Expert insights. Personalized for you.
A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. MORE
Web Security Credentials landing page Phishing phishing attack phishing email redirect link redirector YoutubeAttackers are using YouTube redirect links, whitelisted by various security defense mechanisms, to evade detection. MORE
Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. A live Paypal phishing site that uses [link] (has the green padlock). A live Facebook phish that uses SSL (has the green padlock). MORE
A recent phishing scam targeted Puerto Rico’s Industrial Development Company. Hacks Web Security BEC scam Business Email Compromise email compromise email scam Fraud fraudulent transfer Phishing Puerto Rico Puerto Rico phishing scam MORE
Web Security HIV phishing Koadic RAT Phishing phishing lure RAT remote access Trojan Spear PhishingAttackers are purporting to send victims HIV test results - but in reality are convincing them to download the Koadic RAT. MORE
Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? based firm that helps companies educate and test employees on how not to fall for phishing scams. MORE
14 Bank Websites Spoofed as Part of Two-Year Campaign, Check Point Reports For two years, an attack group using Ukraine-based infrastructure has been creating hundreds of lookalike domains to target customers of 14 different Canadian banks via phishing attacks, security researchers at Check Point warn. MORE
A new phone-based phishing scam that spoofs Apple Inc. As I noted in my October 2018 piece, Voice Phishing Scams are Getting More Clever , phone phishing usually invokes an element of urgency in a bid to get people to let their guard down. MORE
Inquiry Posing Interview Questions Designed to Steal Credentials In a recently discovered phishing campaign, hackers attempted to steal victims' passwords and credentials by posing as a former Wall Street Journal reporter and sending documents with potential interview questions, according to security firm Certfa. MORE
Phishing Continues to Be One of the Primary Breach Vectors in Healthcare' Yet another major phishing-related health data breach has been reported to federal regulators. MORE
European Central Bank Among Those Issuing Warnings As COVID-19 spreads, cybercriminals are sending more phishing emails that use the health emergency as a lure, according to security researchers. MORE
Myke Lyons of ServiceNow on Tackling Social Engineering Threats Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow MORE
Iranian-Backed Hacking Group Targeting Research Universities "Silent Librarian," a hacking group with apparent ties to the Iranian government, is continuing to revamp and refine its phishing techniques as it targets research universities in the U.S. MORE
Richard Conti of Children's Hospital of Philadelphia on Risk Mitigation Steps Because phishing attacks are so pervasive, aggressive staff educational efforts are essential, says Richard Conti of The Children's Hospital of Philadelphia, who also discusses other risk mitigation steps MORE
Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Phone-based phishing attacks are getting way more clever and are even snaring technology experts, as last month’s story shows. MORE
A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. There are several interesting takeaways from this phishing campaign. MORE
Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. MORE
Experts Offer Insights on Mitigating the Threat Recent health data breaches involving phishing schemes are reminders of the persistent threat email-related scams pose to healthcare organizations - and the urgent need to mitigate that threat MORE
But all that activity has made social media a breeding ground for a new form of cyber attack known as angler phishing. What is angler phishing? Angler phishing is a specific type of phishing attack that exists on social media. Phishing email protection. MORE
Phishing emails have been uncovered that request a full rundown of personal data - even asking for photos of passports. Web Security data theft passport PayPal PayPal scam personal data Phishing phishing email phishing landing page Social Security Number MORE
Researchers Say Attackers Targeted American and Canadian Banking Customers Cybercriminals targeted mobile banking users by sending malicious SMS messages to their smartphones as part of a phishing campaign to steal account holders' information, including usernames and passwords, according to the cybersecurity firm Lookout. MORE
Postal Service, in an effort to plant malware in victims' devices and networks via phishing campaigns, according to new research from Proofpoint MORE
Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Also part of the phishing kit was a text document containing some 100,000 business email addresses — most of them ending in Canadian (.ca) MORE
Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. FULLY AUTOMATED PHONE PHISHING. MORE
Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple , whose brand by many measures remains among the most-targeted. Apple phishing MORE
Arizona Cancer Center a Recent Victim of Major Phishing Attack As the year winds down, phishing and ransomware attacks continue to plague the healthcare sector, as illustrated by recent breach reports. MORE
Class Action Suits Would Focus on PIH Health Breach That Affected 200,000 Several law firms are racing to be among the first to file class action lawsuits against PIH Health in the wake of the California-based regional healthcare network reporting last month that a 2019 phishing breach affected nearly 200,000 individuals. Why the rush? MORE
170 
A Number of Newly Reported Health Data Breaches Stem From Email Incidents Phishing and other hacking incidents have led to several recently reported large health data breaches, including one that UConn Health reports affected 326,000 individuals MORE
Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. MORE
A recent phishing campaign used OneNote to distribute the Agent Tesla keylogger. Cloud Security Malware Web Security agent tesla Credentials email attack keylogger Microsoft OneDrive OneNote Phishing phishing campaign MORE
Barracuda is out with its latest Spear Phishing Update, and among the key findings: a rise in email account takeover and lateral phishing. Why are enterprise defenses failing to detect these strikes? What new solutions will improve defenses? Barracuda's Michael Flouton shares insights MORE
In Wake of Recent Incidents, Experts Offer Insights on Critical Steps to Take As phishing attacks continue to menace healthcare and other business sectors, security experts say organizations must take critical steps to prevent falling victim and help limit the potential damage MORE
Latest Schemes Target At-Home Employees; Some Spoof Health Agencies As the global COVID-19 pandemic worsens, security firms and law enforcement, including the FBI, are warning of increasing phishing and other the cybercriminal scams targeting a largely at-home workforce MORE
Phishing Related Topics Krebs on Security
JANUARY 13, 2020
Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple , whose brand by many measures remains among the most-targeted. Apple phishing
Data Breach Today
MARCH 23, 2020
Latest Schemes Target At-Home Employees; Some Spoof Health Agencies As the global COVID-19 pandemic worsens, security firms and law enforcement, including the FBI, are warning of increasing phishing and other the cybercriminal scams targeting a largely at-home workforce
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
JANUARY 3, 2019
A new phone-based phishing scam that spoofs Apple Inc. As I noted in my October 2018 piece, Voice Phishing Scams are Getting More Clever , phone phishing usually invokes an element of urgency in a bid to get people to let their guard down.
Data Breach Today
FEBRUARY 19, 2020
UN's World Health Organization Warns of Fraud Attempts As the coronavirus generates headlines around the world, cybercriminals are continuing to use this public health crisis to spread phishing emails and create malicious domains for a variety of fraud.
Data Breach Today
JULY 19, 2019
Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users.
Data Breach Today
APRIL 8, 2019
Myke Lyons of ServiceNow on Tackling Social Engineering Threats Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow
|
Krebs on Security
NOVEMBER 2, 2018
Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Phone-based phishing attacks are getting way more clever and are even snaring technology experts, as last month’s story shows.
Data Breach Today
DECEMBER 4, 2018
Richard Conti of Children's Hospital of Philadelphia on Risk Mitigation Steps Because phishing attacks are so pervasive, aggressive staff educational efforts are essential, says Richard Conti of The Children's Hospital of Philadelphia, who also discusses other risk mitigation steps
Data Breach Today
MAY 20, 2019
In Wake of Recent Incidents, Experts Offer Insights on Critical Steps to Take As phishing attacks continue to menace healthcare and other business sectors, security experts say organizations must take critical steps to prevent falling victim and help limit the potential damage
Krebs on Security
NOVEMBER 26, 2018
Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. A live Paypal phishing site that uses [link] (has the green padlock). A live Facebook phish that uses SSL (has the green padlock).
Data Breach Today
FEBRUARY 25, 2020
Phishing Continues to Be One of the Primary Breach Vectors in Healthcare' Yet another major phishing-related health data breach has been reported to federal regulators.
|
|
Data Breach Today
FEBRUARY 11, 2020
Researchers Describe a Wide Variety of Tactics As fears about the coronavirus continue to spread, cybercriminals are using the health crisis to send phishing emails using a variety of tactics to a broader range of targets
Krebs on Security
JANUARY 7, 2020
Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password.
Krebs on Security
MAY 22, 2019
Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Also part of the phishing kit was a text document containing some 100,000 business email addresses — most of them ending in Canadian (.ca)
Threatpost
MARCH 10, 2020
Web Security HIV phishing Koadic RAT Phishing phishing lure RAT remote access Trojan Spear PhishingAttackers are purporting to send victims HIV test results - but in reality are convincing them to download the Koadic RAT.
IT Governance
JUNE 24, 2019
But all that activity has made social media a breeding ground for a new form of cyber attack known as angler phishing. What is angler phishing? Angler phishing is a specific type of phishing attack that exists on social media. Phishing email protection.
Data Breach Today
JULY 15, 2019
Fraudsters Use Phishing Kit Called 16Shop, McAfee Reports In the run-up to Amazon Prime Day, some of the company's customers were being targeted by a phishing kit called 16Shop, according to McAfee researchers.
Krebs on Security
AUGUST 9, 2019
A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned.
Threatpost
MARCH 4, 2020
A recent phishing campaign used OneNote to distribute the Agent Tesla keylogger. Cloud Security Malware Web Security agent tesla Credentials email attack keylogger Microsoft OneDrive OneNote Phishing phishing campaign
Data Breach Today
APRIL 24, 2019
Among the top new spear phishing threats to enterprises: Extortion. Asaf Cidon of Barracuda outlines the top three spear phishing threats and new strategies to defend against them
Krebs on Security
AUGUST 2, 2018
A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. There are several interesting takeaways from this phishing campaign.
Data Breach Today
SEPTEMBER 23, 2019
Svetoslav Donchev Helped Scam Victims Out of More Than $50 Million, Authorities Say A Bulgarian man has been sentenced to nine years in prison after pleading guilty in connection with his role in running a large-scale phishing campaign that scammed victims out of $51 million
Data Breach Today
NOVEMBER 15, 2019
Postal Service, in an effort to plant malware in victims' devices and networks via phishing campaigns, according to new research from Proofpoint
Data Breach Today
OCTOBER 16, 2019
Iranian-Backed Hacking Group Targeting Research Universities "Silent Librarian," a hacking group with apparent ties to the Iranian government, is continuing to revamp and refine its phishing techniques as it targets research universities in the U.S.
Schneier on Security
OCTOBER 2, 2018
Brian Krebs is reporting on some new and sophisticated phishing scams over the telephone. fraud phishing scams socialengineeringI second his advice: "never give out any information about yourself in response to an unsolicited phone call."
Data Breach Today
DECEMBER 5, 2018
Arizona Cancer Center a Recent Victim of Major Phishing Attack As the year winds down, phishing and ransomware attacks continue to plague the healthcare sector, as illustrated by recent breach reports.
Data Breach Today
FEBRUARY 18, 2020
Researchers Say Attackers Targeted American and Canadian Banking Customers Cybercriminals targeted mobile banking users by sending malicious SMS messages to their smartphones as part of a phishing campaign to steal account holders' information, including usernames and passwords, according to the cybersecurity firm Lookout.
Data Breach Today
MARCH 10, 2020
European Central Bank Among Those Issuing Warnings As COVID-19 spreads, cybercriminals are sending more phishing emails that use the health emergency as a lure, according to security researchers.
Data Breach Today
FEBRUARY 6, 2020
Inquiry Posing Interview Questions Designed to Steal Credentials In a recently discovered phishing campaign, hackers attempted to steal victims' passwords and credentials by posing as a former Wall Street Journal reporter and sending documents with potential interview questions, according to security firm Certfa.
Data Breach Today
JULY 19, 2019
Healthcare System's Procedures Helped Prevent the Crime A Texas-based healthcare system says hackers unsuccessfully tried to divert employee payroll direct deposits through a phishing attack that also potentially exposed patient data.
Krebs on Security
MAY 29, 2019
Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? based firm that helps companies educate and test employees on how not to fall for phishing scams.
Data Breach Today
SEPTEMBER 23, 2019
Barracuda is out with its latest Spear Phishing Update, and among the key findings: a rise in email account takeover and lateral phishing. Why are enterprise defenses failing to detect these strikes? What new solutions will improve defenses? Barracuda's Michael Flouton shares insights
Data Breach Today
FEBRUARY 26, 2019
A Number of Newly Reported Health Data Breaches Stem From Email Incidents Phishing and other hacking incidents have led to several recently reported large health data breaches, including one that UConn Health reports affected 326,000 individuals
Threatpost
MARCH 11, 2020
Web Security Credentials landing page Phishing phishing attack phishing email redirect link redirector YoutubeAttackers are using YouTube redirect links, whitelisted by various security defense mechanisms, to evade detection.
Data Breach Today
OCTOBER 24, 2019
Experts Offer Insights on Mitigating the Threat Recent health data breaches involving phishing schemes are reminders of the persistent threat email-related scams pose to healthcare organizations - and the urgent need to mitigate that threat
Threatpost
FEBRUARY 13, 2020
A recent phishing scam targeted Puerto Rico’s Industrial Development Company. Hacks Web Security BEC scam Business Email Compromise email compromise email scam Fraud fraudulent transfer Phishing Puerto Rico Puerto Rico phishing scam
Threatpost
FEBRUARY 10, 2020
Phishing emails have been uncovered that request a full rundown of personal data - even asking for photos of passports. Web Security data theft passport PayPal PayPal scam personal data Phishing phishing email phishing landing page Social Security Number
Dark Reading
FEBRUARY 6, 2020
What makes these scams so completely obvious in the physical form
Data Breach Today
FEBRUARY 10, 2020
Class Action Suits Would Focus on PIH Health Breach That Affected 200,000 Several law firms are racing to be among the first to file class action lawsuits against PIH Health in the wake of the California-based regional healthcare network reporting last month that a 2019 phishing breach affected nearly 200,000 individuals. Why the rush?
Data Breach Today
DECEMBER 24, 2019
14 Bank Websites Spoofed as Part of Two-Year Campaign, Check Point Reports For two years, an attack group using Ukraine-based infrastructure has been creating hundreds of lookalike domains to target customers of 14 different Canadian banks via phishing attacks, security researchers at Check Point warn.
Let's personalize your content