Computer Security News and Insights
In January 2024, a finance employee at a multinational firm in Hong Kong wired $25.6 million to threat actors after a deepfake video call that started with a single phishing email. The attackers spoofed the company's CFO — and the employee never questioned it. That wire transfer began
In January 2024, a finance employee at a multinational firm in Hong Kong wired $25.6 million to threat actors after joining a video call where every other participant — including the company's CFO — was a deepfake. The attackers had spent weeks studying publicly available video of those executives,
In January 2024, a single phishing email led to the breach of roughly 26 billion records in what researchers dubbed the "Mother of All Breaches" — a compilation leak aggregating data from LinkedIn, Twitter, Dropbox, and dozens of other platforms. That staggering number puts something into sharp focus: every
In 2023, the FBI's Internet Crime Complaint Center reported that business email compromise accounted for $2.9 billion in adjusted losses — making it the single costliest category of cybercrime they track. Not ransomware. Not credit card fraud. Email scams where someone pretends to be your CEO, your vendor,
In January 2023, Reddit disclosed that an attacker had used a carefully crafted phishing email — targeting a specific employee with internal details about the company — to steal credentials and access internal systems. It wasn't a mass-blast scam. It was a precision strike. That's spear phishing in
The $47 Million Email That Fooled a Fortune 500 CFO In 2016, an Austrian aerospace company called FACC lost €42 million (roughly $47 million USD) because a threat actor impersonated the CEO in an email to the finance department. The message requested an urgent wire transfer for a fake acquisition
In February 2024, the FBI warned that threat actors stole over $10 billion through internet-enabled fraud in 2023 — and SMS-based phishing, commonly called smishing, was one of the fastest-growing attack vectors cited in the FBI IC3 annual report. If you think smishing is just a nuisance text from a fake
The Phone Call That Cost One Company $25 Million In early 2024, a finance worker at engineering firm Arup was tricked into transferring $25 million after receiving a video call that appeared to include the company's CFO and other colleagues — all deepfake recreations. The attack started with a
The Phone Call That Cost One Company $25 Million In early 2024, an employee at British engineering firm Arup joined a video call with what appeared to be the company's chief financial officer and several colleagues. Every face on the screen was a deepfake. The employee, convinced by
In September 2023, a teenager used a phone call to trick an MGM Resorts employee into resetting credentials. That single social engineering attack cost MGM an estimated $100 million. No malware exploit. No zero-day vulnerability. Just a convincing voice on the other end of a help desk line. If you
