be helpful as well.
Unfortunately, this is one of the most common scams in the industry today. It takes advantage of unsuspecting individuals with great intentions, who are simply looking to follow through accordingly with what seems to be a legitimate request for action. To help prevent incidents like this moving forward, security awareness programs are a great help — especially programs that focus specifically ....
[Read More >>]
Greg Wendt, Executive Director ,  Appsian
February 14, 2020
Puerto Rico can gain comprehensive insights into user activity.
Sadly, state and local government agencies are common targets for phishing attacks. To reduce the risk of becoming a victim to further phishing emails, government agencies must implement an adaptive security strategy that provides dynamic user access control to highly sensitive data such as financials. A dynamic strategy would identify and restrict access from users coming from unknown networks or ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article