As traditional phishing attacks become less effective due to organizations’ stronger internal controls, cybercriminals are turning to targeted business email compromise attacks.

For these criminals, it’s all about securing credentials, according to John Moeller and Randy Romes, both cybersecurity principals at CliftonLarsonAllen.

The stakes are high: The average financial institution cybersecurity breach takes 177 days to identify and 56 days to contain, and costs nearly $6 million, according to the IBM Security Cost of a Data Breach Report 2021.

In this episode of the CUNA News Podcast, recorded during the 2023 CUNA Cybersecurity Conference with NASCUS, Romes and Moeller discuss the state of email phishing, how these crimes will evolve in the future, changes in ransomware attacks, and more.

You can listen to the CUNA News Podcast on Apple Podcasts, Google Podcasts, Spotify, YouTube, and Stitcher Radio.

In this episode:

1:20: Meet John and Randy

5:10: What’s the state of phishing today?

9:24: Ransomware as a service

10:00: How attacks are evolving

14:04: Microsoft Office 365

16:01: How to guard against attacks

27:07: Changes in ransomware attacks