INDUSTRY INSIGHTS YOUR PEERS ARE READING
Enters Not Guilty Plea in Alleged $1 Million Scheme A Nigerian man charged with helping to run a $1 million phishing scheme that targeted the Government Services Administration and other agencies has been extradited to the U.S., MORE
Emails Disguised as Messages From CEO A newly identified phishing campaign used Google Drive to help bypass some email security features as attackers attempted to target a company in the energy industry, security firm Cofense reported this week MORE
A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. MORE
Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. A live Paypal phishing site that uses [link] (has the green padlock). A live Facebook phish that uses SSL (has the green padlock). MORE
Phishing is one of the oldest methods of cyberattacks. Types of Phishing Attacks. There are different types of phishing attacks and each is deceiving and manipulative in its own unique way. The most common type is phishing is carried out through fraudulent email receptionist. MORE
Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? based firm that helps companies educate and test employees on how not to fall for phishing scams. MORE
A new phone-based phishing scam that spoofs Apple Inc. As I noted in my October 2018 piece, Voice Phishing Scams are Getting More Clever , phone phishing usually invokes an element of urgency in a bid to get people to let their guard down. MORE
Researchers warn that the phishing campaign looks "deceptively realistic.". Web Security Credentials Facebook Phishing phishing campaign social engineering MORE
Myke Lyons of ServiceNow on Tackling Social Engineering Threats Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow MORE
Iranian-Backed Hacking Group Targeting Research Universities "Silent Librarian," a hacking group with apparent ties to the Iranian government, is continuing to revamp and refine its phishing techniques as it targets research universities in the U.S. MORE
Richard Conti of Children's Hospital of Philadelphia on Risk Mitigation Steps Because phishing attacks are so pervasive, aggressive staff educational efforts are essential, says Richard Conti of The Children's Hospital of Philadelphia, who also discusses other risk mitigation steps MORE
A phishing campaign targeting credit unions and other financial institutions recently found its way into the email inboxes of anti-money laundering officers. The post Phishing Campaign Hits Credit Unions appeared first on Adam Levin. MORE
Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Phone-based phishing attacks are getting way more clever and are even snaring technology experts, as last month’s story shows. MORE
A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. There are several interesting takeaways from this phishing campaign. MORE
Experts Offer Insights on Mitigating the Threat Recent health data breaches involving phishing schemes are reminders of the persistent threat email-related scams pose to healthcare organizations - and the urgent need to mitigate that threat MORE
But all that activity has made social media a breeding ground for a new form of cyber attack known as angler phishing. What is angler phishing? Angler phishing is a specific type of phishing attack that exists on social media. Phishing email protection. MORE
Postal Service, in an effort to plant malware in victims' devices and networks via phishing campaigns, according to new research from Proofpoint MORE
Victim Tallies Climb as Breach Investigations Continue Investigations of two apparently unrelated phishing-related breaches that affected members of Presbyterian Health Plan have revealed the incidents had an even bigger and broader impact than originally thought. MORE
Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Also part of the phishing kit was a text document containing some 100,000 business email addresses — most of them ending in Canadian (.ca) MORE
Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. FULLY AUTOMATED PHONE PHISHING. MORE
Arizona Cancer Center a Recent Victim of Major Phishing Attack As the year winds down, phishing and ransomware attacks continue to plague the healthcare sector, as illustrated by recent breach reports. MORE
A Number of Newly Reported Health Data Breaches Stem From Email Incidents Phishing and other hacking incidents have led to several recently reported large health data breaches, including one that UConn Health reports affected 326,000 individuals MORE
Message About a Raise Designed to Harvest Credentials A new phishing campaign lures employees with a message about a salary increase, according to researchers at the security firm Cofense. MORE
Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. MORE
Experts Offer Tips for How to Avoid Falling Victim Several health data breaches involving phishing attacks - including one that potentially exposed data on more than 100,000 individuals - have been added to the federal health data breach tally this month. MORE
You probably know what phishing is. But are you aware of how extensive phishing is? The cyber security company Webroot has identified four facts about how phishing works that might make you see the threat in a new light. Phishing sites have a lifecycle of about 15 hours. MORE
Crooks leverage Google Translate service as camouflage on mobile browsers in a phishing campaign aimed at stealing Google account and Facebook credentials. These phishing emails pose as alerts sent by Google that inform users that their accounts were accessed from a new Windows device. MORE
Barracuda is out with its latest Spear Phishing Update, and among the key findings: a rise in email account takeover and lateral phishing. Why are enterprise defenses failing to detect these strikes? What new solutions will improve defenses? Barracuda's Michael Flouton shares insights MORE
Incident Among Largest Health Data Breaches So Far in 2019 The Oregon Department of Human Services is among the latest entities to reveal a phishing breach impacting the protected health information of hundreds of thousands of individuals MORE
In Wake of Recent Incidents, Experts Offer Insights on Critical Steps to Take As phishing attacks continue to menace healthcare and other business sectors, security experts say organizations must take critical steps to prevent falling victim and help limit the potential damage MORE
Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity. MORE
Silent Librarian cyberattackers are switching up tactics in a phishing scheme bent on stealing student credentials. Hacks Web Security cobalt dickens email email security malware Phishing retooling school scam silent librarian ta407 URL shorteners weather alerts MORE
Security Experts Weigh In on Who Might Be the Culprit Indian IT service firm Wipro on Tuesday said that it has detected abnormal activities on some of its employee accounts due to an advanced phishing campaign. MORE
Breach Tally Shows Hacking Attacks Involving Email Continue to Plague the Sector With the year nearly over, hacking attacks - especially those involving phishing and other email attacks - continue to rack up big victim counts for health data breaches reported to federal regulators in 2018 MORE
Phishing Related Topics Data Breach Today
JULY 19, 2019
Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users.
Krebs on Security
JANUARY 3, 2019
A new phone-based phishing scam that spoofs Apple Inc. As I noted in my October 2018 piece, Voice Phishing Scams are Getting More Clever , phone phishing usually invokes an element of urgency in a bid to get people to let their guard down.
Data Breach Today
APRIL 8, 2019
Myke Lyons of ServiceNow on Tackling Social Engineering Threats Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow
Data Breach Today
MAY 20, 2019
In Wake of Recent Incidents, Experts Offer Insights on Critical Steps to Take As phishing attacks continue to menace healthcare and other business sectors, security experts say organizations must take critical steps to prevent falling victim and help limit the potential damage
Krebs on Security
OCTOBER 1, 2018
Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. FULLY AUTOMATED PHONE PHISHING.
Krebs on Security
NOVEMBER 2, 2018
Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Phone-based phishing attacks are getting way more clever and are even snaring technology experts, as last month’s story shows.
|
Krebs on Security
MAY 22, 2019
Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Also part of the phishing kit was a text document containing some 100,000 business email addresses — most of them ending in Canadian (.ca)
Krebs on Security
NOVEMBER 26, 2018
Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. A live Paypal phishing site that uses [link] (has the green padlock). A live Facebook phish that uses SSL (has the green padlock).
Krebs on Security
AUGUST 9, 2019
A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned.
Data Breach Today
JULY 15, 2019
Fraudsters Use Phishing Kit Called 16Shop, McAfee Reports In the run-up to Amazon Prime Day, some of the company's customers were being targeted by a phishing kit called 16Shop, according to McAfee researchers.
IT Governance
JUNE 24, 2019
But all that activity has made social media a breeding ground for a new form of cyber attack known as angler phishing. What is angler phishing? Angler phishing is a specific type of phishing attack that exists on social media. Phishing email protection.
|
|
Data Breach Today
NOVEMBER 15, 2019
Postal Service, in an effort to plant malware in victims' devices and networks via phishing campaigns, according to new research from Proofpoint
Data Breach Today
SEPTEMBER 23, 2019
Svetoslav Donchev Helped Scam Victims Out of More Than $50 Million, Authorities Say A Bulgarian man has been sentenced to nine years in prison after pleading guilty in connection with his role in running a large-scale phishing campaign that scammed victims out of $51 million
Data Breach Today
OCTOBER 16, 2019
Iranian-Backed Hacking Group Targeting Research Universities "Silent Librarian," a hacking group with apparent ties to the Iranian government, is continuing to revamp and refine its phishing techniques as it targets research universities in the U.S.
Data Breach Today
APRIL 24, 2019
Among the top new spear phishing threats to enterprises: Extortion. Asaf Cidon of Barracuda outlines the top three spear phishing threats and new strategies to defend against them
Krebs on Security
AUGUST 2, 2018
A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. There are several interesting takeaways from this phishing campaign.
Data Breach Today
SEPTEMBER 23, 2019
Barracuda is out with its latest Spear Phishing Update, and among the key findings: a rise in email account takeover and lateral phishing. Why are enterprise defenses failing to detect these strikes? What new solutions will improve defenses? Barracuda's Michael Flouton shares insights
Data Breach Today
JULY 19, 2019
Healthcare System's Procedures Helped Prevent the Crime A Texas-based healthcare system says hackers unsuccessfully tried to divert employee payroll direct deposits through a phishing attack that also potentially exposed patient data.
Schneier on Security
OCTOBER 2, 2018
Brian Krebs is reporting on some new and sophisticated phishing scams over the telephone. fraud phishing scams socialengineeringI second his advice: "never give out any information about yourself in response to an unsolicited phone call."
Data Breach Today
DECEMBER 5, 2018
Arizona Cancer Center a Recent Victim of Major Phishing Attack As the year winds down, phishing and ransomware attacks continue to plague the healthcare sector, as illustrated by recent breach reports.
Krebs on Security
MAY 29, 2019
Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? based firm that helps companies educate and test employees on how not to fall for phishing scams.
Data Breach Today
FEBRUARY 26, 2019
A Number of Newly Reported Health Data Breaches Stem From Email Incidents Phishing and other hacking incidents have led to several recently reported large health data breaches, including one that UConn Health reports affected 326,000 individuals
Data Breach Today
NOVEMBER 5, 2019
Message About a Raise Designed to Harvest Credentials A new phishing campaign lures employees with a message about a salary increase, according to researchers at the security firm Cofense.
Data Breach Today
MARCH 25, 2019
Incident Among Largest Health Data Breaches So Far in 2019 The Oregon Department of Human Services is among the latest entities to reveal a phishing breach impacting the protected health information of hundreds of thousands of individuals
Data Breach Today
APRIL 16, 2019
Security Experts Weigh In on Who Might Be the Culprit Indian IT service firm Wipro on Tuesday said that it has detected abnormal activities on some of its employee accounts due to an advanced phishing campaign.
Data Breach Today
SEPTEMBER 19, 2019
Apparently Unrelated Attacks Potentially Expose Member Data Phishing incidents have had a big impact on members of Albuquerque, New Mexico-based Presbyterian Health Plan in recent weeks.
Security Affairs
AUGUST 19, 2019
Phishing is one of the oldest methods of cyberattacks. Types of Phishing Attacks. There are different types of phishing attacks and each is deceiving and manipulative in its own unique way. The most common type is phishing is carried out through fraudulent email receptionist.
Data Breach Today
NOVEMBER 27, 2018
Breach Tally Shows Hacking Attacks Involving Email Continue to Plague the Sector With the year nearly over, hacking attacks - especially those involving phishing and other email attacks - continue to rack up big victim counts for health data breaches reported to federal regulators in 2018
Data Breach Today
DECEMBER 4, 2019
Victim Tallies Climb as Breach Investigations Continue Investigations of two apparently unrelated phishing-related breaches that affected members of Presbyterian Health Plan have revealed the incidents had an even bigger and broader impact than originally thought.
Adam Levin
FEBRUARY 11, 2019
A phishing campaign targeting credit unions and other financial institutions recently found its way into the email inboxes of anti-money laundering officers. The post Phishing Campaign Hits Credit Unions appeared first on Adam Levin.
Data Breach Today
OCTOBER 4, 2019
Enters Not Guilty Plea in Alleged $1 Million Scheme A Nigerian man charged with helping to run a $1 million phishing scheme that targeted the Government Services Administration and other agencies has been extradited to the U.S.,
IT Governance
JUNE 24, 2019
You probably know what phishing is. But are you aware of how extensive phishing is? The cyber security company Webroot has identified four facts about how phishing works that might make you see the threat in a new light. Phishing sites have a lifecycle of about 15 hours.
Data Breach Today
AUGUST 16, 2019
Emails Disguised as Messages From CEO A newly identified phishing campaign used Google Drive to help bypass some email security features as attackers attempted to target a company in the energy industry, security firm Cofense reported this week
Security Affairs
FEBRUARY 8, 2019
Crooks leverage Google Translate service as camouflage on mobile browsers in a phishing campaign aimed at stealing Google account and Facebook credentials. These phishing emails pose as alerts sent by Google that inform users that their accounts were accessed from a new Windows device.
Threatpost
OCTOBER 16, 2019
Silent Librarian cyberattackers are switching up tactics in a phishing scheme bent on stealing student credentials. Hacks Web Security cobalt dickens email email security malware Phishing retooling school scam silent librarian ta407 URL shorteners weather alerts
Krebs on Security
JULY 23, 2018
Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity.
Threatpost
FEBRUARY 15, 2019
Researchers warn that the phishing campaign looks "deceptively realistic.". Web Security Credentials Facebook Phishing phishing campaign social engineering
Data Breach Today
OCTOBER 24, 2019
Experts Offer Insights on Mitigating the Threat Recent health data breaches involving phishing schemes are reminders of the persistent threat email-related scams pose to healthcare organizations - and the urgent need to mitigate that threat
Data Breach Today
JANUARY 17, 2019
Experts Offer Tips for How to Avoid Falling Victim Several health data breaches involving phishing attacks - including one that potentially exposed data on more than 100,000 individuals - have been added to the federal health data breach tally this month.
176 
Let's personalize your content