Welcome Rodney Reid!

We’re all very excited to announce that Rodney Reid has joined the growing Engineering team here at Truedomain. Rodney is an extremely talented software engineer and UI developer, with more than 20 years industry experience and 11 years developing web applications.

He will be focusing his energy and talents on building the next generation of the Truedomain Dashboard and bringing new and exciting features to our customers.

Rodney brings with him a broad background in UI development from companies like Yodlee, Genius, LookSmart, Salon Media Group and Wired Digital/Lycos. He is already a tremendous addition to the team and is hard at hand whipping the Truedomain Dashboard application into shape with one full sprint already under his belt.

Welcome to the team Rodney!

 

 

Welcome Kenny Lopez!

We’ve got another exciting announcement today – Kenny Lopez has joined the team here at Truedomain as our new Director, Sales & Business Development.  He’ll be leading all sales efforts for us, and brings extremely valuable security background and a long track record of successful sales to the team to help us accelerate our customer acquisition efforts.

Kenny brings 17-years of start-up company sales and sales management experience with him. He was a member of the founding sales teams that started companies like Remedy Corp (IPO), IPivot Inc. (acquired by Intel Corp), Proofpoint, Inc. and Mendocino Software (acquired by Symantec).   Kenny is obviously no stranger to the startup world either, and knows how to build the pipeline and build sustainable revenue from the ground up.

When he’s not selling email security services, Kenny is an avid soccer player, champion golfer and all around outdoorsman.

Kenny joins the team at a crucial point, as we transition from the development and launch phase to the business building chapter of our company lifecycle, and we’re extremely excited about having a seasoned sales leader like Kenny join in to help continue building success here at Truedomain.

Welcome Steve Seike!

We’re all very excited to report that Steve Seike has now joined the Engineering team here at Truedomain as Principal Engineer.   Steve has been working with us since February as a contractor, and we’re thrilled that he’s now joined us as a full time team member.

Steve is an extremely talented and very experienced web application developer and database guru, and he’ll be putting those skills to work to help build out the capabilities of the Truedomain Antiphishing Network.  His knowledge of database design, scripting languages and experience building web applications is a huge asset to the team.

Prior to joining team Truedomain, Steve has most recently been consulting with several high visibility clients as a web application developer/architect.  Steve also has many years experience in the software industry as a developer, manager and VP level at companies including Intuit, Satmetrix, EO and Convergent.

Welcome Steve!

Truedomain Selected for Launch: Silicon Valley 2010

We’re thrilled to announce that that we’re going to be having our ‘coming out party’ at the upcoming Launch: Silicon Valley 2010 event.  There are a variety of conferences like Launch, but the fact that this one is put on by the Silicon Valley Association of Startup Entrepreneurs (SVASE), along with a host of top-tier venture funds, angel groups and technology giants sets this one apart from the rest.

We’re honored to have been selected from a field of almost 400 applicants, and to have the opportunity to launch the company in such a high profile and well respected forum.

The event is on June 8th at the Microsoft Silicon Valley campus in Mountain View, CA.

SVASE’s press release about the event, including event information, the list of presenting companies and details on how to attend is here.

We hope we see you there!

Phishing News – Week Ending 12 March 2010

It’s been a couple of weeks between posts again.  Amazing how time just flies by when you’re busy launching a company…  So, there’s more content here than usual, but all of it is relevant and interesting.

Top of mind for us here at Truedomain is the growing recognition that email authentication – which is the foundation of the services we provide to our customers – is being increasingly pointed to as a key weapon in the fight against email borne phishing attacks.   Much of the phishing related news and commentary coming out of the recent RSA Conference in San Francisco reflects this trend.

Another sit-up-and-take-notice trend: all of the data and reports coming out of both corporate and analyst organizations support the fact that the phishing problem continues to grow.  Not only have the volume of attacks continued to rise, but phishers are also diversifying their target lists, finding a glut of new “soft targets” in universities and  small to medium size businesses.

To wit, RSA reported that the volume of phishing attacks rose a whopping 21% in January.  While the growth alone is cause for concern, the trend doubly surprising given that volume typically tends to decrease in January when compared to December because Christmas is generally a big driver of phishing attacks.

More and more news of phishing attacks is also starting to make its way out of countries other than the US.  For example, the Gulf Daily News in  Bahrain reported that in less than three months, the number of organizations being targeted has tripled, and each associated phishing site, of which 800 have been identified, rakes in US$25,000 per month.  That’s a total of US$20 million per month, just in Bahrain!

So with that, enjoy the reading.

Top News
RSA | Phishing reaches record high in January
Infoworld | Fraudsters hone their attacks with spear phishing
eSecurity Planet | Phishers targeting more (and bigger) Fish
All Spammed Up | Bank/Customer Lawsuits Over Phishing Scams on the Rise
SF Gate | New phishing scams attack with precision
CTV News | Dozens of U.S. defense contractors, agencies hacked
SF Gate | Consumers found vulnerable to e-mail threats

Trends & Opinion
New New Internet | Cyveillance Finds Targeting of New Brands Up 5o Percent
PR Newswire | IBM X-Force(R) Report Reveals Phishing, Document Related Threats Rising Dramatically
Information Security Magazine | Email authentication methods critical in fight against phishing
Bankinfo Security | Phishing Update: No Brand is Safe
Citywire | Online banking fraud up 14% amid wave of phishing attacks
Network World | Bogus intranets scam university students
Cloud Security Alliance | Top Threats
Softpedia | Paypal the most heavily phished brand of the last three months

Highlighted Attacks
SperoNews | Phishing Attack at University of Michigan
The Badger Herald | Phishing scam targets UW email accounts
Tradingmarkets.com | Western Union Phishing Scam
Daily Lobo | Phishing scams targeting UNM are potential identity-stealers
Oregon Live | Phishing scam targets Bank of Cascades clients
SearchSecurity.com | Medical identify fraudsters target health care info, experts say
SPAMFighter | Fake Charities Send Phishing E-Mails Related to Haiti Earthquake
SPAMFighter | Phishing Scam Targets Frequent Flyers of American Airlines
University of Wisconsin | Campus urged to beware of new phishing scams
Spartan Daily | Phishers bait students to give info
News Channel 7 | UPS Email Scam
Bahrain Daily News | Phishing alert for banks
Copenhagen Post | PBS warns against phishing
SPAMFighter | ABSA Warns Customers of Fresh Phishing E-mails
Fairfield Mirror | Something’s Phishy in the University Email
SPAMFighter | Netizens in Wisconsin Attacked by Phishing Scam
SPAMFighter | Phishing E-mail Targets Lee County Bank Customers
TV News 10 | Crooks Take Over Woman’s E-mail Account, Steal Her Identity

Phishing News of the Week – 19 February 2010

Welcome to the phishing news of the week for the week ending February 19th.

This week’s eye-opener is a study released by Javelin Strategy & Research reporting that over 11.1M consumers lost more than $54B in total to identity theft scams.  What’s potentially more concerning is that the study, along with other recent reports, indicates that while more & more consumers are aware of the risk caused by identity theft tools like phishing, more report falling victim to the scams in 2009 than ever before.

Also of interest is the February State of Spam & Phishing report from Symantec which highlights the fact that malicious phishing attacks doubled as a percentage of total spam in February.

In addition to the two studies released this week, we also saw a continuation of existing attack trends targeting tax time and Valentine’s Day, as well as more Universities reporting focused spear-phishing attacks targeting their students and faculty.

On the whole, the anecdotal evidence suggests that the complexion of phishing attacks continues to shift away from the wide-net Nigerian banker and eBay type mass-market phishes toward more focused spear phishing attacks, as evidenced by new scams targeting military personnel, lawyers and local banks.

This trend shouldn’t surprise anyone, since the bad guys will always migrate toward the path of least resistance.  While traditional mega-targets like PayPal have gone to considerable lengths to prevent attacks spoofing their domains, the small business, government and university segments are largely unprepared to deal with the threat.  Combine that relative difference in security with now widely-available DIY phishing kits that sell online for less than a nice dinner out, and it’s clear that we should expect this trend to continue for some time.

Enjoy the reading.

Top News
eSecurity Planet | Identity Theft Cost Victims $54B in 2009
Better Business Bureau | Phishing Concerns Already on Google Buzz
Krebs on Security | Zeus Attack Spoofs NSA, Targets .gov and .mil Domains

Trends & Opinion
Symantec | State of Spam & Phishing Report – February 2010
Emirates Business | Fraudulent Emails Targeting Bank Customers on the Rise
SF Examiner | Feds Face Cybercrime Threat
SPAMFighter | South Africa Experiencing Increased Phishing Expeditions
BankInfo Security Blog | Its Phishing Season, Beware These Scams

Highlighted Attacks
US Air Force | Phishers target military members at home, work
ABC13 News | Scammers Using Houston Institution As Hook
KFVS News | Montgomery Bank warns of phishing scam using bank’s name
Voice of America | An English Test, and a Warning
Clarion Call | School Plagued by Internet Phishing Scam
Journal Pioneer | RCMP Advise of Income Tax Scam
WSAW News | DOJ Statement on Latest Phishing Scams Involving Government Emails

Phishing News of the Week – 12 February 2010

Welcome to the phishing news of the week for the week ending February 12th, 2010.

As expected, events of the day continue to drive increased phishing activity.   Tax season is yet again a big driver for attacks, both in the US and abroad.  Valentine’s Day also provided a high profile platform from which bad guys could launch attacks.

And some blockbuster statistics released regarding the impact of the broader identify theft issue: consumers lost $54B – yes, billion with a “B” – directly from identity theft.  Since identity theft is one of phishers’ primary objectives, there are very clear parallels to be drawn between the broader identity theft problem and the continuing rise of phishing as a channel to execute it.

Lastly, more and more reported spear-phishing attacks.  Three universities, a doctors association and a climate economist were all victims of precision targeted attacks.  While 5 reported attacks in a week is scary enough, the reality that there are likely tens, if not hundreds, more similar attacks that go unreported should give anyone responsible for email security a serious cause for pause.

With that, enjoy this week’s reading.

Top News

eSecurity Planet | Identity Theft Cost Victims $54B in 2009
The New New Internet | Company Sues Bank Following Successful Phishing Attack

Trends & Opinion

SC News | Valentine’s Day Sees Spam & Phishing Levels Rise

Highlighted Attacks of the Week

ABC News | Beware of 2010 U.S. Census Email Scams
Newsfactor.com | New Phishing Trend Targeting Attorneys
Channel 4 News | Climate Economist’s Email Security Breach
Merced Sun Star | Police warn of scam email seeking bank information
Luther College | Phishing Scam Warning
Vanderbilt University | Bogus ITS email asks for e-password
Fresno State Collegian | ITS works to solve campus e-mail delays
SPAMFighter | HSBC Bank of Bermuda Warns Customers About Phishing Scam
SPAMFighter | New Phishing Email Attack Against Adobe PDF Users
InfoSecurity | New Tax Avoidance Email Scam
Times Live | South African Bank Phishing Escalates

Phishing News of the Week – 5 February 2010

A few days behind again, but better late than never…

A couple of trends to note last week.  First, more high-profile non financial brands are being targeted by phishing attacks.  This time Adobe and Twitter grab top honors for the highest profile attacks of the week.  Not many details about the fallout from those attacks yet, but the fact that phishers are casting their nets outside of the traditional target areas is cause for concern.

Secondly, in stark contrast to the above, more and more small businesses, professional services such as doctors, and municipalities are being targeted by phishers.  This is very much in line with the increasing incidence of enterprise spear-phishing and a clear indication that the bad guys have figured out that there may be a lot more of the proverbial low-hanging fruit in this typically less sophisticated and less watchful segment of the market.

So without further ado, here are the top phishing news stories of the week that we’ve compiled so you don’t have to.  Enjoy the reading.

Top News

TechCrunch | Twitter users asked to reset password after possible phishing attack
Globe and Mail | Fraudsters steal carbon permits through phishing

Trends & Opinion

SPAMFighter | Phishing attacks escalate in December
SPAMFighter | Over 50% of  email viruses attributed to phishing attacks
San Francisco Chronicle | Hackers turn to social media to attack companies
Inside Windows Live | Preventing spam and phishing using email authentication

Highlighted Attacks of the Week

Security Watch | HMRC phishing twice as successful as bank phishing
BBC News | Warning over tax-return deadline phishing scam
Fierce Health IT | New Phishing Scam Targets Doctors and Their Data
PC World | Adobe warns of PDF phishing scam
Mount Pleasant Daily Tribune | Phishing Scam Hits Local Banks
SPAMFighter | Phishing email scam targets West Virginia taxpayers

Welcome Bjorn Jorde!

We’re really excited to announce that Bjorn Jorde has joined team Truedomain as our new VP of Engineering.  He’ll be leading all software development and QA efforts for us.

Bjorn comes to us after a over a decade at Tumbleweed Communications, most recently as the VP of Product Development.  Bjorn helped lead the Tumbleweed engineering team from the early days through their IPO, and along the way shipped several award-winning email security products, integrated teams from multiple acquisitions and led cross-continental development teams and projects.  We know Bjorn is going to be a huge asset to the team here, and we’re thrilled to have him onboard.

Bjorn’s already starting to build his team, so keep an eye out on our careers page for openings as we post them.

Phishing News of the Week – 29 January 2010

Since I missed the weekly update post last week (mea culpa, see my previous post for my apology…), we’ve got a lot of ground to cover this week.  Interesting to note some of the differing opinions on the trendlines for phishing activity, but I fall firmly into the camp that the problem is continuing to get bigger – and that’s borne out by the data we see from our service.

A couple of interesting trends to point out.

First, and as expected, phishers are seizing the proverbial moment to take advantage of specific events to do their dirty deeds.  To wit, the looming US Tax season has become fertile ground for the bad guys that want to prey on consumers’ focus on keeping the good ‘ol IRS happy.  Expect to see this continue up to, and perhaps even beyond, the April 15th filing deadline.  The Haitian relief efforts also, unfortunately, have also continued to be a popular bait for phsihers.

Also, more & more details continue to trickle out about the breadth of the Chinese phishing attacks that first surfaced with Google.  Much has been made of the PDF and IE8 flaws that allowed the perpetrators to distribute malware, but very little has been said about the fact that every single one of the attacks – at least as far as we can tell – originated with an email phish, often sent to an otherwise presumably tech-savvy and phishing-aware recipient.

Lastly, the prevalence of spear-phishing – or phishing attacks focused specifically on an individual company, organization or even individual person – are growing in frequency, and by extension, in the amount of loss and damage they inflict.  Phishers are getting more and more savvy in the construction and presentation of email phishes and in doing so, are getting better and better hit rates from their attacks.

With that, enjoy the reading.

Industry Reports

1. Anti-Phishing Working Group 3Q09 Phishing Activity Report – New Records for Phishing & Targeted Brands in Q3, as eCrime Expands Unchecked and Undeterred
2. Symantec | Brand Attacks on the Rise
3. TechWorld | Data breaches cost £126 per customer record

Opinions & Trends

1. USA Today | DIY cybercrime kits power growth in Net phishing attacks
2. The Columbus Dispatch | Phishing is heating up this winter, BBB warns
3. HelpNet Security | Phishing attacks account for more than one in two viruses
4. Daily Mail UK | A mysterious email and a split-second mistake: That’s all it took for internet gangsters to hijack my life…
5. Cyveillance Blog | Blippy, a Spear Phisher’s Dream-Phishing

Highlighted Attacks of the Week

1. Axcess News | US oil industry hit by cyberattacks: Was China involved?
2. New York Times | Chinese Fingerprints Said to Be Found in Google Attacks
3. Network World | Military contractors targeted in Chinese attacks, says F-Secure
4. Information Week | Google Friends Surveilled for Cyber Attack
5. Nashua Telegraph | Alert: Census e-mail was fake
6. Scripps News | Tax Season Brings More Sophisticated Scams
7. Tulsa World | Scammers use fake IRS logo.  Refund email smells like phish.
8. The LINC | Student Loans Company warns of email scam
9. American Medical Association | Phishing schemes are becoming sneakier in targeting doctors
10. EHR Bloggers | Annals of Security: The Phishing Scam at UCSF