In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
Gen Z and Social Engineering – The Hidden Cybersecurity Risk for Companies
Gen Z is the first truly digital-native workforce, seamlessly blending technology into every aspect of their professional lives. But this fluency comes with a hidden risk – they are prime targets for social engineering attacks that can put entire organizations at...
A 1,633% Surge in Vishing Attacks – The Silent Cyber Threat No One Sees Coming
Imagine getting a call from your company’s IT department. The person on the other end knows your name, your job title, and even a recent issue you had with your work login. They sound professional, reassuring, and helpful. Then, they ask you to verify your credentials...
Inside a $5 Million Cyber Heist – Why Business Email Compromise Is More Dangerous Than Ever
It starts with a single email. No malware, no suspicious links – just a seemingly legitimate request to update payment details. Within moments, millions vanish, often unrecoverable.
BEC scams have evolved, leveraging AI-powered fraud, deepfakes, and rapid financial transactions to bypass traditional security. With remote work and weak MFA policies exposing more vulnerabilities, businesses are at greater risk than ever.
🔐 How to Stay Protected:
✅ Verify all financial requests via a second communication channel.
✅ Deploy AI-driven threat detection to flag suspicious email activity.
✅ Enforce Multi-Factor Authentication (MFA) to prevent account takeovers.
✅ Train employees to recognize BEC tactics before it’s too late.
💰 The cost of inaction? Billions lost annually. Don’t be the next victim.
📢 Learn how AI-powered cybersecurity from AUMINT.io can help safeguard your business. Book a consultation today!
#CyberSecurity #BECScams #AIinCybersecurity #BusinessRisk #EmailSecurity #FraudPrevention #DataProtection #AUMINT