Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
As the pandemic now focuses on proving vaccination status in many locales, scammers are taking the opportunity to leverage the need for documentation to steal personal information.
A spear phishing campaign is sending phony “customer complaints” that contain a link to a malicious website, according to Paul Ducklin at Naked Security. The phishing emails appear to ...
Researchers at Barracuda warn that attackers are sending non-malicious emails as a precursor to targeted phishing attacks.
New data on the use of impersonation in phishing attacks focused on social media accounts shows some very realistic and worrisome websites and emails that could definitely fool you.
New details from Microsoft on this pieced-together phishing kit reveal some unique tactics designed to avoid detection by security solutions and users alike while stealing credentials.
RiskIQ has observed another phishing kit that’s been pieced together from portions of other phishing kits.
New attack details from Google’s Threat Analysis Group show how cybercriminals are innovating ways to use an initial attack to aid in additional crypto scams.
Organizations appear to be overconfident in their ability to protect themselves, despite glaring gaps in security, according to new data from cyber protection vendor, Acronis.
Researchers at Tessian caution that people should be wary of scams as Black Friday approaches. The researchers found that thirty percent of people in the US reported receiving a phishing ...
Back in the early 1990s, when I was first getting into the IT field as a full-time network administrator, I was tasked with writing up our corporation’s new email policy. Email was just ...
New attacks initially coming in via email are directing victims to make phone calls to attacker-controlled call centers in order to provide banking and credit card details.
This latest arrest by the South African Police Service (SAPS) demonstrates how romance scams that have been around for decades remain alive and well… and profitable.
A new report shows how cybercriminals focus on users that are less vigilant and more prone to falling for social engineering and impersonation tactics designed to gain access to finances.
KnowBe4's latest quarterly report on top-clicked phishing email subjects is here. We are now looking at the top categories globally, general subjects (in the United States and Europe, ...
Cybercriminals are using Craigslist email notifications to send phishing links, according to Roger Kay at INKY. The emails contain links to download a document with malicious macros.
Researchers at Microsoft have observed an attack phishing campaign by Russia’s SVR that’s targeting resellers and managed service providers. Microsoft tracks this threat actor as ...
A threat actor based in Pakistan is targeting entities in India and Afghanistan with malware-laden websites, according to researchers at Cisco Talos.
A new trend in social engineering and impersonation emerges as cybercriminals take advantage of a user’s inability to properly identify fake corporate logos in phishing attacks.
The U.S. government has been pushing people to avoid SMS- and voice call-based multi-factor authentication (MFA) for years, but their most recent warning is to avoid any MFA that is ...
Researchers at Google’s Threat Analysis Group (TAG) are tracking phishing campaigns by the Iranian threat actor APT35 (also known as Charming Kitten). The attackers used compromised ...
