Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
Researchers at Armorblox have spotted a credential phishing campaign that’s impersonating encrypted communications from Zix. The emails contain a link to download an HTML attachment.
Lowering the barrier to market even more, this new Phishing as a Service (PhaaS) spotted by Microsoft puts quality phishing templates and sites into the hands of any would-be cyber ...
The California DMV has warned of an ongoing smishing campaign seeking customers’ personal and financial information, Pasadena Now reports.
Scammers are using shortened LinkedIn URLs to disguise phishing links, according to Jeremy Fuchs at Avanan. LinkedIn automatically shortens links that are longer than 26 characters. The ...
Pent-up demand for traveling – both domestically and internationally – has driven an interest by cybercriminals to take advantage of those traveling to become phishing victims.
Offering targeted victim organizations an opportunity to bid on infrastructure projects, this scam seeks to harvest credentials using a new mix of tactics to evade detection.
A phishing campaign is pushing cryptocurrency scams posing as the “Elon Musk Mutual Aid Fund,” according to BleepingComputer. The emails have odd subject lines and content, but contain an ...
The use of open redirects from legitimate domains makes phishing emails that much more believable and credible, obfuscating the dangerous nature of these attacks.
A phishing campaign is impersonating the US Department of Transportation (USDOT), according to Roger Kay at INKY. The campaign is targeting infrastructure contractors who are eager to bid ...
Researchers at ESTsecurity warn that a North Korean threat actor known as “Kumsong 121” is using compromised social media accounts to launch spear phishing attacks, the Daily NK reports. ...
Researchers at Expel offer a useful list of the top keywords used in phishing emails. First on the list is the word “invoice,” which is a general term that will be relevant to most ...
The increase in remote users mixed with a lack of adjusting to cloud-based security services likely created the perfect opportunity for cybercriminals.
The German government has called out Russia for carrying out phishing attacks against German politicians ahead of the country’s upcoming parliamentary elections, the Associated Press ...
Researchers at Anomali warn that the financially motivated threat group FIN7 is using Windows 11-themed phishing documents to deliver malware. The documents claim to have been created on ...
Microsoft’s recent announcement that the new version of Microsoft Windows, Microsoft Windows 11, will be released soon is capturing headlines around the world. Microsoft will allow ...
Researchers at Microsoft have observed a widespread phishing campaign that’s abusing open redirectors to fool users into visiting credential-harvesting pages. Open redirects are often ...
One of the most common mantras in security awareness training is “Examine the URL to determine if it points to the legitimate vendor or not!”
The leveraging of Google Docs, a spoofed website, a realistic-feeling buying process, and asking for payment in cryptocurrency is all it takes to separate victims from thousands of ...
A new phishing campaign is exploiting the ongoing uncertainty about company policies related to COVID-19, according to Roger Kay at INKY. The campaign uses emails that purport to come ...
Police in Romania, the Netherlands, and Ireland have arrested and charged twenty-three people accused of conducting sophisticated social engineering attacks. The organized crime group ...
