Hi [[ session.user.profile.firstName ]]

Phishing During Pandemic: Actors, Campaigns & Threats Leveraging COVID-19 Lures

Coronavirus-related email lures now represent the greatest collection of attack types united by a single theme that the Proofpoint Threat Research and Detection team has seen in years, if not ever. We’ve observed credential phishing, malicious attachments, malicious links, business email compromise (BEC), fake landing pages, downloaders, spam, and malware, among others, all leveraging coronavirus lures.

Join our speakers Sherrod DeGrippo, Sr. Director of Threat Research & Detection and Ryan Kalember, EVP of Cybersecurity Strategy as they share:

- The current state and rapid evolution of COVID-themed phishing campaigns
- Key defense mechanisms to reduce your organization’s risk
- Awareness and training measures you can take to keep your users from falling victim

This session is available for CPE credit with ISC(2). To watch more CPE-eligible sessions, please visit https://go.proofpoint.com/cpe-on-demand-webinars.html?utm_source=webinars.
Recorded Mar 19 2020 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Sherrod DeGrippo, Sr. Director of Threat Research & Detection and Ryan Kalember, EVP of Cybersecurity Strategy at Proofpoint
Presentation preview: Phishing During Pandemic: Actors, Campaigns & Threats Leveraging COVID-19 Lures

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Zero-Trust | The Next Generation in Secure Enterprise Application Access Nov 3 2020 2:00 pm UTC 45 mins
    Mark Edge & Ethan Davidi
    The classic perimeter-based network security architecture has been in place for 30 years. So it comes with no surprise that Gartner reports that by 2023, 60% of enterprises will phase out most of their remote access virtual private networks (VPNs) in favour of Zero-Trust Network Access*.

    In today’s new (work) reality, users and applications are no longer confined to the corporate network, and security organisations are challenged with protection and visibility like never before. This highly dynamic and sometimes unpredictable delivery model needs a new approach to network and application access that is more robust, easier to manage and provides end-to-end visibility no matter where it’s deployed.

    Join us as we explore why in this new (work) reality, enterprises need a better alternative for secure remote application access. In this session, we will specifically dive in to:

    - Benefits of a cloud-delivered secure remote access with simple deployment and central policy management
    - How to leverage zero-trust security with adaptive controls and micro-segmented application access to isolate your network from threats
    - How to accelerate cloud migration with user-cloud access, multi-cloud connectivity and hybrid-cloud connectivity
    - Why an always-on, zero-trust security architecture system can provide protection beyond the traditional perimeter.

    *Source: Gartner Market Guide to Zero-Trust Network Access.
  • Driving Real Behaviour Change: Build a Security Awareness Program that Works Oct 22 2020 1:30 pm UTC 60 mins
    Paul Down, Director & Matt Cooke, Cybersecurity Specialist, Proofpoint EMEA
    When it comes to modern Cybersecurity – ultimately your users are your last line of defence. So you need to arm them with both knowledge and practice to mould dynamic, alert guardians of both your organisation and your data. The key to your success is engaging, entertaining - and crucially - topical security awareness training.

    So where to start, or how to renew your program? Are you one of the 80% of organisations who allocate two hours or less per year for security awareness, how useful do you judge this small amount of user training to effect behaviour change?

    Join our Security Awareness Training experts as we review valuable strategies on how to create and sustain an impactful cybersecurity awareness education program. Plus we delve deep into thought-leadership on the following questions:

    - How do I ensure my users embrace the training? Who are the key influencers internally?
    - What is the minimum – and maximum – levels of training shown to have been successful?
    - How do I motivate and reward my last line defenders?
    - What reporting and measures are the most pertinent to the IT team and alternatively to the C-suite?
  • Insider Risk in Financial Services: The $14.5 Million Problem Oct 22 2020 9:30 am UTC 60 mins
    Rob Bolton and Lee Duff Insider Threat Management specialists, Proofpoint
    Insider risk is a challenge across many industries. Financial services companies face some of the worst outcomes. A recent benchmark study found that the Financial services sector experienced the highest average yearly cost. Containing insider threats costs the industry $14.5 million annually. That is a 20.3% increase from 2018.
    Insider incidents at financial services companies can lead to: fraud, financial losses, data leaks, regulatory fines and more. The root cause may be a sloppy user or third-party contractor, an angry employee or a stolen login. No matter the cause, companies need visibility into insider threats. People-centric security helps financial companies better manage risk.
    Join our Insider threat experts and your industry peers in this Live Talk where we’ll explore the unique risks of insider threats and how to combat them. In this session, we’ll specifically dive in to:

    - The three main insider threat profiles and how to address each.
    - Why insider threats are unique and require more context than other threats.
    - How to reduce response time and costs by speeding up investigations.
    Register today to learn more about how insider-led breaches affect financial services and how to mitigate the risk.
  • Zero-Trust Security | Cloud-Delivered: Zero-Trust Network Access Made Simple Oct 20 2020 1:00 pm UTC 45 mins
    Mark Edge
    As part of a distributed workforce that increasingly relies on technology, people are the new cybersecurity perimeter. Employees, contractors or third parties - and anyone else who has access to your sensitive data and critical systems can become therefore become a threat. Protecting people and resources beyond the traditional perimeter has never been so critical in today’s cloud era.

    Join us as we uncover how a Zero-Trust Network Access can reduce security exposure and show you clear steps to deploy Zero-Trust Network Access. In this session, we’ll specifically dive in to:

    - How cloud-delivered secure remote access can be made simple.
    - How adaptive controls and micro segmented application access isolates your network from threats.
    - How a people-centric, software-defined perimeter that protects users and data both on and off-premise is the new imperative.

    Register today to gain valuable insights and best practices for protecting your people and resources beyond the traditional perimeter.
  • Live Panel: Detect and Block Business Email Scams with Proofpoint Oct 15 2020 1:30 pm UTC 30 mins
    Matt Cooke, Davide Canali & Neil Hammet of Proofpoint EMEA
    Business Email Compromise (BEC) often starts with an email in which attackers pose as someone the victim trusts. In the message, there’s a seemingly legitimate business request that usually involves a wire transfer or financial payment. None of these emails carries malicious payload making it difficult to detect this new form of email threat.

    But things are changing. Technology can now surpass people and process initiatives to proactively eliminate fraudulent emails, removing the guesswork for users.

    Join this expert panel discussion to learn more about:
    · How BEC attacks happen
    · Why defenders must think beyond the phish into a multi-layered approach
    · How Proofpoint provides actionable visibility and threat insights
    · How Proofpoint identifies and blocks common BEC attack tactics

    This is the third of three webinars forming a mini-summit:
    Session 1: Evolving Business Email Attack Tactics from Lockdown through to Return to Work
    Session 2: Customer Case Study - Protecting the UK's HM Revenue & Customs (HMRC) from Email Fraud
    Session 3: Live Panel - Detect and Block BEC Scams

    Links to all three sessions in the attachments.
  • Cybersecurity: Defending UK’s HM Revenue & Customs (HMRC) Against Email Fraud Oct 13 2020 1:30 pm UTC 30 mins
    Neil Hammet, Senior Product Evangelist, Email Fraud Defence & Chris Clarke, Email Fraud Defence
    HMRC, the UK Government department for Revenue and Customs who manage among other things UK Corporation tax, UK Income tax and VAT, was always going to be an obvious target for cyber attacks. In 2017-2018, millions of fraudulent emails were being sent purporting to offer tax refunds to UK tax payers. Something had to be done.
    Join this webinar, as experts and project managers discuss:
    - HMRC’s experiences of Business Email Compromise (BEC) and Email Account Compromise (EAC)
    - The specific problems and the scale of the challenge they faced
    - How a solution was found, and the resulting success for HMRC, the IT Security team, but most of all the peace of mind offered to HMRC customers
    - How success was tracked and measured

    This is the second of three webinars forming a mini-summit:
    Session 1: Evolving Business Email Attack Tactics from Lockdown through to Return to Work
    Session 2: Customer Case Study - Protecting the UK's HM Revenue & Customs (HMRC) from Email Fraud
    Session 3: Live Panel - Detect and Block BEC Scams

    Links to all three sessions in the attachments.
  • Evolving Business Email Attack Tactics from Lockdown to Return to Work Oct 8 2020 1:30 pm UTC 60 mins
    Matt Cooke, CyberSecurity Specialist & Davide Canali, Senior Threat Researcher, Proofpoint EMEA
    COVID-19 not only impacts our lives but also affects cyber threat landscape, which continues to be dominated by coronavirus-related activities. Proofpoint Threat Research team has observed more and more business email compromise (BEC) and email account compromise (EAC) scams leveraging coronavirus lures. In addition, attackers have come up with more sophisticated tactics to trick their targets into making fraudulent wire transfer.

    Join our Proofpoint experts to learn more about:

    - The current state of COVID-themed BEC/EAC scams
    - New BEC tactics targeting organisation’s supply chain
    - The differences between BEC and other tactics, such as malware and cred-phish
    - Why threat actors choose a certain attack tactic and the psychology behind criminal minds

    This is the first of three webinars forming a mini-summit:
    Session 1: Evolving Business Email Attack Tactics from Lockdown through to Return to Work
    Session 2: Customer Case Study - Protecting the UK's HM Revenue & Customs (HMRC) from Email Fraud
    Session 3: Live Panel - Detect and Block BEC Scams

    Links to all three sessions in the attachments.
  • Zero-Trust Security Webinar: How to Better Secure the All-Remote Enterprise Oct 6 2020 9:00 am UTC 45 mins
    Etay Bogner, VP and GM Zero Trust Product and founder of Meta Networks and Mark Edge
    There’s a lot of noise in the cybersecurity industry around zero-trust, but Forrester Research pioneered the original and most effective framework. With threats constantly evolving, our people are targeted with, amongst others, credential phish, ransomware and remote access trojans. It’s never been more important to understand how zero-trust principles can apply to your environment, with people becoming the new perimeter, and protecting them and the data they access becoming the new imperative.
    Join us as we take a closer look at the core principles of Forrester’s original zero-trust approach and how they are applied in practice by leading security teams. In this session, we’ll specifically dive in to:
    An overview of the zero-trust approach.
    Steps on how to deliver simplified access controls.
    How to gain on increased visibility across the hybrid enterprise.
    What cloud enabled organisations can do to minimise the attack surface.
    Register today to gain valuable insights and best practices for protecting your people and resources beyond the traditional perimeter.
  • Zielscheibe Mitarbeiter: Wie sich BEC-Angriffe 2020 weiterentwickelt haben Recorded: Sep 25 2020 55 mins
    Markus Grüneberg, IT Security & Data Privacy Advisor bei Proofpoint
    Corona hat nicht nur Auswirkungen auf unser aller Leben, auch die Bedrohungslandschaft wurde durch das Virus stark beeinflusst. Das Proofpoint Threat Research Team hat in den letzten Monaten mehr und mehr zielgerichtete BEC (Business Email Compromise)- und EAC (Email Account Compromise)-Angriffe beobachtet, die mit der Angst vor Corona zu ködern versuchten.Nehmen Sie teil am Webinar mit Markus Grüneberg, IT Security & Data Privacy Advisor bei Proofpoint, wenn es um folgende Themen geht:

    Die aktuelle Bedrohungslandschaft
    Neue BEC Taktiken, die Lieferketten ins Visier nehmen
    Unterschiede zwischen BEC und anderen Taktiken wie Malware und Anmeldedaten Phishing
    Warum Cyberkriminelle sich für eine und nicht die andere Taktik entscheiden – ein psychologischer Exkurs.
  • 4社合同オンデマンドウェビナー: リモートワークにおけるゼロトラスト セキュリティ Recorded: Sep 25 2020 60 mins
    日本プルーフポイント (株) シニア エバンジェリスト 増田 幸美
    2020年8月27日、セキュリティの各分野におけるベスト・オブ・ブリードである4社は、昨今のテレワーク環境におけるゼロトラスト セキュリティ戦略を実施する組織に向けに、統合したシンプルなゼロトラスト セキュリティの構築を支援できるよう連携することを発表しました。



    Product Introduction speakers:
    クラウドストライク (株) セールスエンジニアリング部 部長 鈴木 滋
    Netskope Japan (株)  カントリーマネージャー 大黒 甚一郎
    Okta Japan (株)  代表取締役社長 渡邉 崇
    日本プルーフポイント (株)セールスエンジニアリング部 部長 高橋 哲也

    クラウドストライク (株) カントリー・マネージャー 河合 哲也
    Netskope Japan (株)  カントリーマネージャー 大黒 甚一郎
    Okta Japan (株)  代表取締役社長 渡邉 崇
    日本プルーフポイント (株)  代表取締役社長 茂木 正之

    日本プルーフポイント (株) シニア エバンジェリスト 増田 幸美
  • Live Demo: Leveraging Adaptive Security Controls with Isolation Recorded: Sep 24 2020 32 mins
    Neko Papez, Product Marketing Manager at Proofpoint
    When your people check personal email or web browsing at work, they can unintentionally introduce known or new threats into your organization. Learn how to leverage Proofpoint Isolation to provide adaptive security controls to users based on risk profile.

    Join us for a live demo as our experts dive into how you can lower your attack surface and protect your people against advanced threats. In this session, we’ll cover how to:

    - Stop cyber threats like drive-by downloads, malware attacks, and malicious email attachments
    - Integrate TAP URL Isolation to get real time phishing protection
    - Assign dynamic adaptive controls to better protect your workforce
  • Esprits cybercriminels: L'évolution des attaques BEC pendant le confinement Recorded: Sep 24 2020 42 mins
    Loïc Guézo, Senior Director, Cybersecurity Strategy & Davide Canali, Threat Research & Detection, Proofpoint France
    En plus d'impacter notre vie quotidienne, la COVID-19 a également des répercussions considérables sur le paysage des menaces, toujours dominé par des attaques liées à la pandémie. L'équipe Proofpoint de recherche sur les cybermenaces a observé un nombre croissant d'escroqueries de type BEC (Business Email Compromise ou piratage de la messagerie en entreprise) et EAC (Email Account Compromise ou compromission de compte de messagerie) qui exploitent le thème du coronavirus. Elle a par ailleurs constaté un regain de sophistication dans les tactiques employées dans le cadre de la fraude aux virements bancaires.Rejoignez nos deux intervenants Loïc Guézo, Senior Director, Cybersecurity Strategy, et Davide Canali de l'unité Threat Research & Detection de Proofpoint France. Au programme :

    L'actualité des escroqueries BEC/EAC axées sur la COVID-19
    Les nouvelles tactiques BEC qui ciblent la chaîne logistique des entreprises
    Les différences entre les attaques BEC et les autres cybermenaces, telles que les malwares ou le phishing d'identifiant
    Une analyse des motivations guidant le choix de certaines tactiques d'attaque et de la psychologie cybercriminelle.
  • Live Demo: Protecting Your Data in Azure & AWS with Proofpoint CASB Recorded: Sep 23 2020 35 mins
    Christopher Stack, Cloud Security Solutions Architect
    Large amounts of sensitive data stored in Azure and AWS make IaaS resources and accounts an attractive target for attackers. Misconfigured IaaS resources and unprotected accounts can lead to major data leaks, and enterprises with multi-cloud strategy find it difficult to secure their IaaS environments. So how can you better protect your data?

    Proofpoint CASB simplifies multi-cloud and multi-region IaaS security and compliance and centralizes IaaS protection in a single console. Join us for a live demonstration of Proofpoint CASB’s new capabilities and find out how you can:

    - Discover IaaS resources
    - Identify misconfigured cloud services by checking configurations against industry policies, such as the CIS benchmark for AWS compliance, Azure CIS, PCI DSS 3.2.1, SOC TSP, and ISO 27001
    - Monitor and enforce policies on unauthorized access and admin activity
    - Protect sensitive data against excessive sharing
  • Live Demo: Enterprise Archive Amid the Pandemic Recorded: Sep 22 2020 44 mins
    Robert Kreuscher, Compliance Sales Engineer & Jacob Wild, Compliance Sales Specialist at Proofpoint
    Legal, compliance and security pressures are evolving in today’s data growth. It’s crucial for companies to have a new security approach to these data archiving challenges. Join our live demo as our experts explore how Proofpoint has long been a provider of market leading Archiving, eDiscovery and Supervision solutions.

    In this session, we’ll cover how current environments and worldly conditions are further driving the need for:

    - Visibility across all communications to meet Regulatory Compliance demands
    - Internal auditing of collaboration channels to proactively identify Insider Risk
    - Efficiencies across legal workflows to maintain pace with eDiscovery activity and increasing litigation
  • Live Demo: Prevent Phishing Attacks with Security Awareness Training Recorded: Sep 22 2020 42 mins
    David Kleppick, Enterprise Account Executive at Proofpoint
    99% of the phishing attacks Proofpoint observed in 2019 require human interaction to succeed, resulting in malware installation, wire fraud, unwitting data disclosures, and more. Educate your staff and limit cyber attacks through Proofpoint’s industry-leading security awareness training. Backed by threat intelligence, Proofpoint’s Security Awareness Training ensures you are delivering the right training, to the right people, and at the right time.

    Join our live demo to learn how to:

    - Assess your users’ susceptibility to phishing attacks as well as other cyber threats
    - Deliver customized training to your end users that will drive behavior change, making them a stronger last line of defense
    - Enable your employees to report suspicious messages with a single mouse click
  • Securing SaaS and IaaS with CASB Recorded: Sep 18 2020 99 mins
    Panel of cybersecurity experts
    The move to the cloud and a remote workforce has brought new security and compliance risks. Cloud account takeover, excessive sharing of data, usage of unapproved cloud applications and misconfiguration of IaaS resources present big challenges to security teams. Securing IT-approved applications, such as Microsoft Office 365, Google G Suite, Box, Dropbox, Salesforce, Slack, AWS, Azure, ServiceNow and more, is a priority now more than ever.

    Join us for a discussion on how a people-centric security approach with CASB can help you and your company to:

    - Identify the users accessing cloud applications, detect and protect against cloud account takeover
    - Prevent data loss and ensure compliance with relevant regulations
    - Gain visibility into cloud usage, including cloud-to-cloud usage such as third-party OAuth apps
    - Discover IaaS accounts and resources and manage your cloud security posture
    - Define and enforce policies on cloud access and the handling of data in the cloud
  • Driving Real Behavior Change with Security Awareness Training Recorded: Sep 18 2020 60 mins
    Panel of cybersecurity experts
    With October's Cybersecurity Awareness Month approaching fast, it’s important to get security awareness and training top-of-mind with your users. Given that 80% of organizations only allocate two hours or less per year for security awareness, how can you maximize your time with users to ensure behavior change?

    In this webinar, we’ll go over proven ways to plan and execute a successful program such as:

    · Focusing your program on the riskiest users
    · Keeping users engaged and on-your-side
    · Benchmarking against top-performing organizations
    · Reporting up to key stakeholders
  • Back to School for Students & Back to Basics for InfoSec Recorded: Sep 17 2020 57 mins
    Mike Manrod, CISO of Grand Canyon Education & Ryan Witt, Managing Director at Proofpoint
    New semesters bring new cybersecurity threats. As new students and staff receive their new college emails, the more opportunities there are for attackers to strike. Even today, most cyberattacks still start with phishing emails because their tactics continue to evolve and work. So how can you better protect your institution?

    Join our guest speaker Mike Manrod, CISO at Grand Canyon Education, and Ryan Witt, Managing Director at Proofpoint, for this webinar as they focus on higher education’s evolving threat landscape and the increasingly sophisticated tactics cybercriminal are using to target academia. In this session, we will examine how to you can:

    - Harden your email security to stop phishing, ransomware, and BEC attacks
    - Stop email spoofing and spot look-alike domains
    - Protect sensitive data with an integrated DLP platform
  • Four Best Practices to reduce Insider Risk in the new [work] reality Recorded: Sep 17 2020 57 mins
    Rob Bolton, Sr Director from Proofpoint Insider Threat Management
    Did you know 99% of all threats are human-activated, and 96% of all data breaches start with people? [ Source: Gartner.]

    Despite this reality, most organisations rely on traditional cybersecurity tools that focus more on data and systems than on people. Whether the intent is negligent, malicious or criminal, it’s time to protect your business against data loss and brand damage. The best, most modern security solutions are designed to be people-centric.

    Join Rob Bolton, Senior Director and and Julian Mauss, Technical Expert at Proofpoint Insider Threat Management, to learn about the four best practices to manage insider threats. Learn why it’s critical to blend people, process and technology to detect, investigate and respond to insider risk in today’s new [work] reality.

    In this talk, you will learn:

    • How distributed workforces and third-party workers access systems and data
    • The unique risks of insider threats
    • How to protect against data loss
    • Why a people-centric approach is key to mitigating insider risk
  • Live Demo: Ramping Up People-Centric Security Business Email/Account Compromise Recorded: Sep 16 2020 43 mins
    Joel Sierra, Sr. Sales Engineer at Proofpoint
    What are the best practices for building a people-centric cybersecurity strategy and where should your organization start? Proofpoint has revamped our three-phase cybersecurity maturity model to help you elevate your advanced email security, stop business email & account compromise, and protect your cloud applications.

    Join us for a live demo to learn how you can continue your people-centric security journey and see the tools in action. In this second phase of three phases, we’ll demonstrate how to:

    - Protect your people from impostor email attacks, like business email compromise (BEC)
    - Investigate and respond to the risks of email account compromise (EAC), including internal email threats sent from compromised accounts
    - Prevent risks associated with personal webmail and risky websites sent via corporate email
Proofpoint is a leading cybersecurity company that protects organizations' greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, we help companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including more than half of the Fortune 1000, rely on us for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Phishing During Pandemic: Actors, Campaigns & Threats Leveraging COVID-19 Lures
  • Live at: Mar 19 2020 8:00 pm
  • Presented by: Sherrod DeGrippo, Sr. Director of Threat Research & Detection and Ryan Kalember, EVP of Cybersecurity Strategy at Proofpoint
  • From:
Your email has been sent.
or close