IT Governance

JANUARY 13, 2021

The start of 2021 is looking an awful lot like the end of 2020 – not least when it comes to cyber crime. Researchers at Check Point and KnowBe4 have both spotted phishing campaigns exploiting the public’s uncertainty or eagerness to receive a vaccine. Don’t be fooled by vaccine scams. University students targeted by email scam.

Phishing 124

Phishing Passwords Authentication Government 124

IT Governance

NOVEMBER 9, 2021

Welcome to our November review of phishing scams, in which we examine the latest campaigns and the tactics being used by cyber criminals to fool you into handing over your information. Phishing attacks are harder to spot on your smartphone. Phishing attacks are harder to spot on your smartphone. Can you spot a scam?

Phishing 105

Phishing Retail Access Encryption 105

Security Affairs

FEBRUARY 4, 2022

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last year. Microsoft revealed that Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks last year. ” states Microsoft.

Phishing 93

Phishing Authentication Education Cloud 93

IT Governance

AUGUST 10, 2021

Welcome to August’s review of phishing scams, in which we look at criminals’ latest tactics and provide examples of successful frauds. Microsoft issues alert about “crafty” phishing scams. Security researchers at Microsoft are again warning users about phishing scams imitating SharePoint. Do they click a link?

Phishing 111

Phishing File names Security Risk 111

Data Breach Today

DECEMBER 14, 2023

NY State AG Says Compromised Account Contained 12 Years of Email New York State regulators have smacked one of the largest dental administrators in the state with a $400,000 fine for a 2021 incident in which an attacker gained access to an employee email account containing 12 years' worth of messages, including many holding sensitive member information. (..)

Phishing 212

Phishing Access 212

IT Governance

OCTOBER 7, 2021

Welcome to our monthly review of phishing scams, in which we examine the latest campaigns and the tactics being used by cyber criminals to fool you into handing over your information. Thousands of Coinbase users lose funds in phishing attack. At least eight Canadian banks affected by phishing bot campaign. Can you spot a scam?

Phishing 105

Phishing Personal data Access Authentication 105

IT Governance

JULY 7, 2021

Welcome to July’s review of phishing scams, in which we look at criminals’ latest tactics and provide examples of successful frauds. The number of officially reported HMRC-branded phishing scams increased from 572,029 in the 2019–2020 fiscal year to 1,069,522 in 2020–2021, according to data obtained under the Freedom of Information Act.

Phishing 98

Phishing Manufacturing Insurance Data breaches 98

IT Governance

DECEMBER 7, 2021

Welcome to our December review of phishing scams, in which we look at the latest tricks that cyber criminals use to scam people. IKEA found itself battling a sophisticated phishing attack last month, after cyber criminals targeted employees using compromised reply-chain emails. IKEA ensnared in reply-chain attack.

Phishing 98

Phishing e-Delivery Retail Sales 98

Security Affairs

NOVEMBER 11, 2023

The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The operation was first documented on OSINT Fans by Gabor Szathmari in October 2020.

Phishing 119

Phishing Ransomware IT Access 119

IT Governance

FEBRUARY 10, 2021

Cyber criminals have had constant success with coronavirus-related phishing scams, but their most recent campaign is the most dangerous we’ve seen. Phishing scam uses COVID-19 vaccination as bait. Make sure your staff know how to identify and avoid scams with our Phishing Staff Awareness Training Programme.

Phishing 128

Phishing Government Personal data IT 128

KnowBe4

OCTOBER 30, 2022

Security Magazine wrote this week about the recent eye opening SlashNext State of Phishing report.

Phishing 96

Phishing Security 96

IT Governance

JUNE 8, 2021

Welcome to June’s review of phishing scams, in which we look at the criminals’ latest tactics and provide examples of successful frauds. This month, we look at a scam in which victims are sent a cryptic email asking if they want to unsubscribe to an unnamed service, and look at the rising trend in phishing attacks targeting high street banks.

Phishing 98

Phishing Government IT Security 98

IT Governance

MAY 12, 2021

Welcome to May’s round-up of phishing scams. SharePoint users are being warned about targeted phishing attacks that claim users must urgently provide a signature on a document. Moreover, the link itself looks realistic, and could catch out anyone who isn’t familiar with the signs of a phishing email. Get started.

Phishing 90

Phishing Data breaches Access Passwords 90

IT Governance

JUNE 8, 2023

Phishing is one of the most common and dangerous forms of cyber crime. Despite an array of technological solutions designed to counter phishing attacks – from antimalware software to password protections – the main weapon in anyone’s arsenal should be knowledge and awareness. How common are phishing attacks?

Phishing 111

Phishing Data breaches Communications Ransomware 111

IT Governance

APRIL 6, 2021

Make sure your staff know how to identify and avoid scams with our Phishing Staff Awareness Training Programme. This 45-minute course uses examples like the ones above to explain how phishing works, what to look out for and the steps you should take to avoid falling victim.

Phishing 105

Phishing Retail Government IT 105

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing 123

Phishing Cloud Cybersecurity Security 123

Data Breach Today

JUNE 8, 2021

Verizon's Chris Novak Discusses Highlights From 2021 Breach Investigations Report Ransomware attacks have evolved over the years as attackers have come out with new strategies for digital extortion, says Chris Novak, global director of the Threat Research Advisory Center at Verizon Business Group.

Ransomware 274

Ransomware Phishing Data breaches 274

IT Governance

MARCH 3, 2021

We dedicate this month’s phishing round-up to these scams, explaining how you can spot bogus Royal Mail messages and why Brexit has helped attackers. Anyone who suspects they have received a scam message should look at the Royal Mail’s dedicated page on phishing. What do these scams look like?

Phishing 101

Phishing Authentication IT Government 101

KnowBe4

MARCH 23, 2022

New data from the Anti-Phishing Working Group shows cybercriminals are stepping on the gas, focusing phishing attacks on credential theft and response-based scams.

Phishing 95

Phishing Ransomware 95

Dark Reading

FEBRUARY 25, 2021

Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports.

Phishing 117

Phishing Ransomware Risk 117

eSecurity Planet

JULY 13, 2021

Email spoofing is a common tactic hackers use in phishing and social engineering attacks. How to identify a spoofed email How to prevent email spoofing in 2021 Email spoofing is a constantly evolving threat. Social engineering tactics usually include spear phishing or whaling. This is typical of phishing emails.

Phishing 133

Phishing Authentication Metadata Marketing 133

IT Governance

JANUARY 20, 2022

Welcome to our review of security incidents for 2021, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. IT Governance discovered 1,243 security incidents in 2021, which accounted for 5,126,930,507 breached records. The biggest data breaches of 2021.

Data breaches 144

Data breaches Ransomware Phishing Government 144

Krebs on Security

FEBRUARY 26, 2023

But it’s worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. In a filing with the U.S.

Phishing 258

Phishing Passwords Authentication Security 258

Security Affairs

AUGUST 24, 2022

The threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign now target Google G Suite users. The threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign targeting enterprise users of Microsoft email services were spotted targeting Google G Suite users.

Phishing 98

Phishing Authentication Passwords Access 98

Security Affairs

NOVEMBER 18, 2021

Threat actors have launched a phishing campaign targeting more than 125 TikTok ‘Influencer’ accounts in an attempt to hijack them. Researchers from Abnormal Security uncovered a phishing scam aimed at hijacking at least 125 TikTok ‘Influencer’ accounts. SecurityAffairs – hacking, phishing ). ” concludes the report.

Phishing 100

Phishing Authentication Security Information Security 100

Security Affairs

DECEMBER 3, 2021

Threat actors have started to exploit the interest in the Omicron COVID-19 variant and are using it as a lure in phishing campaigns. Crooks have already started exploiting the interest in the Omicron COVID-19 variant and are using it as a lure in phishing attacks. The post Watch out for Omicron COVID-19-themed phishing messages!

Phishing 113

Phishing Security IT Cybersecurity 113

Security Affairs

OCTOBER 24, 2021

Microsoft uncovered an extensive series of credential phishing campaigns that employed a custom phishing kit tracked as TodayZoo. Microsoft researchers uncovered a custom phishing kit, dubbed TodayZoo, that was used in an extensive series of credential phishing campaigns. com domain to send the phishing messages.

Phishing 118

Phishing Sales Archiving Passwords 118

Security Affairs

NOVEMBER 7, 2021

The phishing messages use mortgage payments as a lure, they have the subject “Re: Payoff Request.”. The phishing message was sent from a legitimate individual’s compromised email account. The phishing pages were hosted on the “greenleafproperties[.]co[.]uk” uk” domain, which was updated in April 2021. Pierluigi Paganini.

Phishing 124

Phishing Security Cybersecurity IT 124

IT Governance

FEBRUARY 8, 2022

Welcome to our February 2022 review of phishing attacks, in which we explore the latest scams and the tactics that cyber criminals use to trick people into handing over their personal information. Facebook Messenger users are being warned about a phishing campaign in which fraudsters impersonate your friends and hijack your account.

Phishing 137

Phishing Passwords Authentication Education 137

Security Affairs

MARCH 2, 2022

A spear-phishing campaign, tracked as Asylum Ambuscade, targets European government personnel aiding Ukrainian refugees. The phishing messages included a weaponized attachment designed to download a Lua-based malware dubbed SunSeed. net) that appears to belong to a compromised Ukranian armed service member.” Pierluigi Paganini.

Phishing 82

Phishing Military Government Communications 82

Krebs on Security

OCTOBER 9, 2023

The fake USPS phishing page. Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Here’s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries. com usps.trckspost[.]com

Phishing 268

Phishing Analytics Passwords Government 268

IT Governance

JANUARY 10, 2022

For many, 2021 was a year to forget. You can read more about that attack, along with the year’s other biggest stories, in our 2021 cyber security review of the year. 2021 got off to an inauspicious start when cyber security researchers reported a huge leak of Brazilian residents’ data. First came the Colonial Pipeline hack.

Security 115

Security Data breaches Ransomware Phishing 115

Security Affairs

AUGUST 8, 2022

LogoKit – Threat actors leveraging Open Redirect Vulnerabilities popular in online services and apps to bypass spam filters in phishing campaigns. Using highly trusted service domains like Snapchat and other online-services, they create special URLs which lead to malicious resources with phishing kits. Resecurity, Inc.

Phishing 95

Phishing Passwords Access Cybersecurity 95

IT Governance

JULY 5, 2022

Welcome to our July 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal data. NFT marketplace warns users of phishing scams. NFT marketplace warns users of phishing scams. We are working with Customer.io

Phishing 116

Phishing e-Delivery Retail Insurance 116

eSecurity Planet

MARCH 31, 2022

Approximately 83 percent of organizations said they faced a successful phishing attempt in 2021, up from 57 percent in 2020. This guide breaks down the different types of phishing attacks and provides examples to help organizations better prepare their staff to deal with them. What is Phishing? Spear Phishing.

Phishing 131

Phishing Cybersecurity Ransomware Security 131

Security Affairs

FEBRUARY 25, 2022

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of an ongoing spear-phishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. reads a translation of the message.

Military 109

Military Phishing CMS Government 109

Security Affairs

MAY 28, 2021

The campaign monitored by Microsoft was uncovered in January 2021 and evolved over time, the researchers observed a series of waves demonstrating significant experimentation. The phishing campaign detected by MSTIC leveraged the Google Firebase platform to provide an ISO file containing the malicious code. ” continues the report.

Phishing 94

Phishing Military Government IT 94