In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
When Hackers Pose as Job Seekers – Your HR Inbox Becomes a Breach Point
📎 Your HR Team Might Be Downloading Hackers Right Now
🚨 Cybercriminals are now posing as job applicants – and it’s working.
💼 Fake resumes embedded with malware are being sent to recruiters every day. They look real. They match the job posting. But a single click installs a backdoor into your corporate network.
🎯 This tactic targets the one team that must open attachments from strangers: HR.
🧠 Groups like FIN6 are launching full campaigns this way – impersonating job seekers, injecting code into .docx files, and silently gaining access before anyone notices.
📉 Most security teams don’t train HR to defend against threats disguised as applications.
📌 That’s where AUMINT.io steps in.
We simulate applicant-based threats, coach HR on red flags, and build muscle memory against one of the fastest-growing attack vectors today.
Book Your HR Cyber Threat Simulation Now
#CyberSecurity #SocialEngineering #HRtech #RecruiterSecurity #HiringRisks #InfoSec #TalentAcquisition #AUMINT #FIN6 #MalwareAwareness #SMBSecurity
🧠 You Can’t Protect What You Don’t See
Most orgs only monitor what they own.
But attackers look at everything – the exposed, abandoned, and overlooked.
Think:
• Orphaned SaaS apps
• Staff emails leaked on dark web
• Unclaimed DNS records
This isn’t hidden in the dark web. It’s often public – just not on your radar.
💡 AUMINT’s €1,500 Attack Surface Report maps your full digital exposure – before someone else does.
Secure your blind spots: https://calendly.com/aumint/aumint-intro
#CyberSecurity #AttackSurface #ITRisk #InfoSecEurope #DigitalExposure #CISO
Vendor Email Compromise Is the Silent Killer of Trust
📩 The Next Cyberattack Will Come From a Trusted Email
💥 Vendor Email Compromise (VEC) is rising fast – and it’s more dangerous than BEC.
🕵️♂️ Attackers hijack legitimate vendor email accounts and slip into ongoing conversations. The invoice looks normal. The sender’s domain is clean. But the bank details? Totally fake.
💰 One click – and six figures vanish without a trace.
🤝 These aren’t random attacks. They’re hyper-targeted, patient, and timed to your billing cycle.
🧩 Most security teams don’t catch them because the email really does come from your vendor.
💡 The only solution? Human-level awareness, real-world simulations, and executive visibility into behavioral weak spots.
📉 Trust without verification is now a threat vector.
At AUMINT.io, we help finance, procurement, and executive teams simulate and counter VEC threats before attackers strike.
Your next invoice request might be a trap – would your team catch it?
Book Your Vendor Risk Simulation Today
#CyberSecurity #VendorEmailCompromise #VEC #InvoiceFraud #CISO #ProcurementSecurity #FinanceRisk #SocialEngineering #AUMINT #FraudPrevention #SMBSecurity