Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
Researchers at Intezer have spotted a phishing campaign that’s targeting energy companies in South Korea, the United States, the United Arab Emirates, and Germany. Most of the targets are ...
Crisis draws opportunistic criminals, and the Kaseya ransomware incident is no different. Kaseya’s updates on the incident have included repeated warnings not to be taken in by emails or ...
Just over a year ago, a much-prized perk – the ability to work from home – became an everyday reality for many. ITWeb, in partnership with KnowBe4, conducted a survey to gain insight into ...
DMARC, SPF, and DKIM are global anti-domain-spoofing standards, which can significantly cut down on phishing attacks. Implemented correctly they allow you to monitor email traffic, ...
Consistent awareness training is necessary to fend off phishing attacks, according to Keatron Evans, a principal security researcher, instructor, and author with Infosec. In an interview ...
North Korea’s Lazarus Group has been launching phishing campaigns against more defense contractors and engineering companies, according to researchers at AT&T Alien Labs. The ...
The Southwark Police in London have warned of a spike in WhatsApp phishing scams, according to Paul Ducklin at Naked Security. The station tweeted, “We have seen a surge in WhatsApp ...
Phishing scams impersonating the UK’s tax, payments and customs authority related to tax rebates or refunds have soared, according to new data obtained by a Freedom of Information (FoI) ...
NSA and its US and British partners (the UK's NCSC and the US FBI and CISA) late this morning released an advisory detailing a Russian campaign ("almost certainly ongoing") to brute-force ...
Researchers at Kaspersky recently spotted two widespread phishing campaigns delivering the IcedID and QBot banking Trojans. The majority of users targeted by the IcedID campaign were ...
Unlike traditional phishing emails that simply attach or link to a malicious file, a new scam from cybercriminal group BazaCall makes victims call in and be instructed to download the ...
A phishing campaign is using Windows Imaging Format (WIM) files to deliver malware, according to researchers at Trustwave. WIM files aren’t commonly thought of as potentially malicious, ...
Attackers are using a new technique to exploit Google Docs for phishing attacks, according to researchers at Avanan. The attackers take advantage of the fact that Google Docs ...
The latest anticipated release of Windows should be a reminder that even IT folks can be driven into a frenzy enough to miss the signs of a malicious campaign.
With phishing attacks being thought to have started literally 25 years ago, what makes this age-old method so continually valuable as a tool for cybercriminals and scammers?
With the number of phishing sites in Q1 overall up 47%, according to new data from Phishlabs, the bad guys are starting their year off letting you know… they mean business.
Amazon Prime Day is approaching on June 21st with special promotions. This also mean cybercriminals are ready to strike with leveraging 'special deals' on the online days that they will ...
According to the newly released data from the Anti-Phishing Working Group, every metric measuring phishing attacks is up this year over last, spelling trouble for organizations.
Leveraging Microsoft Exchange’s Basic Authentication support, scammers were able to use harvested online credentials and bypass any MFA in place, giving them access to mailboxes.
When your users receive a realistic-looking helpdesk email informing them they should update their system to prevent ransomware attacks, what could possibly go wrong?
