As this year is winding to a close with less than two months to go and the Christmas holiday season is really starting to get started. There are several cybersecurity threats that we have to continue to be aware of and protect ourselves against. Email continues to be the number one avenue that the bad actors use to launch attacks against businesses and us as individuals. Business email compromise has caused nearly 2.4 billion in business losses in 2021, accelerated in 22 and continues this year as well. Many of these are launched from spoofed emails that seem to be coming from a highly trusted source, like a company executive or partner company, and they typically ask the recipient for an urgent transfer of funds and rely on social engineering tactics to get their victims to act very quickly. Another popular method is used by bad actors is to send emails compromised with malware like ransomware. They require a quick action on the recipients part. With the increasing capabilities of AI and chat bots like ChatGPT and others, these emails are designed in such a way that it really encourages action by the recipient, and it's almost impossible to detect that the email is fake. The level and frequency of these attacks is growing rapidly because these days, an aspiring cybercriminal really doesn't have to have any computer skills or hacking skills at all, because on the dark web, they have access to cyberthreats and scamming as a service. They can purchase these exploits complete with sales support, technical support, and even guarantees that they'll be successful. These cybercriminal markets places provide a wide range of merchandise like sets of stolen credentials, credit card numbers, phone numbers, phishing kits and ready to go malware and other tools that really help to carry out bank fraud, ransomware attacks, phishing campaigns and more. The key to helping us fend off these growing cyber threats is regular cybersecurity awareness training.
