Business Email Compromise (BEC) is a highly sophisticated digital fraud scheme that exploits trust in corporate communications to obtain illicit financial gains. Unlike conventional cyberattacks that often employ malware or exploits, BEC is characterized by social engineering approaches and identity…

Last week, the Akido team identified a unique and sophisticated attack on the Java ecosystem : a malicious package published on Maven Central, disguised as a legitimate extension of the popular Jackson JSON library. The package, called org.fasterxml.jackson.core/jackson-databind, mimicked the namesp…

The integrity of the corporate digital ecosystem is being attacked at a silent but crucial point: the internet identity infrastructure , especially the domain name layer, DNS, TLS certificates, and email. Modern phishing is rarely “improvised.” In many cases, it is a structured social en…

Cybersquatting occurs when someone registers, maintains, or uses a domain name that incorporates a third-party trademark (or something similar), usually in bad faith —to resell the domain, divert traffic, “hold” the trademark hostage, or exploit someone else…

The digital environment has exponentially expanded the reach of brands—and, along with that, opened up new attack surfaces. Today, scams, fraud, and unfair competition practices often begin with something simple: registering a domain that looks similar to that of the legitimate brand . It …

Concept and nature of typosquatting Typosquatting is a digital fraud technique that exploits typos made by users when accessing internet addresses, with the aim of redirecting them to malicious websites. It is a low-cost practice for the perpetrator, but with a high potential for impact, especi…