Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
A phishing campaign is targeting AT&T employees and contractors with a well-crafted fake login page, according to Luke Leal at Sucuri. The phishing page is a near-exact replica of ...
State, local, tribal, and territorial government agencies and municipalities are under attack. Observations and data from security vendor BlueVoyant highlight the attacks and the results.
Yesterday at the end of the day, I was called by our PR team who got alerted by tech support about a Twitter post that was going viral. Turns out a custom phishing test created by one of ...
Attackers can abuse a feature in Google App Engine to generate unlimited phishing URLs, BleepingComputer reports. Security researcher Marcel Afrahim found that App Engine URLs that ...
Advanced nation-state actors and petty criminals are both leveraging credential-stuffing attacks to hack into victims’ accounts, according to Byron Acohido, writing for Avast. Rather than ...
This brief tale of misfortune shows how unpatched software and letting your guard down – especially when $16 million is on the line – can be all that’s needed for a successful scam.
There are many specific, heightened challenges of spear phishing emails coming from compromised, trusted third parties. Trusted third-party phishing emails usually come from the ...
The Insider reported that QAnon is co-opting a USPS phishing scam, and claim the Vishing text messages are linked to human trafficking. "A viral [text] phishing scheme is targeting people ...
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding threat actors associated with China’s Ministry of State ...
A phishing campaign is using the recent Twitter hack as phishbait, HackRead reports. In mid-July, hackers used social engineering against Twitter employees to gain access to more than a ...
With reported losses from thousands of dollars to well over $1 million, funds transfer fraud represents 27% of cyber insurance claims in 2020.
Involved in 60% of cybersecurity insurance claims, Business Email Compromise (BEC) is growing in interest by cybercriminals as the initial malicious action as part of a larger attack.
The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published an advisory on best practices to thwart email-based phishing attacks. The ...
Earlier this week customers using the Phish Alert Button (PAB) began reporting yet another round of spoofed KnowBe4 security awareness training emails. The emails reported are fairly ...
A convincing phishing campaign is targeting customers of Lloyds Bank, Infosecurity Magazine reports. Law practice Griffin Law warns that more than 100 people have reported receiving ...
A malware distribution campaign is abusing organizations’ contact forms to send malicious emails designed to catch the attention of companies’ customer support personnel. The attackers ...
Originally seen all the way back in 2008, this banking trojan is continuously being developed. Its latest iteration is downright nasty and has already infected 5% of all organizations ...
With phishing and spear phishing so prevalent as the primary initial attack vector for malware, ransomware, and data breach attacks, why aren’t users getting wise.
There is an old Dutch expression: "High trees catch a lot of wind". Well. once you get in the public eye there is definitely the effect you become a bigger target of identity theft. In ...
Using legitimate email accounts is a great way for phishing emails to avoid being identified. Hosting malicious files on Box is another. Put them together and this attack reaches your ...
