How Cybercriminals are Exploiting Digital Workspaces- Insights from Ori Segal’s TV Interview
Cyber threats have evolved, and today, attacks are happening far beyond email. With 3.4 billion phishing attacks occurring daily, hackers are leveraging deepfake technology, AI-driven scams, and social engineering tactics to bypass traditional security defenses.
Ori Segal, CEO & Co-Founder of Cyvore, joined Channel 10’s Economy Channel to discuss the alarming trends in cyberattacks and how organizations can stay ahead of emerging threats.
Key Takeaways from the Interview
Deepfake Attacks Are on the Rise – Attackers spent over $1 million to execute a deepfake Zoom call, tricking a company into wiring $25.6 million to cybercriminals. With the cost of such attacks decreasing, the threat will only grow.
Hackers Are Infiltrating Slack, WhatsApp, and CRM Systems – Companies are being targeted through internal chat tools, where seemingly harmless links lead to mass credential theft.
Social Engineering Is More Sophisticated Than Ever – Attackers aren’t just sending phishing emails anymore; they are building relationships, gaining trust, and striking at the right moment to extract sensitive information.
How Cyvore is Preventing the Next Big Cyber Heist
Cyvore is pioneering Workspace Security, a proactive defense for the full spectrum of enterprise communications, including Zoom, Teams, Slack, WhatsApp, and CRM platforms.
💡 Cyvore’s technology detects AI-driven deception, traces stolen credentials, and prevents fraud before it happens.
Cyvore is redefining cybersecurity. Are you ready to protect your digital workspace?
Translated Transcription of the Interview with Ori Segal – The Cyber Attacks Challenge
Cyber threats exist across all digital platforms, from Zoom and social media to email. Since AI has entered our lives, these threats have become even more sophisticated. Phishing attacks can cause serious financial damage, whether targeting individuals or organizations. Welcome, Ori Segal, CEO of Cyvore.
Ori: Hi, nice to meet you. Thank you very much.
How dangerous is it today?
The truth is, it’s getting extremely dangerous. Some interesting numbers from the field: Over the past year, we’ve seen a 1,300% increase in phishing and fraud attacks—what’s known as identity theft and financial scams.
There’s been a more than 1,000% rise in identity theft cases. And do you know how many phishing attacks occur daily through email and social media? Guess a number.
Interviewer: It must be a lot—I get them every day!
Ori: 3.4 billion attacks per day.
Interviewer: Wow.
Ori: 3.4 billion phishing attacks happen daily.
And how many of these succeed?
A significant number. It depends on the type of attack and who the target is, but many of them succeed, causing huge financial losses—to individuals, companies, organizations, and even governments.
What types of attacks are out there?
Let me give you some examples. The most classic attack is when you visit a website that looks exactly like a legitimate one, but it’s actually a fake.
For example, let’s say you want to buy a concert ticket. You enter your payment details on a site that looks like the official one—but it’s not. The moment you click “Send”, your credit card details, home address, and personal information are stolen.
Just this morning, I received two SMS messages saying “Your credit card has been blocked. Click here to reactivate it.” But I don’t even have that credit card.
Interviewer: That’s funny, I get the opposite. I keep winning class-action lawsuits! “Click here to claim your money.” But I never click, so I guess I’ll never know.
Ori: Exactly. Many of today’s cyberattacks are psychological in nature. Instead of hacking into your device, attackers build a relationship with you and strike at the right moment.
A Real-Life Deepfake Attack Over Zoom
One of the most shocking cases we’ve seen involved a Zoom deepfake attack between two companies—one in London and the other in Hong Kong. These companies had been doing business together for years, holding regular Zoom meetings to discuss financial transactions.
During one such meeting, seven people joined—five from one company, two from the other. However, except for one junior employee, every single participant in the call was a deepfake.
Attackers spent over $1 million to execute this deepfake operation (today, the cost would be around $200,000, and in the future, it will be much cheaper). The CFO, the person authorizing the transfer, was not real. By the end of the call, the company had lost $25.6 million.
Beyond Email: Attacks Now Happen Everywhere
Cyberattacks aren’t just happening through email anymore. Hackers exploit Slack, WhatsApp, CRM systems, Zoom, and Teams to manipulate victims.
For example, in Slack, an attacker can send a seemingly harmless link to a colleague. If the recipient clicks on it, it could compromise the entire company.
Think about it: You’re chatting with someone on WhatsApp, Zoom, or Teams, thinking it’s a trusted colleague. But what if it’s not actually them?
Interviewer: How often does this happen in large companies? Or is it mostly individuals being targeted?
Ori: It happens all the time. For individuals, the best defense is staying alert—just like you do when you ignore suspicious messages.
For companies, however, the problem is much bigger. There’s a concept called email takeover, where attackers infiltrate a company’s internal communication.
We worked with a publicly traded company worth over $1 billion that suspected an intrusion. They hired an external cybersecurity firm—but nothing was found.
Months later, Cyvore stepped in. Within 24 hours, our system uncovered that six employees had been hacked—not through work email, but through their social media accounts.
How Hackers Use Personal Accounts to Breach Companies
Let’s say I hack your Facebook or LinkedIn and steal your login details. If you reuse passwords across personal and work accounts, I now have access to your company’s network.
Once inside, I stay silent and wait—watching company transactions. When a large financial transfer is about to happen, I step in, hijack an email, swap the bank details—and the money is gone.
Sophisticated Corporate Impersonation Attacks
Many cybercriminals disguise themselves as real companies, like Meta, Facebook, or Instagram, sending fake password reset requests.
Interviewer: So the key is to check the email sender?
Ori: It’s not that simple anymore. Attackers are well-funded, patient, and highly skilled. We’re no longer talking about some teenager in their bedroom—these are professional cybercrime syndicates.
That’s why we build tools to detect and stop attacks before they even happen.
Recently, we uncovered an attacker planning phishing campaigns against postal services in Dubai and Greece. While monitoring them, we saw them preparing their next target—a German bank.
Because the bank was a Cyvore client, we were able to alert them before the attack even launched.
Cyvore’s Technology: A New Approach to Workspace Security
At Cyvore, we’ve developed a new cybersecurity category—Workspace Security. Our mission is to protect all digital communication interfaces within organizations—email, video calls, messaging platforms, and CRMs.
While email security is common, most attacks now happen outside email.
We built Cyvore, a multi-layered security platform with advanced psychological analysis, AI-driven threat intelligence, and proactive attack prevention.
For example, in a Zoom or Teams call, our system does three things:
- Verifies the identity of the person speaking—ensuring they are who they claim to be.
- Detects psychological manipulation—identifying if someone is using deceptive tactics to extract sensitive information.
- Scans all shared links and files—blocking malicious attempts in real-time.
These capabilities help prevent deepfake attacks, phishing, and fraud—before they cause damage.
Financial Impact of Cyberattacks
In the financial sector alone, cybercrime caused over $20 billion in losses in 2024.
At the end of the day, hackers want one of two things:
- To steal your identity.
- To steal your money.
Often, stolen data is sold to third parties, who then launch new attacks—turning one breach into many more.
Final Thoughts: How to Stay Safe
- For individuals: Always be skeptical of unexpected messages, especially those containing links or urgent requests.
- For companies: Monitor internal communications across all platforms—email, video calls, and chat systems.
- For the industry: Invest in advanced security tools—because traditional defenses aren’t enough anymore.
Interviewer: Ori Segal, thank you so much.
Ori: Thank you.
