Finance phishing works because it sounds boringly normal

Finance departments process a constant stream of invoices, contracts, payment notices, and procurement emails, making email one of the most common initial access vectors for threat actors. According to Cofense, attackers exploit those workflows with phishing emails that resemble legitimate business correspondence rather than relying on urgency-based lures. Such phishing emails are also likely to bypass AI-based secure email gateways (SEGs) and other email security technologies. Threat actors understand that employees in financial services organizations … More

The post Finance phishing works because it sounds boringly normal appeared first on Help Net Security.

This article has been indexed from Help Net Security

Read the original article: