Foster City, Calif. and London June 8, 2021 -- Agari by HelpSystems, a provider in phishing defense for the enterprise, unveiled the results of an investigation into the anatomy of compromised email accounts. The threat intelligence brief, titled Anatomy of a Compromised Account, showcases how threat actors use credential phishing sites to gather passwords, and what they do with them post-compromise.
The Agari Cyber Intelligence Division (ACID) completed a six-month investigation by seeding more than 8,000 phishing sites mimicking Microsoft Account, Microsoft Office 365, and Adobe Document Cloud login screens. After successfully submitting credentials, the team linked individual phishing attacks to specific actors and their post-compromise actions in order to better understand the lifecycle of the compromised account.
Specific stats uncovered in the extensive research include:
According to Agari, once attackers gained access to the compromised accounts, it became apparent that they wanted to identify high-value targets who have access to a company’s financial information or payment system so that they could send vendor email compromise scams more effectively. The accounts were also used for other purposes, including sending malicious emails and using the accounts to register for additional software from which to run their scams.
"Business email compromise or BEC remains the most prevalent threat in email security, and when cybercriminals gain access to legitimate email accounts, the problem is magnified," states Patrick Peterson, founder of Agari and executive strategy director at HelpSystems. "This research provides key insights into how cybercriminals use these accounts, and underscores the importance of securing your email environment against credential phishing attacks from the beginning."
In one instance, a threat actor used their compromised account to upload two financial documents to the associated OneDrive account—a rental balance sheet and wire instructions for their bank account. Based on the content of these documents, it’s likely that they were intended to be used as part of a BEC attack, presumably one impersonating the real estate investment trust and targeting the senior living community operator, trying to trick them into paying more than $200,000 in outstanding rent.
In another example, cybercriminals targeted employees at real estate or title companies in the U.S. with an email that appeared to come from an U.S.-based financial services company that offers title insurance for real estate transactions. When targets opened the email, they were encouraged to view a secure message, which sent them to a webpage mimicking the company’s actual homepage. From there, they were encouraged to view additional documents and enter their account information—leading to the compromise. This shows the self-fulfilling growth cycle where credential phishing attacks lead to compromised accounts, which lead to more credential phishing attacks and more compromised accounts, and so on.
"Without measures in place to protect against BEC and account takeover-based attacks, the problem will only continue," said Peterson. "The insight uncovered by the ACID team is a sobering reminder of the scale of the issue—compromised accounts lead to more compromised accounts, and only by preventing the first compromise can we suppress BEC at an early stage."
About MRB PR:
MRB PR is a public relations company.
Published: Wednesday, June 9, 2021
Aspect Workforce Management
Aspect Workforce Management is an award-winning, best-of-breed software solution for enterprise contact centers, designed to help managers accurately and easily forecast staffing requirements to ensure the right agents are available at the right times, across all customer-facing inbound, outbound, blended and back office resources. Taking into account factors such as skill levels, scheduling constraints, regulatory labor restrictions, demand and service level objectives, Aspect Workforce Management helps businesses achieve contact center SLAs at the lowest possible labor cost, while improving both agent engagement and the customer experience.
Agents can also manage their scheduling need...
Calabrio ONE offers contact centres the complete toolset to unlock the tremendous value buried within customer interaction data and use it to transform the entire business. One seamless solution combines a fully integrated workforce optimization suite with powerful voice-of-the-customer analytics tools deployed—in the cloud, on-premises, or in a hybrid environment.
Capture every customer interaction across all channels. Extract predictive and prescriptive insights. Elevate customer experiences, improve employee engagement and increase operational efficiency. Then, extend customer-centric strategies across the business to accelerate sales, drive innovation and move your business forward.
Eleveo WFM was designed to simplify scheduling, forecasting and adherence for commercial contact centers with 500 agents or less. The product is easy to use for supervisors who are not WFM experts, but provides value for scheduling, shift changes, schedule adherence and supports multi-channel and multi-skill requirements. Eleveo WFM was built using open source, cloud technologies but can be installed on premise, in a hybrid environment or hosted for you in AWS.
ethosIQ’s Business Process Outsourcer (BPO) Optimizer allows clients to manage their vendor contact center resources without requiring manual intervention through our manufacture-agnostic data collector processes. ethosIQ collects schedule and exception data, based on your desired parameters. Collection of data is transparent and doesn’t require intervention from either you or your vendor resource. You know your needs, and now you can manage those needs effectively, efficiently and effortlessly, using ethosIQ’s BPO Optimizer!
|5.)||Lieber & Associates|
Technology Consulting Services
Lieber & Associates provides consulting services to select, contract for, test, implement, and optimize workforce management systems. It's technology consultants have worked with all major systems and many smaller ones. Counsel is informed by several decades of WFM experience.
Agyletime Cloud Workforce Management
Agyletime is an enterprise grade true Cloud WFM and t is channel agnostic .
Its ease to Use , easier onboarding, forecasting and better scheduling.
You can integrate to CRMs such as SFDC, Zendesk, ServiceNow and others and to telephony systems such as AVAYA, CISCO, Genesys and other cloud telephony systems ; to independent Chat systems to aggregate data for WFM omnichannel forecasting, scheduling, optimisation and reporting.
Noble ShiftTrack WFM
Maximize the efficiency of your contact center and meet/exceed customer expectations with workforce engagement tools that help you accurately forecast workloads, match the right resources to your needs and keep agents motivated. More than just scheduling agents and tracking shifts, Noble’s ShiftTrack WEM solutions optimize labor costs, manage capacity more effectively and improve service levels.
SPEED & PLUS
The SPEED solution solves for service level issues while cost optimizing the environment with automation.
Provides an enhanced way to speed up & optimize invoking temporary agent skills configuration changes into the contact center environment.
Speed allows you to schedule both future changes & temporary changes that auto-revert back to the original state when scheduled time expires.
*Automated / Scheduled Temporary Agent Skills Configuration Management
*Immediate Temporary or Reoccurring Schedule Skills Configuration Changes
*Easy to Use/Operations Administration Focused
*Descriptive Monitoring Activity Dashboard
*Detailed “End to End’ Audit Trail and Perfor...
Track staff performance, capture meaningful feedback and deliver quality customer experiences using Phonestat. Our cloud based solution allows you to create simple scorecards to provide instant feedback and training to your staff.
There are powerful integrations to source interactions from anywhere and an open API to allow you to build your own.
VADS Workforce Management
VADS Workforme Magaement is a smart tools that gives connectivity to the workers while working remotely. An intelligent workforce management system that aims to improve operation efficiency with the end goal to provide first.
QPC WFM - Calabrio/Teleopti Specialism
QPC has a long and successful history of delivering tried and tested innovative workforce management systems, and the training and consultancy needed to ensure organisations can leverage the customer service and operational efficiency benefits workforce management principles and automated workforce management systems can deliver.