Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
Organizations in the US lost $2.4 billion to business email compromise (BEC) scams (also known as CEO fraud) last year, according to Alan Suderman at Fortune.
Taking advantage of the value of a legitimate web service, along with a valid SSL certificate, a new campaign of phishing attack targeting online Microsoft credentials is leveraging Azure.
A phishing campaign impersonating WhatsApp has targeted more than 27,000 mailboxes, according to researchers at Armorblox. It’s not clear who the attackers were, but they used an old ...
Stolen client data from Mailchimp put customers of the cryptocurrency hardware wallets on notice of potential social engineering attacks claiming to be Trezor.
Scammers are impersonating Europol with fraudulent phone calls in an attempt to steal personal and financial information, according to Kristina Ohr at Avast. The German Federal Criminal ...
It appears that the use of Microsoft CHM files is gaining popularity, and from the way this latest attack works, it’s a rather ingenious and flexible method that could become more ...
Rather than take the usual path of sending an email and linking to a spoofed logon page, this attack takes a different set of actions that at first make no sense but may actually be ...
A look at what makes up Web 3.0 and how it may be used includes insight into what kinds of cyberattacks may plague it, as cybercriminals look for new profitable opportunities.
New data from the FBI’s Internet Crime Complaint Center (IC3) shows a massive increase in the cost of internet crimes, with phishing and BEC topping the list.
A widespread phishing scam is circulating in Facebook Messenger, according to Jeff Parsons at Metro. The phishing messages simply contain the words, “Look what I found,” along with a ...
The FBI has issued a Private Industry Notification warning of phishing emails designed to steal login credentials from election officials. The Bureau believes these attacks will increase ...
The shift in devices used by today’s workforce has resulted in increases in cybersecurity concerns and incidents, despite a majority of orgs with defined BYOD programs in place.
Researchers at Intezer warn that attackers are hijacking email conversations to distribute the IcedID banking Trojan. This technique makes the phishing emails appear more legitimate and ...
Scammers continue to exploit the crisis in Ukraine, according to researchers at Bitdefender. Over the past week, the researchers believe the fraudsters have adjusted their tactics in ...
Google’s Threat Analysis Group (TAG) describes a cybercriminal group it calls “EXOTIC LILY” that acts as an initial access broker for numerous financially motivated threat actors, ...
New data from the Anti-Phishing Working Group shows cybercriminals are stepping on the gas, focusing phishing attacks on credential theft and response-based scams.
In an unusual turn of events, a recent court decision sided with the policyholder, despite specific policy language that probably should have favored the insurer.
As if stealing all your credentials, cookies, and email wasn’t bad enough, this new version of QakBot inserts itself into your emails, impersonating you to gain access to more victims.
This simple invoice scam appears to be a part of a much broader campaign targeting municipalities, posing as existing subcontractors.
Researchers at Avanan warn that attackers are using reCAPTCHAs on their phishing sites to avoid detection by security scanners.
