Key Findings from 2018 Email Phishing Analysis

March 13, 2019 | 21 views

In 2018, the Brown Smith Wallace Cybersecurity team sent more than 7,000 phishing emails as part of their phishing exercises. See the results those emails generated and learn more about email phishing in the infographic below.

Spotlight

Entech

Entech is a global provider of software, integration, and resource management solutions based on the Continuous Engagement model – a holistic model for customer centered business processes and technologies.

OTHER ARTICLES
AI TECH

Natural Language Processing: An Advanced Implementation of AI

Article | June 24, 2022

Natural Language Processing, also known as computational linguistics or NLP, is a branch of Artificial Intelligence (AI), Machine Learning (ML), and linguistics. It is a subfield of AI that enables computers or machines to understand, manipulate, and interpret human language. Simply put, natural language is the natural method by which humans communicate with one another. We have now trained computers to interpret natural language. Communicating with computers has become simpler with voice queries such as "Alexa, what's the news today?" or "Ok Google, play my favorite songs." Similarly, when you ask Siri, Apple's voice assistant, "What is the cheapest flight to New York later today?" It instantly searches airline and travel websites for flights from the user's location to New York. It also compares the prices and lists the one with the lowest fare first. So, even without specifying a date or the "lowest fare", Siri understands the inquiry and returns accurate results. This is the result of NLP in action. Natural Language Processing: Business Applications Natural language processing has a variety of applications, some of them are listed below. Summarize text blocks to extract the most relevant and core concepts while excluding unnecessary information. Develop a chatbot that makes use of Point-of-Speech tagging to enhance customer support. Chatbots are AI systems that use NLP to engage with people through text or voice. Determine the type of extracted entity, such as a person, location, or organization. Sentiment Analysis can be used to recognize the sentiment or emotions of a text string, ranging from highly negative to neutral to very positive. HR teams can utilize NLP-based solutions to scan resumes based on keyword synonyms and swiftly shortlist candidates from a pile of resumes. Extracting Text data from the data storage allows in extracting specific information from text. Text can be broken down into tokens, or words can be reduced to their root or stem. Topic categorization helps users organize unstructured text. It's a great way for businesses to obtain insights from customer feedback. How Can Businesses Prepare for the NLP-Powered Future? NLP has evolved tremendously, and has benefited both companies and consumers. NLP technologies are assisting businesses to better understand how consumers perceive them through channels such as emails, product reviews, social media postings, surveys, and more. AI technologies can be used not just to analyze online interactions and how people speak about companies but also to automate tedious and time-consuming operations, enhance productivity, and free up staff to concentrate on more meaningful duties. When it comes to NLP the sky is the limit. As NLP technology is becoming more prevalent and greater advancements in ability are explored, the future will witness enormous shifts. Here are some of the ways in which businesses can prepare for the future of NLP. Analyze your company's text data assets and evaluate how the most recent techniques can be used to add value. Understand how you can use AI-powered language technology to make wiser decisions or rearrange your skilled labor. Start implementing new language-based AI tools for a range of jobs in order to better understand their potential. Prepare now to capitalize on transformative AI and to make sure that advanced AI contributes to society fairly. Closing Note Thanks to natural language processing technology, conversational commands and everything related to conversational AI in businesses have become faster and better. Natural language processing helps large businesses make flexible choices by revealing consumer moods and market movements. Smart companies now make decisions based not only on data but also on the intelligence derived from NLP-powered system data.

Read More
FUTURE TECH

Augmented Reality: A Dynamic Change to Enhance Your Business

Article | March 21, 2022

Meta Description: Evaluating the impact of augmented reality in business ROI, while also understanding how CMOs leverage AR effectively in their marketing mix. While several technological advancements have been aiding in improving lifestyle, they have also been making drastic impacts on the business front. Over several years now, the world has seen various exposure to augmented reality. The usage of Augmented Reality for business has effectively transformed the technology from an entertainment concept to a crucial enterprise tool. According to Statista, 23 million jobs across the globe could be directly affected by AR and VR by 2030, and over 824,000 of those jobs are currently using these technologies in their workplace. Impact of Augmented Reality on Business In simple terms, Augmented Reality (AR) is a computer-generated enhancement that is placed over the existing reality we see with our human eyes. It offers the option to add dimension, sound and other experiences to any two-dimensional picture or video. Even when this might seem like something complex to be implemented in business, it isn't as challenging as it looks. With each passing year, AR has effectively been penetrating deeper into businesses, making a drastic impact on various functioning. Marketers have effectively been integrating the use of AR into their marketing strategies, and it has grown overall in the mainstream business functioning by being readily available for users to leverage. Industries That Should Leverage Augmented Reality Technology Uses of Augmented Reality is a prospect that business owners across multiple industries leverage to their advantage. While the core idea is to use the technology to aid and improve human performance, the industries that effectively utilize this resource are: Healthcare Education Travel and Tourism Manufacturing Defense Automotive Industry Retail How Seamless Integration of AR Can Impact Your ROI? Facebook said in March 2021 that it had allocated a complete 20% of its personnel to AR and VR development. That is a really massive investment by a corporation that has built a reputation for wisely investing in monetization and focused on creating bottom-line results. Augmented reality is on the path to becoming the next most significant development in an array of industries, ranging from medical to consumer retail. With the nature of augmented reality technology being highly dynamic, it is essential to have a successful strategy that ensures the integration of AR solutions that provide accurate and tangible results that align with the audience. Additionally, uses of augmented reality in business have also been capable of creating more meaningful engagement with customers. For the first time, new forms have made interaction real and measurable. As a result, brands may see precisely how many people engage with their collateral, how many times and where, for how long, and which direct actions they took: purchase, discount coupon, or social shares, for example, by leveraging IR/AR to turbo-charge paid media. "I do think that a significant portion of the population of developed countries, and eventually all countries, will have AR experiences every day, almost like eating three meals a day, it will become that much a part of you." Tim Cook, Chief Executive Officer of Apple Future of Your Business with AR Integration While augmented reality in business is becoming a crucial component for businesses these days and will revolutionize the future of business. According to Global Market Insights, the global market for AR goods will rise by 80% to £165 billion by 2024. The rise of the AR industry is closely tied to increased attention and investments from leading technology firms such as Facebook. Overall, the augmented reality technology market will develop at the fastest rate by 2023, primarily to the growing usage of smartphones, tablets, and other devices in consumer, commercial, and business settings to adopt AR technology. Furthermore, with the rising need for augmented reality in healthcare and retail, there are a plethora of new prospects and rising demand for augmented reality in architecture and the corporate sector. How Are CMOs Leveraging AR for Their Marketing Mix? Several top executives and leading CMOs are leveraging the benefits of augmented reality to expand the engagement, awareness and value around their services and products. In addition, numerous organizations from different industries and of various sizes in the B2C and B2B space are now using augmented reality technology to differentiate their product and services by effectively implementing AR strategies in their marketing mix. With a game-changing armor in their arsenal in the form of augmented reality, marketing executives trying to promote and sell more successfully can hence perform better, with purchasing experience becoming the new focal point. Conclusion Augmented reality in business is a prospect that offers a massive opportunity to engage with millions of users effectively. AR offers executives to ideally establish an immediate and sensory-driven connection of the brand with consumers by forging an emotional interaction. Repetitive engagement is a successful advertising approach for companies since it only requires AR app development expenditures, and additional benefits may be gained via repeated exposure. In the ever-dynamic state of our current existence, leveraging the benefits of augmented reality can come handy in elevating your business to the next level. FAQs How Can Customers and Businesses Benefit from AR? AR effectively increases engagement and interaction and helps provide a richer user experience. Several research has shown that AR increases the value of products and brands. Implementing AR activities is ideal and conveys innovation and responsiveness from forward-thinking brands. How Does AR Help Organizations Gain a Competitive Advantage? Augmented reality allows the organization to create a unique customer experience while also eliminating cognitive overload. It also ensures that user engagement heightens along with competitive differentiation. AR, after all, is a technology that enables a pure blending of physical and digital reality. How Will the Use of AR Technology Impact the Future of Business Functioning? Augmented reality is constantly evolving to become an emerging marketing and sales strategy trend. AR technologies allow organizations to provide their customers a unique experience with convenience by tapping into their smartphone devices.

Read More
SOFTWARE

How Does IT Vendor Selection and Management Work?

Article | May 4, 2022

What Is the Importance of IT Vendor Selection and Management? Ideally, the IT vendor management process is an umbrella term for all the processes and systems organizations use to manage their IT suppliers. This is where an organization works with vendors to optimize its supplies and services. There could be several vendors an organization is associated with for unique services and offers. With proper vendor management, an organization can take appropriate measures to control costs, reduce potential risks, and ensure excellent service delivery. But the catch here is that it isn't as easy as it sounds. This includes researching the best available vendor, sourcing and obtaining pricing information, gauging the quality of work, managing relationships, and evaluating performance by setting organizational standards. Most Common Challenges in Vendor Management Even though there are many benefits, organizations face certain challenges during IT vendor selection and their management. Some of these most common challenges are mentioned below: High administrative costs Incomplete documentation Non-compliance Poor vendor relationships Security breaches Supply chain inefficiencies While there were some nuanced changes in the selections between various businesses, both large and small, the results indicate that organizations often face the same challenges no matter where they’re coming from. How Do IT Vendor Selection and Management Help an Organization? In contemporary times, with geographical and economic barriers constantly diminishing, organizations look for different types of vendors worldwide. Even if the organization is working with just one vendor, it is essential to have effective vendor management in place. With proper vendor management, an organization can experience the following benefits: Better Selection With the right vendor, your organization can benefit from a more extensive selection of vendors, resulting in more choices and better costs. Better Contract Management If there is multi-vendor management in place, your organization can benefit from a centralized view of the current status of all contracts and other useful information. This will enable your organization to achieve better decision-making capabilities. Better Performance Management Using a vendor management system, an organization can get an integrated view of the performance of all the vendors. This would give your organization a clear understanding of what is working and what is not. Better Vendor Relationship Managing multiple vendors at the same time can be a difficult task. By accumulating all vendor-related information in a single place, organizations benefit from getting all required information at once, and this can influence your decision-making process. Exploring the Ideal Process of IT Vendor Selection In a world where we are constantly progressing with increasing IT specialization, organizations must be able to rely on their partners. There are some specific steps that an organization can take up to make the whole IT vendor selection process more successful. The six-step process of ideal IT vendor selection: Kick-off and requirement definition Market research and first vendor filtering Request for proposal Evaluating responses Proof of concept Choosing the vendor There are also some common mistakes that organizations make while selecting their vendor. Some of these common errors are listed below: Not evaluating the vendor and only their offerings Communication indiscretion Not comparing vendors or similar stature Today, outsourcing is increasingly used by companies as an enabler for innovation. Technological advancements drive improvements in service delivery, which positively impact cost, enhance functionality, improve service quality, and reduce the importance of location on service delivery. Disruptive technologies like cloud computing enable solutions such as Salesforce.com or ServiceNow to accelerate speed to value and drive business growth. This leads to a change from the traditional IT organization to the next generation IT organization. The operating model needs more agility to respond faster and at different speeds to new service offerings. Outsourcing models have reached their third generation and involve a multi-vendor environment, requiring more transparency and integrated vendor management. Best Techniques to Improve Vendor Management The vendor management process is a crucial component for any organization, as it allows them to build a relationship with their suppliers and service providers that would help strengthen their business. Vendor management is not only about negotiating the price; the most essential aspect is coming to a conclusion that would mutually aid both organizations. Some effective techniques that can be utilized for effective IT vendor management are: Share information and priorities Balance commitment and competition Allow critical vendors to help you strategize Build partnerships that would last long term Try to understand your vendor's business process Negotiate and conclude with a win-win agreement Come together on value Conclusion Ideally speaking, vendor selection and managing that relationship can sometimes be challenging. Once you follow the process mentioned above to select the right vendor for your organization, the steps ahead will get a little easier. However, there is still the process of managing and building that relationship with the vendor. "The objective of vendor management is to fortify company success and overall marketplace performance." - Sean-Michael Callahan, Principal at The NiVACK Group. FAQ What Is Vendor Management in the IT Sector? The process that allows organizations to control costs, strengthen service, and reduce risks throughout the process of outsourcing to vendors while getting the most value from the investment is called vendor management in the IT sector. What Is a Vendor Selection Process? The vendor selection process is a subsidiary stage that allows for the clear stating, defining, and approval of those vendors who are eligible to meet the requirements of the procurement process. What Is the Role of Vendor Management? The vendor management process ideally facilitates and maintains relationships between your organization and vendors, negotiating contracts, creating standards for the vendors, and finding the best available vendors.

Read More
SOFTWARE

How SAAS Is Redefining Software Industry

Article | April 21, 2022

Software-as-a-Service (SAAS) has been a trending topic in the tech field in recent times. The success of the cloud has accelerated the demand for software delivery from on-premises to cloud-based. Start-ups are in a rush for SAAS transformation, delivering the very same solution over the internet. From Google Docs and Sheets to enterprise-level software, SAAS has established a foothold in every sector. With the oncoming of SAAS, the perception of computer software has changed. In this article, we will take a look at how SAAS is redefining and transforming the software industry. Better Accessibility Any software that is preferred to have better and centralized availability is preferred. Better availability is one of the factors that makes SAAS stand out. With centralized availability of both applications and data, users will have a hassle-free experience – with zero installation overheads and no commitments to carry in any device and data. SAAS is accessible from anywhere around the world on any device. There is a big advantage to SAAS over traditional software, which can only be used on a specific device. Ease of Upgrade To ensure continued security and access to new features, software releases are followed by updates and upgrades, which, once issued, become the sole responsibility of the user to install. A hassle-free upgrade makes SAAS the solution to be chosen. All updates and upgrades are performed on the server side, ensuring no downtime and minimal installation troubles. Moreover, most users do not take the updates and upgrades into account due to their delay in installation and trouble setting up. In this aspect, SAAS enables providers to better serve their users by ensuring they are using the latest releases and fixes. Zero Hardware Upgrades As time moves on, software demands higher resources for it to work smoothly. Zero hardware upgrades will bring a new and better user experience. All the hardware configurations will be managed at the cloud level, with no changes required on the client-side. A large increase in resources might have an influence on the subscription cost, but it is a better alternative to requesting end-users larger hardware. This will be a beneficial aspect for resource-heavy applications like graphics and design-related applications. Thus, a major part of configuration at the hardware and software levels (drivers) is abstracted from the users. Better Security and Protection from Piracy Traditional on-premise software is always vulnerable to cracking and piracy. With SAAS tools and software, there will be no piracy, and increasing security can be feasible. SAAS works on a subscription model where the purchase of the software is tied to a user account, and a fee is paid monthly or yearly to use the software. On-premise software is subject to reverse engineering, where the activation system is tampered with, and the software can be used for free. Similarly, data has better security in the cloud with continuous encryption and backup than on an on-premise system, wherein the data security and backup require user effort as well. Zero Compatibility Issues Software programs are subject to compatibility requirements where the OS or certain dependencies might not support a specific piece of software. With SAAS, there are no more compatibility-related conflicts since the OS and other dependencies and resources are managed by the provider itself. End-users need not comply with any compatibility requirements for the software to work. This aspect also provides users an advantage in terms of storage. The application and its dependencies usually take up a large amount of space. SAAS takes care of dependencies on the server end. Better Team Collaboration SAAS is an option that proves better for collaboration-based teams. Software delivery over the network comes with an account linked to it for sign-in and collaboration. Teams that work together can get better benefits when using SAAS tools since they enable sharing and collaboration on work items. Traditional software has limited or no collaboration capabilities, thus limiting productivity. SaaS can also keep data in sync on a number of devices, giving users a real-time experience.

Read More

Spotlight

Entech

Entech is a global provider of software, integration, and resource management solutions based on the Continuous Engagement model – a holistic model for customer centered business processes and technologies.

Related News

Phishing, Humans Root of Most Healthcare Attacks

Infosecurity Magazine | February 12, 2019

Across healthcare organizations in the US, malicious actors are successfully leveraging phishing attacks to initially gain access to networks, according to findings from the 2019 HIMSS Cybersecurity Survey published by the Healthcare Information and Management Systems Society (HIMSS). The study, which surveyed 166 qualified information security leaders from November to December 2018, found that there are particular patterns of cybersecurity threats and experiences distinctive to healthcare organizations. “Significant security incidents are a near universal experience in US healthcare organizations with many of the incidents initiated by bad actors, leveraging email as a means to compromise the integrity of their targets,” the survey said. Nearly half (48%) of all respondents identified two different categories of major threat actors, which included online scam artists (28%) and negligent insiders (20%). The hospitals that participated in the survey said that when looking at the security incidents that occurred in the last 12 months, the initial point of compromise for 69% of the attacks was the result of phishing emails. Not all healthcare organizations are hospitals, though. Among all the survey participant, 59% said that the most commonly cited point of compromise was email and 25% were human error. “There are certain responses that are not necessarily 'bad' cybersecurity practices, but may be an 'early warning signal' about potential complacency seeping into the organization’s information security practices,” the report said.

Read More

Netcraft Launches Anti-Phishing Mobile App

SecurityWeek | January 28, 2019

UK-based cybersecurity services provider Netcraft on Monday announced the launch of a new mobile application designed to protect users against phishing and other threats. Netcraft has pointed out that the mobile versions of popular web browsers don’t provide the same level of protection against phishing attacks as the desktop versions. According to the company, a study it carried out last year showed that browsers running on Android and iOS devices blocked a “tiny fraction” of the malicious sites blocked by their desktop versions. The app it has developed, named Netcraft Phishing and Malware Protection, is designed to prevent users from accessing malicious websites based on data from the company’s anti-phishing feed. Launched in 2005, Netcraft’s anti-phishing system is powered by a database of more than 56 million unique phishing websites. The database, which is constantly growing based on reports from its users, is utilized by all major web browsers and licensed by many companies specializing in security, content filtering, and web hosting. The new mobile app works with several browsers, including Chrome, Firefox, Opera, Edge, UC, and the Samsung browser. Additionally, it protects users against threats in the Facebook, Instagram, Messenger, Twitter, Snapchat, Slack, Reddit and other apps. The application is designed to block phishing and malware sites when users browse the web, and alerts the user when a phishing URL is detected in an SMS message. Users are provided information on the number of blocked threats.

Read More

Amazon Order Confirmation Phishing Scam

Infosecurity Magazine | December 24, 2018

All those who have relied upon the e-commerce giant Amazon to order their holiday gifts should heed caution when receiving order confirmation emails, as EdgeWave reportedly discovered a new and highly sophisticated malspam campaign sending fake Amazon order confirmation messages. The messages are reportedly quite convincing, and include subject lines that read "Your Amazon.com order," "Amazon order details" and "Your order 162-2672000-0034071 has shipped." According to BleepingComputer, “When you open these emails, you will be shown an order confirmation that states your item has shipped, but without any details regarding what was ordered or tracking information. It then tells the recipient to click on the Order Details button in order to see more information.” Unsuspecting users who click on the link thinking they are downloading a Word document named order_details.doc are then instructed to “Enable Content” so that the order may be properly viewed. However, these unwitting users are actually enabling content that triggers the macros to execute a PowerShell command, which reportedly downloads and executes the Emotet banking Trojan. EdgeWave told BleepingComputer that while researchers were testing the malicious document, the Emotet downloaded as keyandsymbol.exe even though the name of the Trojan was mergedboost.exe.

Read More

Phishing, Humans Root of Most Healthcare Attacks

Infosecurity Magazine | February 12, 2019

Across healthcare organizations in the US, malicious actors are successfully leveraging phishing attacks to initially gain access to networks, according to findings from the 2019 HIMSS Cybersecurity Survey published by the Healthcare Information and Management Systems Society (HIMSS). The study, which surveyed 166 qualified information security leaders from November to December 2018, found that there are particular patterns of cybersecurity threats and experiences distinctive to healthcare organizations. “Significant security incidents are a near universal experience in US healthcare organizations with many of the incidents initiated by bad actors, leveraging email as a means to compromise the integrity of their targets,” the survey said. Nearly half (48%) of all respondents identified two different categories of major threat actors, which included online scam artists (28%) and negligent insiders (20%). The hospitals that participated in the survey said that when looking at the security incidents that occurred in the last 12 months, the initial point of compromise for 69% of the attacks was the result of phishing emails. Not all healthcare organizations are hospitals, though. Among all the survey participant, 59% said that the most commonly cited point of compromise was email and 25% were human error. “There are certain responses that are not necessarily 'bad' cybersecurity practices, but may be an 'early warning signal' about potential complacency seeping into the organization’s information security practices,” the report said.

Read More

Netcraft Launches Anti-Phishing Mobile App

SecurityWeek | January 28, 2019

UK-based cybersecurity services provider Netcraft on Monday announced the launch of a new mobile application designed to protect users against phishing and other threats. Netcraft has pointed out that the mobile versions of popular web browsers don’t provide the same level of protection against phishing attacks as the desktop versions. According to the company, a study it carried out last year showed that browsers running on Android and iOS devices blocked a “tiny fraction” of the malicious sites blocked by their desktop versions. The app it has developed, named Netcraft Phishing and Malware Protection, is designed to prevent users from accessing malicious websites based on data from the company’s anti-phishing feed. Launched in 2005, Netcraft’s anti-phishing system is powered by a database of more than 56 million unique phishing websites. The database, which is constantly growing based on reports from its users, is utilized by all major web browsers and licensed by many companies specializing in security, content filtering, and web hosting. The new mobile app works with several browsers, including Chrome, Firefox, Opera, Edge, UC, and the Samsung browser. Additionally, it protects users against threats in the Facebook, Instagram, Messenger, Twitter, Snapchat, Slack, Reddit and other apps. The application is designed to block phishing and malware sites when users browse the web, and alerts the user when a phishing URL is detected in an SMS message. Users are provided information on the number of blocked threats.

Read More

Amazon Order Confirmation Phishing Scam

Infosecurity Magazine | December 24, 2018

All those who have relied upon the e-commerce giant Amazon to order their holiday gifts should heed caution when receiving order confirmation emails, as EdgeWave reportedly discovered a new and highly sophisticated malspam campaign sending fake Amazon order confirmation messages. The messages are reportedly quite convincing, and include subject lines that read "Your Amazon.com order," "Amazon order details" and "Your order 162-2672000-0034071 has shipped." According to BleepingComputer, “When you open these emails, you will be shown an order confirmation that states your item has shipped, but without any details regarding what was ordered or tracking information. It then tells the recipient to click on the Order Details button in order to see more information.” Unsuspecting users who click on the link thinking they are downloading a Word document named order_details.doc are then instructed to “Enable Content” so that the order may be properly viewed. However, these unwitting users are actually enabling content that triggers the macros to execute a PowerShell command, which reportedly downloads and executes the Emotet banking Trojan. EdgeWave told BleepingComputer that while researchers were testing the malicious document, the Emotet downloaded as keyandsymbol.exe even though the name of the Trojan was mergedboost.exe.

Read More

Events