When the URL Domain Is Not Enough To Avoid a Phish
One of the most common mantras in security awareness training is “Examine the URL to determine if it points to the legitimate vendor or not!”
Cancel
Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
One of the most common mantras in security awareness training is “Examine the URL to determine if it points to the legitimate vendor or not!”
The leveraging of Google Docs, a spoofed website, a realistic-feeling buying process, and asking for payment in cryptocurrency is all it takes to separate victims from thousands of ...
A new phishing campaign is exploiting the ongoing uncertainty about company policies related to COVID-19, according to Roger Kay at INKY. The campaign uses emails that purport to come ...
Police in Romania, the Netherlands, and Ireland have arrested and charged twenty-three people accused of conducting sophisticated social engineering attacks. The organized crime group ...
In what appears to be a phishing attack that includes a mix of emails and phone calls, Microsoft reminds us to be wary of only opening emails and attachments from known contacts.
The volume of phishing attacks has increased 22% this year compared to the first half of 2020, according to researchers at PhishLabs.
Lax security policies, a lack of security measures and solutions in place, and an expectation that Microsoft will address any security issues is putting organizations at risk.
A phishing campaign is using morse code to encode malicious attachments in order to slip past security filters, according to researchers at Microsoft. The phishing emails contain HTML ...
Cybercriminals and nation-state actors continue to launch smishing attacks to steal credentials and distribute malware, according to Michael Marriott, Senior Strategy and Research Analyst ...
With threat actors honing their trickery skills to craft the perfect email used to fool a would-be victim recipient, new data shows cybercriminals are stepping up their game on a number ...
The US Federal Trade Commission (FTC) has issued a warning about scams targeting unemployed people via text messages.
A survey sponsored by Egress found that 94% of organizations suffered insider data breaches over the past year. The survey offers the following results:
New data from security vendor Ivanti suggests that cybercriminals are focusing in on those in IT roles as targets of phishing attacks, with many admitting to falling victim for these ...
Microsoft's Security Intelligence team recently sent an alert to Office 365 users and admins to watch out for a suspicious phishing email that uses spoofed sender addresses.
Bitdefender has observed a phishing campaign that tries to blackmail users into sending money by claiming their computer has been hacked. The emails contain real passwords that have been ...
The “Evernote for creatives” collaborative platform is being used to legitimately host malicious links that point victims to phishing links, bypassing detection mechanisms.
Despite so much news surrounding phishing attacks pretending to be from Microsoft’s Office 365 platform, a new report from Vade Secure provides a global perspective to impersonation.
The cybercriminal underground is becoming increasingly organized, according to researchers at HP. The criminal underground functions like a regular economy, with people selling goods and ...
Phishing activity increased dramatically in the second quarter of 2021, according to a recent report by Vade. The company observed 4.2 billion phishing emails in June alone.
Researchers at Avanan warn that attackers are exploiting the collaboration and note-taking app Milanote to host phishing links.
