Credential-Harvesting Phishing Campaign Urges Review of Spam

Dec 8, 2021 10:47:28 AM By Stu Sjouwerman

Researchers at MailGuard have observed a phishing campaign that’s using phony “spam notification” emails that purport to come from Microsoft Office 365. The emails tell recipients that an ...

New Phishing Campaign has Fake DHL Shipping

Dec 6, 2021 4:14:40 PM By Stu Sjouwerman

Researchers at Avanan have spotted a new phishing campaign that’s impersonating DHL with phony shipping notifications. The emails inform the recipients that they need to update their ...

[Heads Up] First Omicron Phishing Attack Spotted In The UK

Dec 3, 2021 6:57:49 AM By Stu Sjouwerman

Bleepingcomputer had the scoop. Phishing actors have quickly started to exploit the emergence of the Omicron COVID-19 variant and now use it as a lure in their malicious email campaigns. ...

91% of All Baiting Attacks Use Gmail to Collect Intel on Potential Victims

Dec 2, 2021 8:51:29 AM By Stu Sjouwerman

This rudimentary form of phishing contains no malicious links or attachments but serves a very important purpose for cybercriminals and scammers looking to better target victims.

Holiday Shopping and Phishing-as-a-Service

Dec 1, 2021 9:22:12 AM By Stu Sjouwerman

Researchers at Egress observed a massive increase in phishing kits in the run-up to Black Friday, particularly those impersonating Amazon.

Phishing Attacks Smash All Records in Q3 2021 With the Highest Monthly Number of Attacks Ever

Nov 30, 2021 10:55:12 AM By Stu Sjouwerman

New data shows the business of phishing is moving “up and to the right” in nearly every way measurable, indicating a serious problem as threat actors continue to see growing success.

Mobile Phishing Attacks Surge 161% in the Energy Industry

Nov 30, 2021 10:55:04 AM By Stu Sjouwerman

The need for increased mobile security in the Energy sector has become evident with new data highlighting why these phishing attacks are occurring and effective ways to stop them.

Spear Phishing Campaign Targets North Korean Defectors

Nov 30, 2021 8:51:39 AM By Stu Sjouwerman

A state-sponsored threat actor is sending spear phishing emails to North Korean defectors and also to journalists who cover matters related to North Korea, according to researchers at ...

Phishing Reported in IKEA’s Internal Email System

Nov 29, 2021 10:32:03 AM By Stu Sjouwerman

IKEA has been working to contain a continuing phishing campaign that’s afflicting the furniture and houseware chain’s internal email system. BleepingComputer describes it as a ...

Email Classified as ‘Malicious’ by Employees Has Increased by 35% in the Last Year

Nov 25, 2021 8:52:37 AM By Stu Sjouwerman

New data shows Phishing, Vishing, Social Media attacks, and Microsoft 365 credential attacks are all on the rise as more users are demonstrating savviness around identifying malicious ...

Phishing Attacks Impersonating Amazon Continue, Raising Concerns on the Cusp of Black Friday and the Holidays

Nov 25, 2021 8:52:13 AM By Stu Sjouwerman

New phishing attacks in the form of impersonated Amazon order confirmation emails cause potential victims to make phone calls and give up credit card details.

[Scam of the Week] Black Friday & Cyber Monday Cybersecurity Tips 2021

Nov 23, 2021 12:40:00 PM By Stu Sjouwerman

Cybercriminals are at it again with holiday phishing scams. Because of the popularity of online shopping, retailers' online Black Friday deals attract more and more scammers every year. ...

SEC Warns of Spoofed Emails Impersonating Their Employees

Nov 23, 2021 10:08:11 AM By Stu Sjouwerman

Scammers are impersonating the US Securities and Exchange Commission (SEC) with spoofed phone calls and other communications that attempt to steal money and personal information from ...

Phishing Campaign Targets TikTok Influencers

Nov 22, 2021 1:23:42 PM By Stu Sjouwerman

Phishing emails are targeting large TikTok accounts with phony copyright warnings or offers for account verification, according to researchers at Abnormal Security.

Malicious Retail Phishing Sites Spike Ahead of Shopping Holidays

Nov 17, 2021 8:52:55 AM By Stu Sjouwerman

Researchers at Check Point have observed a record number of malicious phishing shopping websites that have been set up over the past two months. The researchers assume these sites were ...

Phishing Emails Use Small Font Size to Bypass Security Filters

Nov 15, 2021 9:49:15 AM By Stu Sjouwerman

Researchers at Avanan have spotted phishing emails that use a font size of one to fool email security scanners. The emails appear to be password expiration notifications from Microsoft ...

One-Fifth of U.K. Residents Have Experienced a ‘Proof of Vaccination’ Attack

Nov 11, 2021 1:09:35 PM By Stu Sjouwerman

As the pandemic now focuses on proving vaccination status in many locales, scammers are taking the opportunity to leverage the need for documentation to steal personal information.

“Customer Complaint” May Get Your Attention

Nov 11, 2021 8:41:23 AM By Stu Sjouwerman

A spear phishing campaign is sending phony “customer complaints” that contain a link to a malicious website, according to Paul Ducklin at Naked Security. The phishing emails appear to ...

Bait Attacks as Reconnaissance

Nov 10, 2021 11:15:31 AM By Stu Sjouwerman

Researchers at Barracuda warn that attackers are sending non-malicious emails as a precursor to targeted phishing attacks.

Phishing Attacks Aimed at Social Accounts Now in the Top Three Targeted Sectors

Nov 9, 2021 1:38:34 PM By Stu Sjouwerman

New data on the use of impersonation in phishing attacks focused on social media accounts shows some very realistic and worrisome websites and emails that could definitely fool you.

Security Awareness Training Blog

Phishing Blog

View Topics