Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
Advanced nation-state actors and petty criminals are both leveraging credential-stuffing attacks to hack into victims’ accounts, according to Byron Acohido, writing for Avast. Rather than ...
This brief tale of misfortune shows how unpatched software and letting your guard down – especially when $16 million is on the line – can be all that’s needed for a successful scam.
There are many specific, heightened challenges of spear phishing emails coming from compromised, trusted third parties. Trusted third-party phishing emails usually come from the ...
The Insider reported that QAnon is co-opting a USPS phishing scam, and claim the Vishing text messages are linked to human trafficking. "A viral [text] phishing scheme is targeting people ...
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding threat actors associated with China’s Ministry of State ...
A phishing campaign is using the recent Twitter hack as phishbait, HackRead reports. In mid-July, hackers used social engineering against Twitter employees to gain access to more than a ...
With reported losses from thousands of dollars to well over $1 million, funds transfer fraud represents 27% of cyber insurance claims in 2020.
Involved in 60% of cybersecurity insurance claims, Business Email Compromise (BEC) is growing in interest by cybercriminals as the initial malicious action as part of a larger attack.
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory on best practices to thwart email-based phishing attacks. The ...
Earlier this week customers using the Phish Alert Button (PAB) began reporting yet another round of spoofed KnowBe4 security awareness training emails. The emails reported are fairly ...
A convincing phishing campaign is targeting customers of Lloyds Bank, Infosecurity Magazine reports. Law practice Griffin Law warns that more than 100 people have reported receiving ...
A malware distribution campaign is abusing organizations’ contact forms to send malicious emails designed to catch the attention of companies’ customer support personnel. The attackers ...
Originally seen all the way back in 2008, this banking trojan is continuously being developed. Its latest iteration is downright nasty and has already infected 5% of all organizations ...
With phishing and spear phishing so prevalent as the primary initial attack vector for malware, ransomware, and data breach attacks, why aren’t users getting wise.
There is an old Dutch expression: "High trees catch a lot of wind". Well. once you get in the public eye there is definitely the effect you become a bigger target of identity theft. In ...
Using legitimate email accounts is a great way for phishing emails to avoid being identified. Hosting malicious files on Box is another. Put them together and this attack reaches your ...
Researchers at WhiteOps warn that a family of malicious Android apps are spreading a new ad-fraud botnet by promising free shoes and other products to users who install the apps. The ...
One of the most frequent concerns I hear from IT security practitioners and CISOs is the rise of phishing attacks coming from compromised trusted partners and contractors. The attackers ...
Slack, the ubiquitous communication and collaboration platform, has been getting more and more attention over the past few months as a potential phishing platform and target for malicious ...
Researchers at Check Point warn that the QBot banking Trojan now has the ability to hijack email threads on infected devices and send malicious emails to the victim’s contacts. The ...
