logo
How To Fight The Threats Targeting Your Employees' Identities

How To Fight The Threats Targeting Your Employees' Identities

Forbes2 days ago
Damon Fleury is the Chief Product Officer of SpyCloud, a leader in identity threat protection.
The cybercrime economy has evolved into a sophisticated marketplace of stolen data, illegally obtained access and enablement services and tools that are readily available at scale. These offerings rely heavily upon data and access stolen with malware, phishing attacks and third-party breaches. For example, this growing industry of underground forums and marketplaces sells pre-built malware tools for less than $10, making it easier for even non-sophisticated cybercriminals to infiltrate organizations.
A new generation of resourceful cybercriminals is now efficiently using these darknet resources to target organizations with infostealer malware, advanced phishing attacks, residential proxies that mimic trusted IP addresses from victims' home addresses and more.
The impact is eye-opening. According to SpyCloud's 2025 Identity Exposure Report:
• About 50% of corporate users were exposed through infostealer malware in the past year.
• Seven million credentials were stolen from third-party applications, along with hundreds of thousands of credentials stolen from enterprise AI tools and password managers, exposing sensitive business insights and proprietary data and undermining critical security layers.
• As attackers gained access to high-value personal and corporate data, 97% of recaptured phishing data from known breaches contained email addresses, 64% exposed IP addresses and half included location data.
These statistics reflect a concerning level of exposure, with massive amounts of sensitive information now in the hands of individuals who lacked the tools or expertise to obtain it just a year ago. To keep up, enterprises must rethink their cybersecurity strategies for a world where anyone can be a threat and every employee a potential target, starting with a clear understanding of what's driving modern cybercrime and where their people are most vulnerable.
One-Click Cybercrime: Underground Syndicates And Install Brokers
It used to be that actors had to be truly enterprising to be successful, from writing their malware code to developing ways to avoid detection. Now, bad actors can pick up an entire malware kit via a black market site just as easily as the average consumer can make an Amazon purchase.
The impacts of these attacks can be devastating. For example, a criminal group known as Scattered Spider recently attacked famed British retailer Marks & Spencer, allegedly using solutions purchased on underground forums. The attack resulted in a drop in the company's share price and millions of dollars in lost revenue.
Scattered Spider is one of many groups suspected of using off-the-shelf malware obtained through 'install brokers'—also known as ad brokers or pay-per-install services. These brokers act as intermediaries in the cybercrime supply chain, connecting malware developers with threat actors by distributing malicious software at scale.
Install brokers often use advertising networks like Spaxmedia, compromised websites or bundled software to silently install malware on victims' devices. This hands-off infection method allows cybercriminals to steal data, launch phishing campaigns, deploy ransomware and cause widespread damage to an organization's operations, finances and reputation.
Any bad actor with a few hundred dollars in crypto can buy access to high-quality, polished, ready-to-install malware and launch it quickly and easily. Criminals can also purchase "malware cryptors'—tools that help evade antivirus software. They can even use install brokers to resell stolen data in bulk for low prices, creating a wholesale club for malicious actors.
Holistic Digital Identities: Defending Against Cybercrime Enablement
Executives must understand what they're dealing with and shift their perceptions of cybercriminals. So-called "smaller players" like those operating as Scattered Spider can be just as damaging as sophisticated state-sponsored cyberattackers, thanks to their ability to easily purchase readily available, inexpensive, plug-and-play tools. The result is a corporate cyber threat landscape that's more scalable and dangerous than ever before.
The problem is that most of the attack methods used by the new wave of cyberattackers leave little to no forensic trail, which makes it hard for businesses to know they've been infiltrated until it's too late. For instance, infostealers leave no trace, allowing criminals to stealthily steal users' identity data like passwords, personally identifiable information (PII) and more.
However sly the criminals are, they're generally predictable and almost always go after the same target: an organization's users. Therefore, one of the best defenses against infostealers, PhaaS and other tactics is to use data collected from known breaches and stolen data that's circulating the dark web to build holistic digital identities for your organization's users.
I've previously shared insights into the need for digital identity correlation, which enables companies to identify and mitigate threats related to stolen or compromised employee data—everything from social security numbers and emails to phone and credit card numbers.
Criminals see exposed users as soft targets they can easily exploit, but this approach helps businesses turn the tables. Piecing together user credentials exposed on the darknet allows businesses to make informed decisions on enabling access, resetting passwords and performing other tasks that protect individuals and the organization. They can effectively harden the soft targets against cybercriminals of all skill levels and defend against attacks.
Evolving Enterprise Security To Meet The Moment
Malware, phishing platforms, stolen credentials and install broker services are readily available and sold like consumer software, dramatically lowering the barrier to entry for cyberattackers. This shift has redefined the threat landscape, turning low-skill actors into legitimate threats and scaling the impact of cybercrime across industries.
As the era of cybercrime enablement expands, enterprise security practices must evolve, too. Instead of focusing exclusively on perimeter defense models, organizations must understand the types of PII today's bad actors possess—and use that information against them to build strong and sustainable security postures.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Orange background

Try Our AI Features

Explore what Daily8 AI can do for you:

Comments

No comments yet...

Related Articles

Trump administration not in a rush to replace Powell, Treasury chief Bessent says
Trump administration not in a rush to replace Powell, Treasury chief Bessent says

Yahoo

time7 minutes ago

  • Yahoo

Trump administration not in a rush to replace Powell, Treasury chief Bessent says

WASHINGTON (Reuters) -U.S. Treasury Secretary Scott Bessent on Wednesday told Bloomberg TV in an interview that the Trump administration was not in a rush to nominate a new Federal Reserve Chair to replace Jerome Powell. Bessent said he continues to have regular meetings with Powell and that Powell had not told him whether he would leave his board seat. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data

Habit Burger & Grill Celebrates Newest Restaurant in Santa Clarita, California
Habit Burger & Grill Celebrates Newest Restaurant in Santa Clarita, California

Yahoo

time7 minutes ago

  • Yahoo

Habit Burger & Grill Celebrates Newest Restaurant in Santa Clarita, California

New Drive-Thru Habit Restaurant to Open Doors on July 30; Hold Pre-Opening VIP Events on July 26, 28-29 Habit Burger & Grill Celebrates Newest Restaurant in Santa Clarita, California IRVINE, Calif., July 23, 2025 (GLOBE NEWSWIRE) -- Habit Burger & Grill, the California-based restaurant company renowned for its award-winning Charburgers grilled over an open flame, signature sandwiches, fresh salads, and more, announces today the launch of their latest restaurant opening in California with the Santa Clarita opening. The new restaurant's address is 16424 Village Way, Santa Clarita, CA 91387. Their famous 'Habit Hospitality' will be served to the public starting Wednesday, July 30, 2025. In honor of their grand opening, Habit Burger & Grill will host exclusive pre-opening VIP events for their CharClub and mobile app members. Guests can receive an invite to this exclusive sneak peek by signing up at VIP Event Details: Free Charburger Day (Saturday, July 26): The first 200 guests at 11:30 a.m. and 5:00 p.m. will receive a free freshly-made Charburger, fries and drink. Must be a CharClub member and present VIP invitation. Free Habit Day (Monday, July 28): The first 200 guests at 11:30 a.m. and 5:00 p.m. will receive a free chargrilled meal from one of our pre-set menus. Must be a CharClub member and present VIP invitation. Free Habit Day (Tuesday, July 29): The first 200 guests at 11:30 a.m. and 5:00 p.m. will receive a free chargrilled meal from one of our pre-set menus. Must be a CharClub member and present VIP invitation. "We have been waiting a while to open our Santa Clarita location, and we couldn't be more pumped to finally throw out the welcome mat,' said Chef Jason Triail, Executive Chef at The Habit. 'We know Santa Clarita is filled with a ton of things to do – amusement parks, festivals, summer concerts, and sports to name a few. This is a vibrant energetic city and Habit Burger & Grill can't wait to serve up our award-winning charburgers, sandwiches stacked high, and those amazing sides, like our Tempura Green Beans.' The latest Santa Clarita restaurant will offer dine-in, takeout; and delivery will be available via the Habit Mobile App and online at Guests also have additional convenient ordering options including state-of-the-art indoor self-serve kiosks and delivery through Grubhub, DoorDash, Postmates and Uber Eats. Habit Burger & Grill was named in Thrillist's list of 'Underrated Burger Chains that Need to be in Every State!' With its cooked-to-order mantra, Habit Burger & Grill's open flame sears a distinctive smoky flavor into their famous Charburgers, fresh marinated chicken, and sushi-grade ahi tuna. Guests at Habit Burger & Grill can always count on freshly-made, handcrafted quality served up with genuine hospitality. This Habit Burger & Grill restaurant will be open Mon-Sun 10:30 a.m. -10:00 p.m. Connect with Habit Burger & Grill on social media at: FB: IG: TikTok: LinkedIn: About The Habit Restaurants, Inc. Born in sunny Southern California in 1969, Habit Burger & Grill is known for Charburgers cooked-to-order over an open flame. But the menu extends far beyond burgers—it's a celebration of Californian-inspired flavors. Alongside the brand's signature Charburgers is a meaningful array of handcrafted sandwiches, crisp salads, and creamy shakes, ensuring there's something for everyone. Habit Burger & Grill has earned notable recognition, with its Double Char ranked #1 by USA Today 10Best*, its Tempura Green Beans named the #1 side by USA Today 10Best, and its Chicken Club recognized as the best grilled chicken sandwich by The Daily Meal. The brand was also featured in Newsweek's America's Favorite Restaurant Chains 2023 and included in Thrillist's roundup of Underrated Burger Chains that Need to be in Every State! Habit Burger & Grill has since grown to over 385 restaurants across 14 states and internationally—continuing to serve up bold fresh flavors, made-to-order. Learn more at Sources: USA Today 10Best, USA Today 10Best, The Daily Meal, Newsweek, The Daily Meal, Thrillist Habit Burger & Grill Press Contact: HBGMedia@ A photo accompanying this announcement is available at

DOWNLOAD THE APP

Get Started Now: Download the App

Ready to dive into a world of global content with local flavor? Download Daily8 app today from your preferred app store and start exploring.
app-storeplay-store