Learn about current phishing techniques, notable campaigns and attacks, what to watch out for 'in the wild', and more.
By Eric Howes, KnowBe4 Principal Lab Researcher. Malicious actors are becoming very skilled at exploiting popular online services that enjoy the familiarity and trust of millions of ...
A survey by Barracuda found that one in seven organizations experienced lateral phishing attacks over the course of seven months, and that 42% of these attacks were not reported by ...
The long-standing argument over whether or not to pay may have come to an end, with a resolution from the U.S. Conference of Mayors calling on cities to not pay up.
Overtaking wire transfers and payroll diversion, gift cards have taken a material lead as one of the easiest and least recoverable ways to cash out of a fraud scam.
A phishing scam is stealing Steam accounts by promising free games to victims if they log in to a website with their Steam credentials, according to a recent post by BleepingComputer.
Only ~20% of companies use DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But even when they are enabled and your ...
Business email compromise (or CEO fraud) has its reconnaissance phase, too. Researchers at Agari say they’ve found that blank, unsolicited emails are often an early sign that a BEC gang ...
There are too many ransomware attacks to ignore the similarities. It’s either government networks are easy prey, or someone is trying to cash out on the U.S., one attack at a time.
The success of social engineering as part of phishing and spear phishing attacks has caused organizations to realize they need an effective tactic to make employees vigilant.
BleepingComputer has come across a phishing campaign that’s spoofing “Unusual sign-in” warnings from Microsoft to steal users’ credentials. The emails look nearly identical to Microsoft’s ...
...they can still be helping the bad guys compromise your organization. Sad but true.
It has long been true that sextortionists really had nothing on their intended victims. No video, no screen captures, nothing at all beyond shame and an uneasy conscience. Unfortunately ...
Danny Palmer at ZDNet wrote: "Software developers are the people most targeted by hackers conducting cyberattacks against the technology industry, with the hackers taking advantage of the ...
This weekend, news broke that Jeffrey Epstein was found dead in his cell, apparently a suicide. This is a celebrity death that the bad guys are going to be exploiting in a variety of ways ...
The MegaCortex strain of ransomware has been used in criminal campaigns targeting businesses as opposed to private individuals. The QuickBooks cloud-hosting firm iNSYNQ, has sustained ...
We are all familiar with ransomware and its increasingly dangerous cousin, wiper malware. The first encrypts your files and demands ransom payments in exchange for the decryption key. The ...
The latest data from the U.S. government’s Financial Crimes Enforcement Network (FinCEN) shows fraud via business email is changing tactics and becoming more effective.
With 82% of organizations facing an attempted email-based security threat in the past year, the impacts of these attacks are material and potentially harmful to the organization.
Two B.C. law firms were targets of so-called social engineering frauds causing almost $2 million in real estate and investment funds to be wired to people other than clients the firms ...
An email phishing campaign that BleepingComputer describes as “long-running” has shown a distinct uptick recently. The phishbait in the subject line will read something like this: ...
