Expert insights. Personalized for you.
Top Victims Include Financial Services and Law Firms, Group-IB Warns A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. MORE
Researchers say spear-phishing emails purporting to be from telecom giant EE are being sent to top corporate execs. Web Security Credentials EE EE telecom payment info Phishing phishing email Spear Phishing MORE
Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. A live Paypal phishing site that uses [link] (has the green padlock). A live Facebook phish that uses SSL (has the green padlock). MORE
Researchers: Campaign Designed to Steal Users' Credentials, Launch Other Attacks A recent phishing campaign bypassed multifactor authentication protections within Microsoft Office 365 to steal users' credentials stored in the cloud or launch other attacks, according to the security firm Cofense MORE
A new phone-based phishing scam that spoofs Apple Inc. As I noted in my October 2018 piece, Voice Phishing Scams are Getting More Clever , phone phishing usually invokes an element of urgency in a bid to get people to let their guard down. MORE
Phishing Continues to Be One of the Primary Breach Vectors in Healthcare' Yet another major phishing-related health data breach has been reported to federal regulators. MORE
European Central Bank Among Those Issuing Warnings As COVID-19 spreads, cybercriminals are sending more phishing emails that use the health emergency as a lure, according to security researchers. MORE
Myke Lyons of ServiceNow on Tackling Social Engineering Threats Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow MORE
Richard Conti of Children's Hospital of Philadelphia on Risk Mitigation Steps Because phishing attacks are so pervasive, aggressive staff educational efforts are essential, says Richard Conti of The Children's Hospital of Philadelphia, who also discusses other risk mitigation steps MORE
Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Phone-based phishing attacks are getting way more clever and are even snaring technology experts, as last month’s story shows. MORE
But all that activity has made social media a breeding ground for a new form of cyber attack known as angler phishing. What is angler phishing? Angler phishing is a specific type of phishing attack that exists on social media. Phishing email protection. MORE
Researchers Say Attackers Targeted American and Canadian Banking Customers Cybercriminals targeted mobile banking users by sending malicious SMS messages to their smartphones as part of a phishing campaign to steal account holders' information, including usernames and passwords, according to the cybersecurity firm Lookout. MORE
Cybercriminals are hunting out victims' Office 365 credentials -- by dishing out Supreme court "summons" in a phishing attack. Web Security email attack fake captcha form Microsoft Office 365 Phishing subpoena phish Supreme Court MORE
Researchers: Emails Contain Google Links to Make Them Appear Credible Some fraudsters waging phishing campaigns are using fake websites hosted on Google's Firebase Storage service in an attempt to harvest credentials, according to Trustwave, which notes the phishing emails contain links to the service to make them look more credible. MORE
227 Campaigns Aimed at Stealing Credentials, Distributing Malware Cybercriminals are using spoofed messages and images from Zoom and Cisco WebEx as lures in new phishing campaigns that are designed to steal credentials or distribute malware, according to the security firm Proofpoint MORE
Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Also part of the phishing kit was a text document containing some 100,000 business email addresses — most of them ending in Canadian (.ca) MORE
warns that a "widespread, ongoing" phishing campaign is targeting its members MORE
Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. FULLY AUTOMATED PHONE PHISHING. MORE
Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple , whose brand by many measures remains among the most-targeted. Apple phishing MORE
A spate of phishing attacks have promised financial relief due to the coronavirus pandemic - but in reality swiped victims' credentials, payment card data and more. MORE
Prices for Kits Soar; Ads Proliferate on Dark Net Markets Ads for phishing kits doubled last year on underground forums and dark net markets, with prices skyrocketing over 149 percent - an apparent indicator of strong demand, according to security firm Group-IB MORE
Class Action Suits Would Focus on PIH Health Breach That Affected 200,000 Several law firms are racing to be among the first to file class action lawsuits against PIH Health in the wake of the California-based regional healthcare network reporting last month that a 2019 phishing breach affected nearly 200,000 individuals. Why the rush? MORE
227 Web Security Cisco WebEx phishing attack phishing email remote workers skype skype phishing Webex zoomAttackers are sending convincing emails that ultimately steal victims' Skype credentials. MORE
Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. MORE
The report focuses on phishing kits – the driving force of the phishing industry, which is hard to detect but extremely valuable in terms of fight against phishing. Last year, phishing kit creators’ favorite brands were Amazon, Google and Office 365. MORE
Organizations Targeted With Ransomware, Infostealer Two recently uncovered phishing campaigns used COVID-19 themes as a lure in an attempt to spread ransomware and information stealers, according to Palo Alto Networks' Unit 42 division MORE
and other nations adopting economic stimulus packages as a result of the global COVID-19 pandemic, fraudsters are now using the promise of government checks as phishing lures to spread banking Trojans, according to a pair of new security research reports MORE
Malicious Messages Attempt to Install NetSupport Manager Tool on Devices Microsoft is warning Windows users about an ongoing "massive" COVID-19-themed phishing campaign that is attempting to install the NetSupport Manager on devices. MORE
In Wake of Recent Incidents, Experts Offer Insights on Critical Steps to Take As phishing attacks continue to menace healthcare and other business sectors, security experts say organizations must take critical steps to prevent falling victim and help limit the potential damage MORE
Fraudsters Look to Harvest Office 365 Credentials From At-Home Employees A recently uncovered phishing campaign is spoofing notifications from Microsoft's Teams collaboration platform in order to harvest Office 365 credentials from employees working from home offices because of the COVID-19 pandemic, according to research from Abnormal Security. MORE
Microsoft Spots Malicious Messages Spreading LokiBot Infostealer Fraudsters are honing their phishing emails tied to the COVID-19 crisis, using fake messages about business continuity plans and new payment procedures to spread the LokiBot information stealer, Microsoft researchers report MORE
224 Latest Schemes Target At-Home Employees; Some Spoof Health Agencies As the global COVID-19 pandemic worsens, security firms and law enforcement, including the FBI, are warning of increasing phishing and other the cybercriminal scams targeting a largely at-home workforce MORE
Phishing Related Topics 
Data Breach Today
MAY 20, 2020
Researchers: Campaign Designed to Steal Users' Credentials, Launch Other Attacks A recent phishing campaign bypassed multifactor authentication protections within Microsoft Office 365 to steal users' credentials stored in the cloud or launch other attacks, according to the security firm Cofense
Data Breach Today
MAY 22, 2020
Researchers: Emails Contain Google Links to Make Them Appear Credible Some fraudsters waging phishing campaigns are using fake websites hosted on Google's Firebase Storage service in an attempt to harvest credentials, according to Trustwave, which notes the phishing emails contain links to the service to make them look more credible.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
APRIL 20, 2020
Phishing Campaigns Up Since the Onset of Pandemic TrickBot is the malware most commonly distributed in phishing emails that use the COVID-19 pandemic as a lure to entice victims to open up attached files or malicious links, according to Microsoft
Data Breach Today
MAY 14, 2020
Microsoft Spots Malicious Messages Spreading LokiBot Infostealer Fraudsters are honing their phishing emails tied to the COVID-19 crisis, using fake messages about business continuity plans and new payment procedures to spread the LokiBot information stealer, Microsoft researchers report
Data Breach Today
MARCH 23, 2020
Latest Schemes Target At-Home Employees; Some Spoof Health Agencies As the global COVID-19 pandemic worsens, security firms and law enforcement, including the FBI, are warning of increasing phishing and other the cybercriminal scams targeting a largely at-home workforce
Data Breach Today
MAY 2, 2020
Fraudsters Look to Harvest Office 365 Credentials From At-Home Employees A recently uncovered phishing campaign is spoofing notifications from Microsoft's Teams collaboration platform in order to harvest Office 365 credentials from employees working from home offices because of the COVID-19 pandemic, according to research from Abnormal Security.
|
Data Breach Today
APRIL 27, 2020
Cybercriminals Pivoting to Economic Stimulus Lures Some fraudsters have pivoted from using the COVID-19 pandemic as a phishing lure to creating messages and malicious domains designed to capitalize on various U.S.
Data Breach Today
MAY 22, 2020
Malicious Messages Attempt to Install NetSupport Manager Tool on Devices Microsoft is warning Windows users about an ongoing "massive" COVID-19-themed phishing campaign that is attempting to install the NetSupport Manager on devices.
Data Breach Today
FEBRUARY 19, 2020
UN's World Health Organization Warns of Fraud Attempts As the coronavirus generates headlines around the world, cybercriminals are continuing to use this public health crisis to spread phishing emails and create malicious domains for a variety of fraud.
Threatpost
APRIL 23, 2020
Web Security Cisco WebEx phishing attack phishing email remote workers skype skype phishing Webex zoomAttackers are sending convincing emails that ultimately steal victims' Skype credentials.
Data Breach Today
MAY 1, 2020
Top Victims Include Financial Services and Law Firms, Group-IB Warns A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB.
|
|
Data Breach Today
APRIL 22, 2020
Campaigns Aimed at Stealing Credentials, Distributing Malware Cybercriminals are using spoofed messages and images from Zoom and Cisco WebEx as lures in new phishing campaigns that are designed to steal credentials or distribute malware, according to the security firm Proofpoint
Data Breach Today
FEBRUARY 11, 2020
Researchers Describe a Wide Variety of Tactics As fears about the coronavirus continue to spread, cybercriminals are using the health crisis to send phishing emails using a variety of tactics to a broader range of targets
Data Breach Today
MAY 5, 2020
warns that a "widespread, ongoing" phishing campaign is targeting its members
Krebs on Security
JANUARY 13, 2020
Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple , whose brand by many measures remains among the most-targeted. Apple phishing
Data Breach Today
JULY 19, 2019
Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users.
Data Breach Today
APRIL 8, 2019
Myke Lyons of ServiceNow on Tackling Social Engineering Threats Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow
Krebs on Security
JANUARY 3, 2019
A new phone-based phishing scam that spoofs Apple Inc. As I noted in my October 2018 piece, Voice Phishing Scams are Getting More Clever , phone phishing usually invokes an element of urgency in a bid to get people to let their guard down.
Security Affairs
APRIL 15, 2020
The report focuses on phishing kits – the driving force of the phishing industry, which is hard to detect but extremely valuable in terms of fight against phishing. Last year, phishing kit creators’ favorite brands were Amazon, Google and Office 365.
Data Breach Today
MARCH 31, 2020
and other nations adopting economic stimulus packages as a result of the global COVID-19 pandemic, fraudsters are now using the promise of government checks as phishing lures to spread banking Trojans, according to a pair of new security research reports
Data Breach Today
DECEMBER 4, 2018
Richard Conti of Children's Hospital of Philadelphia on Risk Mitigation Steps Because phishing attacks are so pervasive, aggressive staff educational efforts are essential, says Richard Conti of The Children's Hospital of Philadelphia, who also discusses other risk mitigation steps
Data Breach Today
MAY 20, 2019
In Wake of Recent Incidents, Experts Offer Insights on Critical Steps to Take As phishing attacks continue to menace healthcare and other business sectors, security experts say organizations must take critical steps to prevent falling victim and help limit the potential damage
Krebs on Security
OCTOBER 1, 2018
Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. FULLY AUTOMATED PHONE PHISHING.
Data Breach Today
APRIL 15, 2020
Organizations Targeted With Ransomware, Infostealer Two recently uncovered phishing campaigns used COVID-19 themes as a lure in an attempt to spread ransomware and information stealers, according to Palo Alto Networks' Unit 42 division
Krebs on Security
MAY 22, 2019
Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Also part of the phishing kit was a text document containing some 100,000 business email addresses — most of them ending in Canadian (.ca)
Data Breach Today
FEBRUARY 25, 2020
Phishing Continues to Be One of the Primary Breach Vectors in Healthcare' Yet another major phishing-related health data breach has been reported to federal regulators.
Krebs on Security
NOVEMBER 26, 2018
Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. A live Paypal phishing site that uses [link] (has the green padlock). A live Facebook phish that uses SSL (has the green padlock).
IT Governance
JUNE 24, 2019
But all that activity has made social media a breeding ground for a new form of cyber attack known as angler phishing. What is angler phishing? Angler phishing is a specific type of phishing attack that exists on social media. Phishing email protection.
Data Breach Today
JULY 15, 2019
Fraudsters Use Phishing Kit Called 16Shop, McAfee Reports In the run-up to Amazon Prime Day, some of the company's customers were being targeted by a phishing kit called 16Shop, according to McAfee researchers.
Threatpost
MAY 21, 2020
Cybercriminals are hunting out victims' Office 365 credentials -- by dishing out Supreme court "summons" in a phishing attack. Web Security email attack fake captcha form Microsoft Office 365 Phishing subpoena phish Supreme Court
Data Breach Today
APRIL 4, 2020
FortiGuard Labs Researchers Find WHO Images Used As Lure Again A recently uncovered spear-phishing campaign is using fears of the COVID-19 pandemic to spread an information stealer called LokiBot.
Krebs on Security
NOVEMBER 2, 2018
Thieves are combining SMS-based phishing attacks with new “cardless” ATMs to rapidly convert phished bank account credentials into cash. Phone-based phishing attacks are getting way more clever and are even snaring technology experts, as last month’s story shows.
Data Breach Today
APRIL 17, 2020
Prices for Kits Soar; Ads Proliferate on Dark Net Markets Ads for phishing kits doubled last year on underground forums and dark net markets, with prices skyrocketing over 149 percent - an apparent indicator of strong demand, according to security firm Group-IB
Threatpost
APRIL 1, 2020
A spate of phishing attacks have promised financial relief due to the coronavirus pandemic - but in reality swiped victims' credentials, payment card data and more.
Data Breach Today
MARCH 10, 2020
European Central Bank Among Those Issuing Warnings As COVID-19 spreads, cybercriminals are sending more phishing emails that use the health emergency as a lure, according to security researchers.
Threatpost
MAY 5, 2020
Researchers say spear-phishing emails purporting to be from telecom giant EE are being sent to top corporate execs. Web Security Credentials EE EE telecom payment info Phishing phishing email Spear Phishing
Data Breach Today
APRIL 24, 2019
Among the top new spear phishing threats to enterprises: Extortion. Asaf Cidon of Barracuda outlines the top three spear phishing threats and new strategies to defend against them
Data Breach Today
FEBRUARY 18, 2020
Researchers Say Attackers Targeted American and Canadian Banking Customers Cybercriminals targeted mobile banking users by sending malicious SMS messages to their smartphones as part of a phishing campaign to steal account holders' information, including usernames and passwords, according to the cybersecurity firm Lookout.
Data Breach Today
SEPTEMBER 23, 2019
Svetoslav Donchev Helped Scam Victims Out of More Than $50 Million, Authorities Say A Bulgarian man has been sentenced to nine years in prison after pleading guilty in connection with his role in running a large-scale phishing campaign that scammed victims out of $51 million
Data Breach Today
FEBRUARY 10, 2020
Class Action Suits Would Focus on PIH Health Breach That Affected 200,000 Several law firms are racing to be among the first to file class action lawsuits against PIH Health in the wake of the California-based regional healthcare network reporting last month that a 2019 phishing breach affected nearly 200,000 individuals. Why the rush?
Let's personalize your content