Sign up to save your podcasts
Or
Share BEC: Homoglyphs, Drop Accounts, and CEO Fraud
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
BEC: Homoglyphs, Drop Accounts, and CEO Fraud
CCI: Cyber Crime Investigation. Another day, another email attack - something smells “phishy” in the network. *Slowly puts on sunglasses and flips up trench coat collar* Time to go to work.
Just how easy is it for someone to steal your credentials? Because once they’re stolen, and sold for pocket change, it’s open season. Homoglyphs, drop accounts, email forwarding… is it any wonder billions of dollars have been lost to BEC (business email compromise)?
Join hosts Nic Fillingham and Natalia Godyla for a fascinating conversation with Peter Anaman, Director and Principal Investigator of the CELA Digital Crimes Unit, as they unpack the cybercrime section of the Microsoft Digital Defense Report to see what these phishers are up to. Scott Christiansen joins us later in the show to recount his journey to security and his role as an Adjunct Professor for Bellevue University's Master of Science in Cybersecurity, along with some great advice for choosing security as a profession.
In This Episode, You Will Learn:
- The difference between consumer and enterprise phishing
- The types of people and professions that are usually targeted in cyber attacks
- How putting policies on backups and policies to protect the organization in place will help prevent digital crimes
- The four categories of the internet: the dark web, the surface web, the deep web, and the vetted web
Some Questions We Ask:
- What would an example of credential phishing look like?
- What is the end goal for phishers?
- How are phishing and business email compromise techniques leveraged during the pandemic?
- What patterns are being seen when it comes to credential phishing?
- How do you use ML to classify whether a bug is security-related or not?
Resources:
Microsoft Digital Defense Report
Peter’s LinkedIn
Scott’s LinkedIn
Microsoft Security Blog
Nic’s LinkedIn
Natalia’s LinkedIn
Related:
Listen to: Afternoon Cyber Tea with Ann Johnson
Listen to: Security Unlocked: CISO Series with Bret Arsenault
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.
Hosted on Acast. See acast.com/privacy for more information.
View all episodes
By Microsoft
4
5656 ratings
CCI: Cyber Crime Investigation. Another day, another email attack - something smells “phishy” in the network. *Slowly puts on sunglasses and flips up trench coat collar* Time to go to work.
Just how easy is it for someone to steal your credentials? Because once they’re stolen, and sold for pocket change, it’s open season. Homoglyphs, drop accounts, email forwarding… is it any wonder billions of dollars have been lost to BEC (business email compromise)?
Join hosts Nic Fillingham and Natalia Godyla for a fascinating conversation with Peter Anaman, Director and Principal Investigator of the CELA Digital Crimes Unit, as they unpack the cybercrime section of the Microsoft Digital Defense Report to see what these phishers are up to. Scott Christiansen joins us later in the show to recount his journey to security and his role as an Adjunct Professor for Bellevue University's Master of Science in Cybersecurity, along with some great advice for choosing security as a profession.
In This Episode, You Will Learn:
- The difference between consumer and enterprise phishing
- The types of people and professions that are usually targeted in cyber attacks
- How putting policies on backups and policies to protect the organization in place will help prevent digital crimes
- The four categories of the internet: the dark web, the surface web, the deep web, and the vetted web
Some Questions We Ask:
- What would an example of credential phishing look like?
- What is the end goal for phishers?
- How are phishing and business email compromise techniques leveraged during the pandemic?
- What patterns are being seen when it comes to credential phishing?
- How do you use ML to classify whether a bug is security-related or not?
Resources:
Microsoft Digital Defense Report
Peter’s LinkedIn
Scott’s LinkedIn
Microsoft Security Blog
Nic’s LinkedIn
Natalia’s LinkedIn
Related:
Listen to: Afternoon Cyber Tea with Ann Johnson
Listen to: Security Unlocked: CISO Series with Bret Arsenault
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.
Hosted on Acast. See acast.com/privacy for more information.