Latest news with #Expel
CNET
10-06-2025
- Business
- CNET
Fraudsters Want Your Money. Make Their Lives Difficult by Avoiding These Mistakes
Getty Images/Zooey Liao/CNET There are a many ways fraudsters can steal your money. Their scams can lead to victims sending cash under false pretenses, lines of credit being opened in your name or unauthorized bank transactions. US consumers lost a whopping $12.5 billion to fraud in 2024, according to the Federal Trade Commission. Anyone, regardless of age or other demographics, can be a target of fraud. It's even happened to me. While fraud can happen due to factors beyond your control, certain behaviors can increase your risk. How fraudsters steal your information and money A lot of fraud occurs when cybercriminals gain access to a victim's bank account or credit card information and make unauthorized purchases or transfers. But how do they get that information in the first place? Here's a rundown of the biggest threats to your financial accounts and how to protect yourself: 🗃️ Data breaches When your data is stored with a third-party service — such as your utility company, internet provider or a retailer — and that service is hacked, your information can fall into the hands of bad actors. "Database breaches and other compromises of third-party services are far and away the most common cause of financial fraud," said Aaron Walton, senior threat intel analyst at cybersecurity firm Expel. How to protect yourself: While you can't prevent third-party service breaches, you can minimize the impact of a data breach. For starters, don't store data with third-party services beyond what's necessary. Walton recommends using single-use virtual credit cards for online purchases so that even if the card number is leaked, a criminal can't make additional purchases with the card. 🔐 Bad password security "If you reuse passwords, you are just asking for your accounts to be taken over," said Truman Kain, senior product researcher at cybersecurity firm Huntress. "This is the No. 1 worst thing you can do if you want your accounts to stay protected." After a data breach, attackers will try to use stolen credentials at major online accounts like banks, retailers and email providers. This process is called credential stuffing. Using weak, guessable or common passwords also makes it easy for hackers to get into your accounts, Kain added. How to protect yourself: Use strong, unique passwords across all your accounts and change them regularly. Your passwords should be long (experts suggest 16 characters) and contain a combination of lowercase and capital letters, numbers and symbols. If this sounds like too much, consider getting a password manager. Kain also recommends enabling multifactor authentication on your accounts whenever possible. 💳 Credit card skimmers Skimmers are devices attached to the mouth of a card reader that steal your credit card data when you swipe your card. The skimmers then send that information directly to a card thief or save it for retrieval later. Skimmer setups might also include a hidden camera or fake keypad to capture your PIN. Skimming can even happen online. If an attacker can compromise a website, they can "skim" information from any new transactions taking place. How to protect yourself: Before using an ATM or payment terminal, check it for a loose card reader or any signs of tampering. Don't insert your card if you notice anything suspicious. Criminals tend to install skimmers in low-traffic areas to minimize the chances of being caught, so stick to payment terminals and ATMs in high-traffic or well-monitored areas. If possible, use tap to pay — which is less vulnerable to skimming — instead of swiping your card. If you're using a debit card, run it as a credit card (if you can) to avoid entering your PIN and having a thief steal that information. To combat online skimming, use single-use or limited-use virtual cards when shopping online. 🪝 Phishing and other social engineering attacks Aside from data breaches, phishing attacks are the primary way attackers get ahold of your credentials, Kain said. Phishing is when a scammer contacts a target, usually under the guise of a legitimate institution, to trick you into handing over sensitive information, usually via a link they want you to click. Phishing attacks can occur over phone, email or text. According to a new CNET survey 96% of Americans receive at least one scam message every week. How to protect yourself: A good rule of thumb is, "If you didn't request the message, you should be suspicious of it," Kain said. If you need to verify whether a message is legitimate, directly contact the institution through contact information found on its website. You should also be skeptical if someone online says you owe them money or have an outstanding payment, Walton said. "Take it slow and approach with caution," he said. "Don't let a false sense of urgency lure you into a costly mistake." 🛜 Data stolen over unsecure Wi-Fi networks Visiting websites that don't encrypt traffic with "https" security on public Wi-Fi allows cybercriminals to see anything you do online. Cybercriminals can also steal your data by setting up fake public Wi-Fi hotspots. After you connect to the free Wi-Fi, "the attacker can redirect you to fake websites that closely mimic the real thing, capturing your logins, passwords and sensitive data as you enter them," Kain said. How to protect yourself: Avoid public Wi-Fi for sensitive transactions. It's smart to protect yourself with a virtual private network. A VPN encrypts your browsing activity so even if your data is intercepted, it's unreadable. "Using a reputable VPN is like sealing your internet traffic inside a secure envelope," Kain said. Other proactive ways to prevent fraud Despite the real and serious risks from fraud, 26% of bank customers and 31% of credit card customers haven't taken any recent steps to keep their accounts secure, per J.D. Power's 2024 US Financial Protection Satisfaction Study released in November. If you want to be more proactive about protecting yourself, here are the strategies experts recommend: Card controls Many banks and credit unions offer card controls that let you lock and unlock your credit and debit cards online or on a mobile app. Locking cards you don't use regularly and unlocking them only when you need to make a purchase can help prevent unauthorized transactions from going through. Freeze your credit Freezing your credit will keep lenders from accessing your credit reports, which prevents scammers and identity thieves from opening new credit accounts in your name. If you need to apply for a new loan or credit card, you can temporarily lift the freeze and refreeze your credit after. Use a virtual card Both Kain and Walton recommend using virtual cards to protect your credit card information from being stolen. Virtual cards are randomly generated card numbers connected to your real card. You can set usage limits on virtual cards, such as being only good for one purchase, rendering them useless even if a scammer steals the card information. Setup account alerts Criminals will often put small purchases on a stolen credit card to test out the card before using it for larger purchases or selling the card information on the dark web. If you can catch the small fraudulent transactions as soon as they happen, you can lock down the card before any big ones occur. To do this, you can set up alerts for all transactions or purchases under a certain dollar amount. How to report credit card or bank fraud If you think you're a victim of fraud, report it to your financial institution immediately. Most banks have a designated phone number for urgent assistance. You can then place a lock on your credit or debit cards to prevent new purchases from going through. Your bank might cancel the compromised card altogether and send you a new one. In some cases, such as if your Social Security number or other sensitive information was compromised, you might also want to implement a credit freeze or sign up for identity theft protection. The latter will help monitor your identity online and can sniff out signs of fraud. You may also want to change your password for your financial account and any other online account with the same login information. Finally, it's always a good idea to report the fraud to the FTC at to help the federal government thwart scams. "In many situations, some forms of help are available, be it from an employer, law enforcement or elsewhere," Walton said. "It is a mistake to believe no one can help or that one should be ashamed of being tricked."
Techday NZ
22-04-2025
- Business
- Techday NZ
Expel expands MDR platform to boost email threat detection
Expel has announced the expansion of its managed detection and response (MDR) service to cover email-based threats with new integrations. The company is integrating its MDR platform with Proofpoint, Abnormal Security, and Sublime Security to strengthen protection against phishing, business email compromise (BEC), and other inbox-based attacks. With email remaining a frequent entry point for credential theft, malware installation, and unauthorised access, Expel's enhanced solution aims to identify potential threats earlier in the attack lifecycle. This is intended to help customers reduce risk and improve their security posture with more effective detection and response capabilities. "Identity-based incidents, largely originating from emails, made up 68% of all incidents among Expel customers last year," said Yonni Shelmerdine, Chief Product Officer, Expel. "Incorporating email threat data enables us to identify and block attacks as soon as they hit the inbox, and gives customers insight into the threat actors working to gain access to their organisation. We're delivering the most comprehensive MDR solution in the market, and these capabilities further solidify that commitment while providing our customers with unparalleled visibility and protection across critical attack vectors." The expansion comes at a time when security teams are being challenged by a surge in sophisticated email threats, partly driven by the growth of generative artificial intelligence. This increase has resulted in higher volumes of security alerts, putting additional strain on security resources. Expel has developed its own detections specifically tailored for email security tools and platforms. These proprietary detections are designed to minimise irrelevant alerts and reduce the number of email-based threats that reach end users' inboxes. The company's approach seeks to strengthen early detection and response capability, which is considered a critical factor for organisations aiming to reduce the likelihood and impact of cyber threats. Expel's platform integrates data from various email security providers and combines it with contextual information from endpoints, users, and network activity. This enables the system to uncover the full sequence of email-based attack campaigns and take targeted actions to limit potential damage. Expel continues to build its MDR coverage with what it describes as a technology-agnostic approach, aiming to help customers get more value from existing security investments. The company now offers integrations for over 130 different technology categories, spanning endpoint, cloud, Kubernetes, software-as-a-service, network, SIEM, email, identity, and others. The expanded MDR service is part of Expel's ongoing efforts to address the security risks associated with the most commonly exploited attack vectors in enterprise environments.
Yahoo
24-03-2025
- Business
- Yahoo
Expel Recognized by CRN® in 2025 Partner Program Guide for Third Consecutive Year
Leading MDR provider chosen for partner-first approach, delivering premium security outcomes for customers, and driving mutual success HERNDON, Va., March 24, 2025 /PRNewswire/ -- Expel, the leading managed detection and response (MDR) provider, was recognized by CRN®, a brand of The Channel Company, with a spot in the 2025 CRN Partner Program Guide. This is Expel's third consecutive inclusion in the prestigious guide, which serves as an essential resource for solution providers seeking vendor partner programs that match their business goals and deliver high partner value. "Expel is in the business of creating positive security outcomes for our customers, and the partner program we've built reflects that mission at its core," said Alex Glass, VP, Global Channel and Alliances, Expel. "Our partnerships are rooted in collaboration, accountability, and determination to drive mutual success for all parties—and our inclusion in the 2025 CRN Partner Program Guide is testament to the strength of our approach." In a complex and crowded security landscape, solution providers rely on vendor programs that offer the right tools, resources, and support to help them succeed. Expel's partner-first approach delivers: Premium MDR services that drive revenue for channel partners while addressing customers' evolving security needs. Expel Workbench™, a best-in-class security operations platform that enables the highest level of transparency on the market. Robust support including sales incentives, training tools, and marketing collateral. This year, Expel celebrated continued program growth with its inaugural Partner of the Year Awards, honoring organizations exhibiting excellence in partnering with us to reflect our shared, customer-based values. CRN also recently included Glass on the 2025 Channel Chief's list and featured Expel on the CRN Security 100 as one of the 20 Coolest Endpoint and Managed Security Companies of 2024. To learn more about how our program improves the outcomes partners deliver to their customers, visit the Expel Partner Program webpage for details on sales incentives, training tools, marketing collaboration, and more. "Being featured on the 2025 CRN Partner Program Guide highlights the dedication these technology vendors have to evolving with solution providers, driving innovation, and supporting mutual success," said Jennifer Follett, VP, U.S. Content and Executive Editor, CRN, at The Channel Company. "This critical annual project empowers solution providers to identify vendors that are committed to enhancing their partner programs and meeting the always-changing business needs of the channel and end customers. The guide provides deep insight into the distinctive value of each partner program so solution providers can make strategic partnership decisions with confidence." The 2025 Partner Program Guide will be spotlighted in the April 2025 issue of CRN and published online at beginning March 24, 2025. About The Channel Company: The Channel Company (TCC) is the global leader in channel growth for the world's top technology brands. We accelerate success across strategic channels for tech vendors, solution providers, and end users with premier media brands, integrated marketing and event services, strategic consulting, and exclusive market and audience insights. TCC is a portfolio company of investment funds managed by EagleTree Capital, a New York City-based private equity firm. For more information, visit Follow The Channel Company: X, LinkedIn and Facebook. © 2025 The Channel Company, Inc. CRN is a registered trademark of The Channel Company, Inc. All rights reserved. About Expel Expel is the leading managed detection and response (MDR) provider trusted by some of the world's most recognizable brands to expel their adversaries, minimize risk, and build security resilience. Expel's 24/7/365 coverage spans the widest breadth of attack surfaces, including cloud, with 100% transparency. We combine world-class security practitioners and our AI-driven platform, Expel Workbench™, to ingest billions of events monthly and still achieve a 17-minute critical alert MTTR. Expel augments existing programs to help customers maximize their security investments and focus on building trust—with their customers, partners, and employees. For more information, visit our website, check out our blog, or follow us on LinkedIn. View original content to download multimedia: SOURCE Expel Sign in to access your portfolio
