Hacker's King

OCTOBER 19, 2024

Data breaches, ransomware attacks, and phishing schemes have become common occurrences, affecting everything from small businesses to multinational corporations. Finance and Banking Financial institutions are prime targets for cyberattacks due to the sensitive nature of the data they hold. trillion annually.

Cybersecurity

Webroot

APRIL 22, 2025

Financial services industry: Banks, insurance companies and other financial organizations offer a wealth of opportunity for hackers who can use stolen bank account and credit card information for their own financial gain. They can open accounts in your name, apply for loans, and even file false tax returns.

Data breaches

Responsible Cyber

NOVEMBER 23, 2024

The healthcare sector has been particularly hard-hit, accounting for over 30% of the total breaches. Financial services have also faced significant incidents, with many institutions relying heavily on third-party technology partners to deliver essential services.

Risk

Thales Cloud Protection & Licensing

APRIL 22, 2025

As automated traffic accounts for more than half of all web activity, organizations face heightened risks from bad bots, which are becoming more prolific every day. Simple, high-volume attacks have soared, now accounting for 45% of all bot attacks, compared to only 40% in 2023.

Digital transformation

Zero Day

JUNE 22, 2025

Here's how to check if your accounts are at risk and what to do next. And while financial costs may be a factor, individual victims may face targeted phishing campaigns, social engineering schemes, identity theft, and damage to credit. In this scenario, there is not much you can do. 

Passwords

Jane Frankland

JULY 22, 2025

Heavy Reliance on Junior Staff To maximise profits, large firms staff projects with less-experienced professionals, keeping senior experts on high-value, revenue-generating accounts. Demand Transparency on Talent Enterprises should require security vendors to disclose the experience level of the consultants assigned to their accounts.

Risk

Centraleyes

MARCH 13, 2025

If you’re part of the financial services ecosystem hereor interact with businesses regulated by the New York State Department of Financial Servicesyouve likely come across the NYDFS Cybersecurity Regulation. phishing attacks), and their specific roles in protecting sensitive information.

Cybersecurity

Thales Cloud Protection & Licensing

OCTOBER 16, 2024

According to Imperva’s State of API Security in 2024 report, APIs—the rules allowing software applications to communicate with each other—now account for a staggering 71% of internet traffic. Individuals risk identity theft, financial loss, and privacy violations. The result?

DDOS

Centraleyes

MARCH 20, 2025

You might notice a surge of failed attempts targeting specific accounts or regions at certain times of the day. Supply Chain Risk Monitoring: A financial services firm tracked vendor vulnerabilities through a visualization platform, flagging suppliers with outdated software.

Cyber Attacks

Zero Day

JUNE 20, 2025

Here's how to check if your accounts are at risk and what to do next. And while financial costs may be a factor, individual victims may face targeted phishing campaigns, social engineering schemes, identity theft, and damage to credit. Close Home Tech Security Heard about the 16 billion passwords leak?

Passwords

Centraleyes

MARCH 3, 2025

The New York Department of Financial Services (DFS) Cybersecurity Regulation, introduced in 2017, was groundbreaking, setting a high bar for financial institutions. Account numbers or credit/debit card numbers that could enable unauthorized transactionseven without a security code. fingerprints, retina scans).

Data breaches

Webroot

OCTOBER 31, 2024

The rise of AI-driven phishing and social engineering, increased targeting of critical infrastructure, and the emergence of more sophisticated fileless malware are all trends that have shaped the cybersecurity battlefield this year. By August 2024, RansomHub had breached at least 210 victims across various critical U.S.

Malware

eSecurity Planet

MAY 8, 2025

A powerful new phishing campaign is flooding Japanese email inboxes. According to reports by cybersecurity firm Proofpoint, a cybercrime tool known as CoGUI was used to send over 580 million phishing emails between January and April 2025. Some examples include: To protect your account, please update your account.

Phishing

Krebs on Security

OCTOBER 7, 2022

consumers have their online bank accounts hijacked and plundered by hackers, U.S. financial institutions are legally obligated to reverse any unauthorized transactions as long as the victim reports the fraud in a timely manner. The first question asks, Did the request actually come from an authorized owner or signer on the account?

Banking

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. com — which was created to phish U.S.

Malware

The Hacker News

OCTOBER 9, 2023

-based organizations are being targeted by a new phishing campaign that leverages a popular adversary-in-the-middle (AiTM) phishing toolkit named EvilProxy to conduct credential harvesting and account takeover attacks.

Phishing

The Hacker News

JUNE 13, 2024

Threat actors linked to North Korea have accounted for one-third of all the phishing activity targeting Brazil since 2020, as the country's emergence as an influential power has drawn the attention of cyber espionage groups.

Phishing

Krebs on Security

NOVEMBER 19, 2021

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle , a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family.

Scams

Security Affairs

APRIL 30, 2020

Group-IB uncovered a new sophisticated phishing campaign, tracked as PerSwaysion, against high-level executives of more than 150 companies worldwide. . ybercriminals behind the PerSwaysion campaign gained access to many confidential corporate MS Office365 emails of mainly financial service companies, law firms, and real estate groups.

Phishing

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. An ad for the OTP interception service/bot “SMSRanger.”

Passwords

Hacker Combat

SEPTEMBER 6, 2021

Hackers took advantage of the mishap to gain unauthorized access to email accounts and lots of customer’s data was exposed. Investment Research Advisors and Investment Research from Cambridge Investment were affected, as well as KMS, a registered financial services provider based in Seattle. .

Accountability

Dark Reading

DECEMBER 7, 2020

A well-organized email spoofing campaign has been seen targeting financial services, insurance, healthcare, manufacturing, utilities, and telecom.

Accountability

Heimadal Security

OCTOBER 25, 2023

Threat actors use EvilProxy phishing-as-a-service (PhaaS) toolkit to target senior executives in the U.S. in massive phishing campaigns. EvilProxy is an adversary-in-the-middle (AiTM) PhaaS designed to steal credentials and take over accounts.

Phishing

SC Magazine

MAY 6, 2021

Researchers on Thursday reported that despite a 50% increase in mobile device management (MDM) adoption during the past year, average quarterly exposure to phishing attacks on mobile devices in the financial sector rose by 125% – and malware and app risk exposure increased by more than five times.

Mobile

Security Affairs

MAY 10, 2022

“Frappo” acts as a Phishing-as-a-Service and enables cybercriminals the ability to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online-services to steal customer data.

Phishing

Security Affairs

APRIL 16, 2023

Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. The phishing attacks began in February 2023, the IT giant reported. Ahead of the U.S.

Accountability

SecureList

FEBRUARY 9, 2022

Our Anti-Phishing system blocked 253 365 212 phishing links. Safe Messaging blocked 341 954 attempts to follow phishing links in messengers. The subject of investments gained significant relevance in 2021, with banks and other organizations actively promoting investment and brokerage accounts. Trends of the year.

Phishing

The Last Watchdog

JULY 7, 2021

Credential stuffing is a type of advanced brute force hacking that leverages software automation to insert stolen usernames and passwords into web page forms, at scale, until the attacker gains access to a targeted account. Some deep, structural flaws persist in the way we use our web browsers and mobile apps to access online accounts.

Accountability

Hot for Security

MARCH 22, 2021

Security researchers have identified a new Microsoft 365 spoofing campaign that targets specific people in companies, trying to compromise peoples’ accounts such as C-suite executives and other essential positions from the retail, insurance and financial services industries.

Phishing

Security Affairs

AUGUST 16, 2023

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. “Beginning in May 2023, Cofense has observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries.” com (Cloudflare’s Web3 services).

Phishing

Cisco Security

MARCH 23, 2021

This is what we covered in part one of this Threat Trends release on DNS Security, using data from Cisco Umbrella , our cloud-native security service. For example, those in the financial services industry may see more activity around information stealers; others in manufacturing may be more likely to encounter ransomware.

DNS

Thales Cloud Protection & Licensing

AUGUST 31, 2022

Financial services continue to lead in cybersecurity preparedness, but chinks appear in the armor. It highlights the leadership of financial services in cybersecurity relative to other industries, but it also uncovers some surprising chinks in their cybersecurity armor. Thu, 09/01/2022 - 05:15.

Financial Services

Adam Levin

NOVEMBER 17, 2020

Credit cards offer markedly better fraud protections than debit cards , which connect directly to your bank account. Virtual credit cards similarly allow online shoppers to mask their financial accounts. Many financial institutions offer free transaction alerts that notify you when charges hit your account.

Scams

The Last Watchdog

MAY 24, 2021

billion hitting financial services organizations — an increase of more than 45 percent year-over-year in that sector. billion web app attacks last year, with more than 736 million targeting financial services. billion web attacks globally; 736 million in the financial services sector. A: Everything.

Financial Services

The Last Watchdog

DECEMBER 21, 2021

Some 11,800 computer software companies, 10,000 IT services vendors, 5,500 health care organizations and 3,200 financial services firms continue to maintain on-premises Exchange email servers, according to this report from Enlyft. Best practices a must. At the moment, ransomware attacks are front and center.

Financial Services

SecureList

FEBRUARY 23, 2022

The research in this report is a continuation of our previous annual financial threat reports ( 2018 , 2019 and 2020 ), providing an overview of the latest trends and key events across the threat landscape. The term is also used to describe malware seeking access to financial organizations’ IT infrastructures. Financial Phishing.

Banking

Malwarebytes

AUGUST 21, 2024

” Toyota and Toyota Financial Services have suffered several breaches in the past, so it’s hard to tell where and when the information was obtained more precisely. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.

Passwords