Phishing Related Topics 
KnowBe4
MARCH 22, 2023
Users need to adapt to an evolving threat landscape in which attackers can use AI tools like ChatGPT to craft extremely convincing phishing emails, according to Matthew Tyson at CSO. Phishing Artificial Intelligence
Schneier on Security
JANUARY 27, 2023
This is a good list of modern phishing techniques. Uncategorized cyberattack phishing
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
KnowBe4
MARCH 9, 2023
INKY warns that a phishing campaign is targeting users of the Ring video security system. The scammers are sending brief phishing emails instructing recipients to click on the attached HTML file in order to update their membership. Phishing
Data Breach Today
MARCH 4, 2023
Attackers Exploit Economic Downturn by Deploying Malware in Resumes, ID Attachments Threat actors are exploiting the ongoing economic downturn using job-themed phishing and malware campaigns to target job seekers and employers to steal sensitive information and hack company recruiters.
Advertisement
Phishing is a problem that's plagued organizations for years. IT and Security teams will tell you that they’re spending too much time and money on phishing, but what does that mean? This report quantifies the financial impacts of phishing.
KnowBe4
OCTOBER 5, 2022
Here are some do’s and don'ts for your phishing simulation exercises. Phishing Cybersecurity Awareness Month
KnowBe4
MAY 17, 2022
Researchers at Fortinet observed a spear phishing attack that targeted a Jordanian diplomat late last month. Phishing Spear PhishingThe researchers attribute this attack to the Iranian state-sponsored threat actor APT34 (also known as OilRig or Helix Kitten).
KnowBe4
MARCH 16, 2023
Attackers are increasingly using techniques to prevent their phishing pages from being detected by security firms, a new report from BlueVoyant has found. Phishing
Schneier on Security
NOVEMBER 9, 2022
CISA is now pushing phishing-resistant multifactor authentication. Roger Grimes has an excellent post reminding everyone that “phishing-resistant” is not “phishing proof,” and that everyone needs to stop pretending otherwise.
Data Breach Today
OCTOBER 8, 2022
Phishing Incident Caused Service Disruptions and Delays Australian fruit and vegetable supplier Costa Group says it was subjected to a malicious and sophisticated phishing attack in August that resulted in unauthorized access to its servers.
KnowBe4
AUGUST 15, 2022
Cisco has disclosed a security incident that occurred as a result of sophisticated voice phishing attacks that targeted employees, according to researchers at Cisco Talos. Phishing
Data Breach Today
DECEMBER 10, 2022
Class Action Lawsuit Filed Against Rackspace for Negligence Hosted services company Rackspace is warning customers about the increasing risk of phishing attacks following a ransomware attack causing ongoing outages to its hosted Exchange environment.
Security Affairs
MARCH 14, 2023
AiTM phishing allows threat actors to circumvent multifactor authentication (MFA) through reverse-proxy functionality. Since May 2022, DEV-1101 is offering an open-source kit that automates setting up and launching sophisticated phishing attacks.
Krebs on Security
FEBRUARY 1, 2021
Authorities in the United Kingdom have arrested a 20-year-old man for allegedly operating an online service for sending high-volume phishing campaigns via mobile text messages. ” SMS Bandits offered an SMS phishing (a.k.a.
KnowBe4
JANUARY 19, 2023
Mandiant has published a report describing phishing emails that have breached organizations in the industrial sector. Mandiant explains that the majority of phishing attacks are untargeted and opportunistic. Phishing
Data Breach Today
NOVEMBER 23, 2022
But strong authentication can thwart even the most clever phishing campaigns, says Brett Winterford, regional chief security officer for APJ at Okta Successful account takeovers are one of the most common ways that organizations end up with attackers in their systems.
KnowBe4
JULY 11, 2022
Check Point Research (CPR) observed a 37% increase in Amazon-themed phishing attacks during the first week of July, ahead of Amazon Prime day this week. Another email tells users that their payment method needs to be confirmed, and contains a link to a phishing site. Phishing
Krebs on Security
NOVEMBER 10, 2021
” The remarkable aspect of these phone-based phishing scams is typically the attackers never even try to log in to the victim’s bank account. A Little Sunshine Latest Warnings Kris Stevens smishing voice phishing
Data Breach Today
AUGUST 27, 2022
Unusual Activity' By Third-Party Service Provider to Blame Food delivery firm DoorDash says its customers and employees have been impacted by the phishing attack on its third-party service provider.
KnowBe4
JUNE 27, 2022
A phishing campaign attempting to steal credentials for MetaMask cryptocurrency wallets, according to Lauryn Cash at Armorblox. Phishing
Data Breach Today
AUGUST 19, 2022
AWS Domains Used to Send Phishing Emails and Steal Credentials Threat actors are using Amazon Web Services solutions to create phishing pages that bypass security scanners and scam victims into handing over credentials.
KnowBe4
JANUARY 25, 2023
Researchers at Safeguard Cyber describe a phishing campaign that’s posing as a Japanese rail ticket reservation company. Phishing
KnowBe4
MARCH 1, 2023
Since phishing attacks need legitimacy to increase their deliverability, this latest twist shows how phishing scammers and hackers are working together to ensure phishing attacks continue. Phishing
Data Breach Today
MARCH 7, 2021
Zscaler Says it Prevented Over 2,500 Phishing Attacks A Microsoft-themed phishing campaign is using phony Google reCAPTCHA in an attempt to steal credentials from senior employees of various organizations, a new report by security firm Zcaler says.
KnowBe4
MARCH 23, 2023
New data shows that phishing mobile devices as an attack vector is growing in popularity – mostly because it’s increasingly working. Phishingin exponential terms.
KnowBe4
FEBRUARY 28, 2023
Social Engineering PhishingBlackBerry has published a report on a threat actor, Blind Eagle, also known as APT-C-36, which has been operating against targets in Ecuador and Colombia since at least 2019. Its most recent activity has been directed at organizations in Colombia. “On On Feb.
Data Breach Today
OCTOBER 26, 2020
Scammers Now Attempting to Steal Banking and Driver's License Information Fraudsters operating an election-themed phishing campaign have tweaked their malicious landing pages to harvest more information, including banking credentials, account data and vehicle identification information, Proofpoint reports.
KnowBe4
AUGUST 16, 2022
Researchers at AdvIntel warn that three more ransomware groups have begun using the BazarCall spear phishing technique invented by the Ryuk gang (a threat group that subsequently rebranded as Conti). The researchers outline the four stages of this technique: Phishing Spear Phishing Ransomwar
Data Breach Today
SEPTEMBER 24, 2020
Two Men Accused of Sending Messages to Obtain Personal, Bank Information Australian police say they've broken up a sophisticated SMS phishing scheme designed to collect personal details and bank login credentials.
KnowBe4
MARCH 8, 2023
Vade has released a report looking at phishing trends in 2022. PhishingThe researchers say the top three most-impersonated brands last year were Facebook, Microsoft, and Google.
KnowBe4
MARCH 16, 2023
Attackers are increasingly using techniques to prevent their phishing pages from being detected by security firms, a new report from BlueVoyant has found. Phishing
Data Breach Today
JULY 14, 2022
Attackers Targeted More Than 10,000 Organizations Since Last September Attackers used a phishing campaign to direct unwitting Microsoft business email customers into supplying logon credentials to a proxy server.
KnowBe4
JUNE 13, 2022
Researchers at PIXM have uncovered a major Facebook Messenger phishing scam that’s “potentially impacted hundreds of millions of Facebook users.” More than eight million people have visited just one of these phishing pages so far this year. Phishing
KnowBe4
SEPTEMBER 23, 2022
GitHub has issued an alert warning of a phishing campaign targeting users by impersonating the popular DevOps tool CircleCI, BleepingComputer reports. The phishing site is designed to harvest credentials as well as time-based one-time-password (TOTP) authentication codes. Phishing
KnowBe4
FEBRUARY 14, 2023
Attackers are abusing a legitimate service called “GeoTargetly” to launch localized phishing attacks, according to Jeremy Fuchs at Avanan. Avanan observed a phishing campaign that’s using phishing emails to target multiple countries in South America. Phishing
KnowBe4
DECEMBER 28, 2022
Social Engineering Phishing Spear PhishingBy Roger A. Grimes. KnowBe4 recommends that everyone use a password manager to create and use strong passwords as a part of their password policy [link].
KnowBe4
NOVEMBER 17, 2022
Researchers at Vade Secure describe a type of phishing attack dubbed “clone phishing,” in which attackers follow up a legitimate email from a trusted sender with a replica, claiming that they forgot to include a link or attachment. Phishing
Data Breach Today
MAY 28, 2021
Microsoft: Russians Used Malicious Messages Portrayed as Coming From USAID A Russian group that was behind the massive SolarWinds supply chain attack has returned with a fresh phishing campaign, according to Microsoft.
KnowBe4
JANUARY 17, 2023
Researchers at Group-IB are tracking a previously unknown threat actor dubbed “Dark Pink” that’s using spear phishing attacks to target government, military, and religious organizations. Phishing Spear Phishing
Data Breach Today
AUGUST 30, 2021
Researchers Find Fraudsters Pose as HR Execs to Harvest Credentials A recently uncovered phishing campaign used fake COVID-19 vaccination forms - and took advantage of confusion over whether employees will return to their offices this fall - to harvest workers' email credentials, according to analysts with security firm INKY.
Expert insights. Personalized for you.
98 
Let's personalize your content