Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
By Eric Howes, KnowBe4 Principal Lab Researcher. Over the past week we spotted something new and interesting in the malicious emails being reported to us by customers using the Phish ...
Aubrey Wieber at the DemocratHerald reported: "A phishing scheme succeeded in breaking into the email accounts of five Oregon Judicial Department employees, exposing personal information ...
This week, ProPublica published a report describing how insurance companies now prefer to fork over hundreds of thousands of dollars / pounds / Euros in ransom to minimize the detriment ...
More than 1900 new potential bank phishing sites were registered in the first half of 2019, according to researchers at NormShield. Based on the increase in new suspicious domains ...
The latest data from Malwarebyte’s report Cybercrime Tactics and Techniques: Ransomware Retrospective shows businesses are at risk of ransomware attack now more than ever.
A new version of MegaCortex has been spotted, upgrading it from a manual, targeted form of ransomware, to one that can be spread and do damage enterprise-wide.
Back in June, we discussed Vade Secure’s “Phisher’s Favorite” report for Q1 2019, which found that Microsoft had been the most impersonated brand used in phishing attacks for four ...
Social Engineering tactics seek to use any means that’s familiar to the intended victim – and unsubscribing is perceived as being so benign, it may just be the perfect way to fool your ...
Last month saw a number of utility sector businesses targeted with spear phishing attacks that utilize a new remote access Trojan (RAT) that provides attackers with admin access.
StateScoop reports: "Citing several recent ransomware attacks at the state and local levels, Georgia Gov. Brian Kemp this week issued an executive order instructing state employees to ...
By Eric Howes, KnowBe4 Principal Lab Researcher. Malicious actors are becoming very skilled at exploiting popular online services that enjoy the familiarity and trust of millions of ...
A survey by Barracuda found that one in seven organizations experienced lateral phishing attacks over the course of seven months, and that 42% of these attacks were not reported by ...
The long-standing argument over whether or not to pay may have come to an end, with a resolution from the U.S. Conference of Mayors calling on cities to not pay up.
Overtaking wire transfers and payroll diversion, gift cards have taken a material lead as one of the easiest and least recoverable ways to cash out of a fraud scam.
A phishing scam is stealing Steam accounts by promising free games to victims if they log in to a website with their Steam credentials, according to a recent post by BleepingComputer.
Only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But even when they are enabled and your ...
Business email compromise (or CEO fraud) has its reconnaissance phase, too. Researchers at Agari say they’ve found that blank, unsolicited emails are often an early sign that a BEC gang ...
There are too many ransomware attacks to ignore the similarities. It’s either government networks are easy prey, or someone is trying to cash out on the U.S., one attack at a time.
The success of social engineering as part of phishing and spear phishing attacks has caused organizations to realize they need an effective tactic to make employees vigilant.
BleepingComputer has come across a phishing campaign that’s spoofing “Unusual sign-in” warnings from Microsoft to steal users’ credentials. The emails look nearly identical to Microsoft’s ...
