Evolving cybercriminal tactics targeting SMBs
A recent Todyl report revealed a 558% increase in BEC (Business Email Compromise), AiTM (Adversary-in-the-Middle), and ATO (Account Takeover) attacks in 2024.
In this Help Net Security video, David Langlands, Chief Security Officer at Todyl, discusses these evolving cyber threats.
Here are the key findings from the report:
- BEC is evolving as attackers shift from traditional malware to exploiting human error and vulnerable communication channels.
- Attackers are exploiting gaps in security like the lack of Identity Threat Detection and Response (ITDR) and refining tactics to bypass multi-factor authentication (MFA).
- Suspicious login activities, often involving stolen credentials or tokens sold in underground markets, were traced to small hosting providers targeting Microsoft 365 services.