MailGuard Blog

Business email compromise (BEC) scams have been around for a while, but their continued success at bringing down organisations (both large & small) shows we’re dealing with an adversary that is constantly looking for ways to exploit our systems, our psychology & our trust.  

It’s integral that businesses proactively take steps to enhance identity-related security measures like MFA because since the COVID-19 pandemic, “identity has become the new security perimeter” according to many experts, including Microsoft. 

The tax season has always been a busy one for scammers, but the ongoing uncertainty triggered by COVID-19 last year enabled them to augment their attacks and take further advantage of the fragile mental state of taxpayers and professionals – essentially, presenting scammers with an opportunity to use an enhanced sort of psychological warfare.

It’s been called the “largest cyber-attack on a media company in Australia's history," something that has never been seen before in the country. 

A PwC survey released at the end of 2020 highlighted fears of growing cyber-attacks targeting local critical infrastructure. Australian business leaders said that they were expecting more cyber-attacks in the next 12 months than their global peers, including 56% of local executives who anticipated “attacks on the nation's critical infrastructure which could shut down vital services such as hospitals.”  

Cybersecurity was a significant catalyst in facilitating productive remote work and ensuring business continuity in 2020. 

Commenting on paradigm shifts in cybersecurity in 2020, Ann Johnson, Corporate Vice President, SCI Business Development at Microsoft wrote: 

“As we look past the pandemic to a time when workforces and budgets rebound, Zero Trust will become the biggest area of investment for cybersecurity. This means, that right now, every one of us is on a Zero Trust journey—whether we know it, or not.” 

Against the backdrop of a global pandemic, and with more businesses operating remotely, the global scourge of cybercrime became even more calamitous in 2020.

In the final weeks of 2020, news of the SolarWinds hack broke – a cyber-attack that has been dubbed as “the Pearl Harbor of American IT”.   

This week marks Identity Theft Awareness Week, a public awareness campaign by the U.S. Federal Trade Commission (FTC) dedicated to mitigating the impact of identity theft. The week comprises a series of events organized by the FTC and its partners that focus on reducing the risk of identity theft and on concrete steps to recover if identity theft occurs.

While challenging, 2020 drove a long-overdue review of our approach to cybersecurity for many, especially with the explosion of COVID-19 themed cybercrime targeting remote workforces.

The COVID-19 pandemic accelerated digital transformation among many businesses, but also simultaneously exposed their cyber vulnerabilities and levels of unpreparedness against insidious, targeted cyber threats. 

Among other things, 2020 reminded us how fundamental cybersecurity is to business continuity.

Earlier this year, I wrote about the need for Australian businesses to step up their efforts in defending themselves from Business Email Compromise (BEC) attacks.

One of the biggest challenges in cybersecurity is keeping up with the new attacks that criminals are creating.