Listen to this blog post below
Here is a close examination of the latest email security news covering fraud emails, the Kroll cyberattack, the newest email scam in the Middle East, and emails impersonating Dallas Mayor.
Fraudulent Emails Can Easily Reach 84% of Leading Middle East Universities, Says Proofpoint
Cybersecurity leader Proofpoint has disclosed fresh research indicating that 84% of the Middle East’s top 100 universities lack fundamental email security measures.
The situation exposes students, staff, and partners to the risks of email impersonation attacks. The study, which scrutinized DMARC (Domain-based Message Authentication, Reporting, and Conformance) adoption, revealed that a mere 16% of these universities enforce the most secure “reject” level of DMARC protection.
That leaves 84% without proactive safeguards against fraudulent emails. However, 61% of universities have implemented essential DMARC protection, while the remaining 39% have no DMARC safeguard, making them vulnerable to domain impersonation by threat actors.
Cybersecurity expert Emile Abou Saleh of Proofpoint emphasized the urgent need for improved email security practices to counter cyber threats and safeguard sensitive institutional data.
Kroll Cyberattack Exposes Customer Data to Compromise
Kroll, a third-party entity managing creditor claims for distressed organizations and advising on cybersecurity, recently encountered a security breach.
Kroll confirmed that a staff member experienced a complex SIM-swapping attack through which malicious actors gained unauthorized access to files containing the personal data of bankruptcy claimants. The perpetrators targeted the employee’s T-Mobile account, activating the employee’s phone number on their device without Kroll’s authorization.
This breach affected the accounts of three cryptocurrency organizations, FTX, BlockFi, and Genesis, of which the first two acknowledged the incident. FTX took precautionary steps, temporarily freezing impacted user accounts within the claims portal. The breach did not compromise user passwords or client funds, as neither FTX nor BlockFi systems were directly penetrated.
With a surge in phishing emails to individuals linked to crypto organizations’ bankruptcy cases, Kroll has emphasized it never solicits passwords, birth dates, or Social Security Numbers (SSNs) via email, text, or phone. It collaborates with the FBI for a thorough investigation concerning the incident.
The Latest in Email Scams: From Bogus Cash Offers to Undelivered Packages and Beyond
Leading email scams targeting individuals across the Middle East have been unveiled. Fraudulent messages employ tactics such as promises of easy money, notifications about undelivered packages, and fabricated reports of suspicious account activity.
Kaspersky experts have spotlighted these perilous scam patterns in the Middle East-Türkiye-Africa (META) region. These scams employ diverse social engineering strategies to lure unsuspecting victims and steal their personal and financial information. Phishing remains the predominant social engineering method, aiming to deceive recipients into accessing malicious links or attachments.
The four outlined fraud emails adeptly mimic trustworthy sources to manipulate recipients into interacting with malicious content. They include tricking individuals into disclosing sensitive data through undelivered parcel links, exploiting fears with “urgent” KYC verification requests, creating concern with false email login alerts, and preying on greed through promises of free money.
To prevent fraud emails, Kaspersky recommends scrutinizing sender details, detecting typographical errors, utilizing spam filtering, employing reliable antivirus software, assessing emails before responding and confirming requests with relevant authorities.
Dallas Mayor Impersonation in Scam Email Triggers Police Advisory
Beware of a fraudulent email posing as Dallas Mayor Eric Johnson, urging recipients to invest money through a malicious link. The DPD (Dallas Police Department) has issued a warning after numerous reports revealed the scam’s attempt to target seniors.
If you receive such an email, you must register a complaint via dpd@dallascityhall.com or contact 214-671-3543 to counter the threat. If email access is unavailable, visit your local police station to report the incident officially.
If you fall victim to this email scam and experience financial loss, use the DPD Online Reporting System on their official website to submit a report promptly. Stay vigilant against such deceptive tactics and focus on email security best practices.