Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
DMARC, SPF, and DKIM are global anti-domain-spoofing standards, which can significantly cut down on phishing attacks. Implemented correctly they allow you to monitor email traffic, ...
Consistent awareness training is necessary to fend off phishing attacks, according to Keatron Evans, a principal security researcher, instructor, and author with Infosec. In an interview ...
North Korea’s Lazarus Group has been launching phishing campaigns against more defense contractors and engineering companies, according to researchers at AT&T Alien Labs. The ...
The Southwark Police in London have warned of a spike in WhatsApp phishing scams, according to Paul Ducklin at Naked Security. The station tweeted, “We have seen a surge in WhatsApp ...
Phishing scams impersonating the UK’s tax, payments and customs authority related to tax rebates or refunds have soared, according to new data obtained by a Freedom of Information (FoI) ...
NSA and its US and British partners (the UK's NCSC and the US FBI and CISA) late this morning released an advisory detailing a Russian campaign ("almost certainly ongoing") to brute-force ...
Researchers at Kaspersky recently spotted two widespread phishing campaigns delivering the IcedID and QBot banking Trojans. The majority of users targeted by the IcedID campaign were ...
Unlike traditional phishing emails that simply attach or link to a malicious file, a new scam from cybercriminal group BazaCall makes victims call in and be instructed to download the ...
A phishing campaign is using Windows Imaging Format (WIM) files to deliver malware, according to researchers at Trustwave. WIM files aren’t commonly thought of as potentially malicious, ...
Attackers are using a new technique to exploit Google Docs for phishing attacks, according to researchers at Avanan. The attackers take advantage of the fact that Google Docs ...
The latest anticipated release of Windows should be a reminder that even IT folks can be driven into a frenzy enough to miss the signs of a malicious campaign.
With phishing attacks being thought to have started literally 25 years ago, what makes this age-old method so continually valuable as a tool for cybercriminals and scammers?
With the number of phishing sites in Q1 overall up 47%, according to new data from Phishlabs, the bad guys are starting their year off letting you know… they mean business.
Amazon Prime Day is approaching on June 21st with special promotions. This also mean cybercriminals are ready to strike with leveraging 'special deals' on the online days that they will ...
According to the newly released data from the Anti-Phishing Working Group, every metric measuring phishing attacks is up this year over last, spelling trouble for organizations.
Leveraging Microsoft Exchange’s Basic Authentication support, scammers were able to use harvested online credentials and bypass any MFA in place, giving them access to mailboxes.
When your users receive a realistic-looking helpdesk email informing them they should update their system to prevent ransomware attacks, what could possibly go wrong?
The bad guys take advantage of any major event as the source of a new phishing campaign. According to new data from Avanan, this latest campaign aligns with heading back to the office.
Cybercriminals are quick to put hacked accounts to use, according to Agari by Help Systems. The researchers found that 91% of compromised accounts are accessed by attackers within one ...
In the latest phishing campaign targeting FINRA member firms, attackers impersonate requests from the regulatory authority citing the potential to “attract penalties” if request ...
