Security Boulevard reported that APWG released findings that in Q2 of 2019 more than half of phishing sites have HTTPS, which makes the site appear legitimate.
The findings also revealed that over 65% of BEC attacks are focused on getting obtaining gift cards. How do you combat? Train your staff to spot these threat actors through the requirement to send the gift card numbers. Also, add a policy that leadership will not ask the employees to request gfit card numbers, only tunr over the actual cards or send via by mail.
Security Boulevard has the story here.