Cookie Preference Centre

Your Privacy
Strictly Necessary Cookies
Performance Cookies
Functional Cookies
Targeting Cookies

Your Privacy

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences, your device or used to make the site work as you expect it to. The information does not usually identify you directly, but it can give you a more personalized web experience. You can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, you should know that blocking some types of cookies may impact your experience on the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site may not work then.

Cookies used

ContactCenterWorld.com

Performance Cookies

These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site.

Cookies used

Google Analytics

Functional Cookies

These cookies allow the provision of enhance functionality and personalization, such as videos and live chats. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these functionalities may not function properly.

Cookies used

Twitter

Facebook

LinkedIn

Targeting Cookies

These cookies are set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant ads on other sites. They work by uniquely identifying your browser and device. If you do not allow these cookies, you will not experience our targeted advertising across different websites.

Cookies used

LinkedIn

This site uses cookies and other tracking technologies to assist with navigation and your ability to provide feedback, analyse your use of our products and services, assist with our promotional and marketing efforts, and provide content from third parties

[HIDE]

Here are some suggested Connections for you! - Log in to start networking.

MEMBER
Bill Quiseng
Chief Experience officer
112
MEMBER
Thamer Noori
Director of Industrial Security and Safety Dept.
72
MEMBER
Abdulaziz Aldahmash
Vice President Executive Of Quality and Customer Experience
0
MEMBER
Usaia Tukana
Frontline Trainer
10
MEMBER
Alanoud Alaswad
Passenger Experience Specialists
14

News : Scammers Access 50% of Compromised Accounts Within 12 Hours According to New Research

#contactcenterworld, @mrb_pr

Foster City, Calif. and London June 8, 2021 -- Agari by HelpSystems, a provider in phishing defense for the enterprise, unveiled the results of an investigation into the anatomy of compromised email accounts. The threat intelligence brief, titled Anatomy of a Compromised Account, showcases how threat actors use credential phishing sites to gather passwords, and what they do with them post-compromise.

The Agari Cyber Intelligence Division (ACID) completed a six-month investigation by seeding more than 8,000 phishing sites mimicking Microsoft Account, Microsoft Office 365, and Adobe Document Cloud login screens. After successfully submitting credentials, the team linked individual phishing attacks to specific actors and their post-compromise actions in order to better understand the lifecycle of the compromised account.

Specific stats uncovered in the extensive research include:

  • 91% of all accounts were manually accessed by threat actors within the first week
  • Half of compromised accounts were accessed within the first 12 hours
  • 23% of phishing sites used automated account validation techniques
  • Threat actors were located in 44 countries worldwide, with 47% in Nigeria

According to Agari, once attackers gained access to the compromised accounts, it became apparent that they wanted to identify high-value targets who have access to a company’s financial information or payment system so that they could send vendor email compromise scams more effectively. The accounts were also used for other purposes, including sending malicious emails and using the accounts to register for additional software from which to run their scams.

"Business email compromise or BEC remains the most prevalent threat in email security, and when cybercriminals gain access to legitimate email accounts, the problem is magnified," states Patrick Peterson, founder of Agari and executive strategy director at HelpSystems. "This research provides key insights into how cybercriminals use these accounts, and underscores the importance of securing your email environment against credential phishing attacks from the beginning."

In one instance, a threat actor used their compromised account to upload two financial documents to the associated OneDrive account—a rental balance sheet and wire instructions for their bank account. Based on the content of these documents, it’s likely that they were intended to be used as part of a BEC attack, presumably one impersonating the real estate investment trust and targeting the senior living community operator, trying to trick them into paying more than $200,000 in outstanding rent.

In another example, cybercriminals targeted employees at real estate or title companies in the U.S. with an email that appeared to come from an U.S.-based financial services company that offers title insurance for real estate transactions. When targets opened the email, they were encouraged to view a secure message, which sent them to a webpage mimicking the company’s actual homepage. From there, they were encouraged to view additional documents and enter their account information—leading to the compromise. This shows the self-fulfilling growth cycle where credential phishing attacks lead to compromised accounts, which lead to more credential phishing attacks and more compromised accounts, and so on.

"Without measures in place to protect against BEC and account takeover-based attacks, the problem will only continue," said Peterson. "The insight uncovered by the ACID team is a sobering reminder of the scale of the issue—compromised accounts lead to more compromised accounts, and only by preventing the first compromise can we suppress BEC at an early stage."

#contactcenterworld, @mrb_pr


About MRB PR:
Company LogoMRB PR is a public relations company.
Company RSS Feed   Company Facebook   Company Twitter   Company LinkedIn   Company Profile Page

Today's Tip of the Day - Motivation

Read today's tip or listen to it on podcast.

Published: Wednesday, June 9, 2021

Printer Friendly Version Printer friendly version

2024 Buyers Guide Visual Communications

 
1.) 
Premium Listing
SJS Solutions

Optymyse - Digital Employee Engagement
Optymyse is a completely new way to empower, engage, motivate and retain your contact centre, call center and helpdesk agents. Optymyse is a unique neuroscience-based approach which takes care of your most valuable asset - your people and is focussed on improving mental health, wellness, wellbeing, motivation, happiness and reducing stress in the workplace.


2.) 
TeamViewer

Co-Browsing Integration
Co-Browsing is the practice of web-browsing where two or more people are navigating through a website on the internet. Software designed to allow Co-Browsing focuses on providing a smooth experience as two or more users use their devices to browse your website. In other words, your customer can permit the agent to have partial access to his/ her screen in real-time.
 

NEXTGEN-TV

NEXTGEN-TV PROGRAMMING

NOW PLAYING
Starting on the hour every hour today

How Leading Telecoms Company Manages Social Media in the Contact Center
WATCH

Coming up this Week

My Role As A CX Champion In My Company
Jun 15

About us - in 60 seconds!

Submit Event

Upcoming Events

The 19th EMEA Annual Best Practices Conferences are here! Meeting Point for the World's Best Contact Center & CX Companies Read More...
 7788 
The 19th Asia Pacific Annual Best Practices Conferences are here! Meeting Point for the World's Best Contact Center & CX Companies Read More...
 7843 
The 19th World Final Annual Best Practices Conferences are here! Meeting Point for the World's Best Contact Center & CX Companies Read More...
 2768 

Newsletter Registration

Please check to agree to be placed on the eNewsletter mailing list.

Industry Champion Award Leaderboard

Most active award entrants in the past 48 hours! - Vote for Others / About Program
both ids empty
session userid =
session UserTempID =
session adminlevel =
session blnTempHelpChatShow =
CMS =
session cookie set = True
session page-view-total = 1
session page-view-total = 1
applicaiton blnAwardsClosed = True
session blnCompletedAwardInterestPopup = False
session blnCheckNewsletterInterestPopup =
session blnCompletedNewsletterInterestPopup =