Expert comment: Gemini crypto exchange phishing campaign
December 2022 by John Stevenson, Product Director, Cyren
Considering the news that Gemini crypto exchange announced that
customers were targeted in phishing campaigns after a threat actor
collected their PII from a third-party vendor, please see below for
expert comment from John Stevenson, Product Director, Cyren.
“While Gemini is, quite rightly, encouraging customers to employ MFA
and change any email addresses linked to the breached accounts, the
damage has already been done. Personal identifiable information has
already been leaked and victims are already facing follow-up phishing
scams abusing the exposed PII in the pursuit of more valuable
credentials.
There is nothing to say that this information is not linked to target
victims’ places of work, making now a good time for organisations to
implement a robust, layered security strategy in retaliation. This
layered strategy should include real-time detection of zero-day and
unique threats. By adding a real-time detection and automated
remediation capability to identify and eliminate threats rapidly, the
potential impact of malicious emails is dramatically mitigated.”