Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
The Associated Press (AP) has disclosed a data breach affecting the legacy AP Stylebook website that led to phishing attacks against impacted customers, BleepingComputer reports.
Phishing attacks have always been detected through broken English, but now generative artificial intelligence (AI) tools are eliminating all those red flags. OpenAI ChatGPT, for instance, ...
In the movie, "Willy Wonka and the Chocolate Factory," kids unwrap chocolate bars in hopes of winning a golden ticket, giving the holder an inside tour of the sugar factory. The W3LL ...
Researchers at Truesec are tracking a phishing campaign that’s distributing the DarkGate Loader malware via external Microsoft Teams messages.
The Interisle Consulting Group has published a paper looking at the phishing landscape in 2023, KrebsOnSecurity reports. Notably, Interisle found that the .us top-level domain is being ...
The Telekopye toolkit allows scammers to create phishing websites, send fraudulent SMS messages and emails, and target popular Russian and non-Russian online marketplaces.
The use of lookalike domains has reached critical mass with not just one counterfeit website, but many.
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that scammers are exploiting the recent hurricanes that have hit the US. Criminals frequently impersonate ...
I frequently write about authentication, including PKI, multi-factor authentication (MFA), password managers, FIDO, Open Authentication, and biometrics. I have written dozens of articles ...
While spam tends to be dismissed as being more of an annoyance, new research shows that there is a very real and ever-present threat in emails that are marked as “spam”.
As Phishing as a Service (PhaaS) kits continue to evolve, news like recent attacks using the Greatness toolkit demonstrate how easy it is for novice attackers to access accounts despite ...
A recent survey by Lookout, Inc. warns for a specific attack vector as Labor Day approaches. The study shows that 85% of enterprise employees capable of remote work plan to do so on ...
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Customers of the bankrupt cryptocurrency exchange FTX are already receiving phishing emails following a breach of personal data held by several crypto companies, CoinDesk reports.
No surprise: phishing attacks are on the rise, and an old technique is now--again--getting increasingly popular: open redirect flaws. These flaws allow attackers to redirect victims to ...
Researchers at Trustwave are tracking an increase in the use of QR codes to spread phishing links.
What's the Deal with Callback Phishing?
Users of the language learning app Duolingo should be wary of targeted phishing attacks following a recent data leak, according to Anthony Spadafora at Tom’s Guide. Criminals scraped the ...
After you come to grips with the massive average cost of a data breach to an enterprise organization measured in the millions, it’s time to look at the factors that increase – and lower – ...
As phishing attacks continue to dominate as an initial attack vector, new data shows that attackers maintain the use of tried-and-true techniques as the means to successful attacks.
