Expert insights. Personalized for you.
Social Media Firm Says Fraudsters Executed Their Cryptocurrency Scam Within a Day The hackers who hijacked 130 high-profile Twitter accounts as part of a cryptocurrency scam earlier this month used a telephone-based spear-phishing attack to obtain employee credentials, the social media company says MORE
246 
Up to 50,000 Office 365 users are being targeted by a phishing campaign that purports to notify them of a "missed chat" from Microsoft Teams. MORE
Approach Helps Hackers Circumvent Security Tools Fraudsters are increasingly using free Google services to create more realistic phishing emails and malicious domains that circumvent security filters, the security firm Armorblox reports MORE
Messages Contain Malware, Attempt to Steal Banking Credentials The Australian Cyber Security Center is warning that fraudsters have recently started sending phishing emails that spoof the agency and contain malware designed to steal banking credentials MORE
Researchers: Campaign Designed to Steal Users' Credentials, Launch Other Attacks A recent phishing campaign bypassed multifactor authentication protections within Microsoft Office 365 to steal users' credentials stored in the cloud or launch other attacks, according to the security firm Cofense MORE
Malwarebytes Says Campaign Designed to Steal Banking Credentials Malwarebytes reports that a newly discovered phishing campaign is spoofing a U.S. Small Business Administration loan offer in an attempt to steal banking credentials and other personal data MORE
Messages Use an OAuth-Based Consent App to Gain Office 365 Access Fraudsters are sending phishing emails with messages about the Coinbase cryptocurrency exchange to Microsoft Office 365 users in an attempt to take over their inboxes and gain access to data, according to the security firm KnowBe4 MORE
Subway UK confirmed the hack of a marketing system that was used to send out phishing messages to deliver malware to the customers. Hackers have compromised a marketing system in Subway UK and used it to send out phishing messages to deliver malware to the customers. MORE
A new phone-based phishing scam that spoofs Apple Inc. As I noted in my October 2018 piece, Voice Phishing Scams are Getting More Clever , phone phishing usually invokes an element of urgency in a bid to get people to let their guard down. A Little Sunshine Latest Warnings The Coming Storm 866-277-7794 apple phone phishing Global Cyber Risk LLC Jody Westbyis likely to fool quite a few people. MORE
Fraudsters Using Evasive Techniques to Bypass Secure Email Gateways Microsoft's Security Intelligence team is warning users of the Office 365 suite about an ongoing phishing campaign that appears to be harvesting victims' credentials. MORE
Myke Lyons of ServiceNow on Tackling Social Engineering Threats Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow MORE
Researchers: Employees Lured With Messages About Shift to Workplace Researchers at Abnormal Security have uncovered a credential-stealing phishing campaign that spoofs internal company memos concerning returning to the office MORE
Researchers: Fraudsters Offer Lure of $600 Payment for Pandemic Relief A recently uncovered phishing campaign is spoofing messages from the New York State Department of Labor, claiming to offer $600 as part of a COVID-19 relief program, according to Abnormal Security. MORE
Researchers: Charming Kitten Campaign Used SMS and Email Messages A recent phishing campaign tied to an Iranian hacking group known as Charming Kitten used SMS and email messages to spread malicious links to steal the email credentials of potential victims in the U.S., MORE
Fraudsters Leverage Automated Messages in Effort to Steal Office 365 Credentials Fraudsters are mimicking automated messages from Microsoft SharePoint for a phishing campaign that attempts to steal Office 365 credentials, according to the security firm Abnormal Security MORE
A phishing campaign is targeting employees with phony email reminders for cybersecurity and phishing awareness training. . The post Phishing Campaign Pretends to be Phishing Training Reminder appeared first on Adam Levin. MORE
Two Men Accused of Sending Messages to Obtain Personal, Bank Information Australian police say they've broken up a sophisticated SMS phishing scheme designed to collect personal details and bank login credentials. MORE
Researchers: Emails Contain Google Links to Make Them Appear Credible Some fraudsters waging phishing campaigns are using fake websites hosted on Google's Firebase Storage service in an attempt to harvest credentials, according to Trustwave, which notes the phishing emails contain links to the service to make them look more credible MORE
177 
Researchers: Fraudsters' Domains Created to Steal Office 365 Credentials A recent spear-phishing campaign in which emails appear to originate with legitimate companies is targeting enterprise users to steal Office 365 credentials, according to Abnormal Security MORE
Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. Fraudsters can use a variety of open-source and free tools to fake or “spoof” the number displayed as the caller ID, lending legitimacy to phone phishing schemes. FULLY AUTOMATED PHONE PHISHING. MORE
Researchers: Campaign Looks To Harvest Users' Office 365 Credentials An ongoing phishing campaign designed to harvest Office 365 credentials is using a Microsoft Outlook migration message, according to researchers at Abnormal Security. MORE
Scammers Now Attempting to Steal Banking and Driver's License Information Fraudsters operating an election-themed phishing campaign have tweaked their malicious landing pages to harvest more information, including banking credentials, account data and vehicle identification information, Proofpoint reports. MORE
201 Researchers: Backdoor Tied to Russia-Linked Group Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports MORE
Campaign Designed to Steal Credentials A recently uncovered phishing campaign used the European Union's General Data Protection Regulation as a lure to steal login credentials. The campaign enticed victims with subject lines indicating their email security system was not in compliance with the law, according to Area 1 Security MORE
Phishing campaigns spreading the malware are using COVID-19 themes as a lure MORE
Area 1 Security: Emails Deliver Bazar Backdoor and Buer Loader Researchers at Area 1 Security say a recently uncovered phishing campaign using a message saying that the recipient has been fired from their job is attempting to plant two malware strains - Bazar and Buer - using the Trickbot botnet MORE
Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. In these incidents, attackers are sending a hyperlink as part of a phony account update to access the victim's credentials and other account details, according to researchers at the security firm Cofense MORE
Watch out for these top phishing approaches this holiday season. InfoSec Insider Web Security brian foster COVID-19 holiday season infosec insider mobiliron online shopping phishing lures Smishing Spear Phishing top phishing types Vishing MORE
Researchers: Fraudsters Target Office 365 Users to Harvest Credentials Researchers have uncovered a fresh phishing campaign that mimics the automated messages of the popular business communication platform Microsoft Teams in an attempt to harvest users' Office 365 login credentials MORE
Fraudsters Look to Harvest Office 365 Credentials From At-Home Employees A recently uncovered phishing campaign is spoofing notifications from Microsoft's Teams collaboration platform in order to harvest Office 365 credentials from employees working from home offices because of the COVID-19 pandemic, according to research from Abnormal Security MORE
Research paper: Rick Wash, “ How Experts Detect Phishing Scam Emails “: Abstract: Phishing scam emails are emails that pretend to be something they are not in order to get the recipient of the email to undertake some action they normally would not. While technical protections against phishing reduce the number of phishing emails received, they are not perfect and phishing remains one of the largest sources of security risk in technology and communication systems. MORE
Microsoft Spots Malicious Messages Spreading LokiBot Infostealer Fraudsters are honing their phishing emails tied to the COVID-19 crisis, using fake messages about business continuity plans and new payment procedures to spread the LokiBot information stealer, Microsoft researchers report MORE
170 
CISA Calls Attention to New IBM Report on Supply Chain Risks CISA, citing a new report by IBM, is warning organizations involved in COVID-19 vaccine production and distribution of a global phishing campaign targeting the cold storage and transport supply chain. MORE
Latest Schemes Target At-Home Employees; Some Spoof Health Agencies As the global COVID-19 pandemic worsens, security firms and law enforcement, including the FBI, are warning of increasing phishing and other the cybercriminal scams targeting a largely at-home workforce MORE
Employees Outraged at Phishing Test Teasing a Bonus Training employees to resist phishing emails is key to preventing compromises. created a searing backlash after its phishing exercise tempted employees with bogus bonuses in a year in which they had already endured financial hardships Tribune Publishing Co. But an exercise run by Tribune Publishing Co. MORE
Cofense: Fraudsters Use Trusted Web Services to Evade Security Protocols A fresh round of phishing attacks is relying on using trusted services and a well-designed social engineering scheme to trick users into enabling malware to bypass an end point's security protocols, says Aaron Higbee of the security firm Cofense. MORE
Researchers Say Fraudsters Are Likely Harvesting Office 365 Credentials An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales. MORE
Researchers: Backdoor Tied to Russia-Linked Group Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports MORE
Phishing Related Topics 
Data Breach Today
DECEMBER 4, 2020
Researchers: 'Shadow Academy' Activity Coincided With Start of School Year A hacking group targeted 20 universities and other schools around the world earlier this year with a series of phishing campaigns designed to steal credentials, according to researchers at RiskIQ
Data Breach Today
OCTOBER 26, 2020
Scammers Now Attempting to Steal Banking and Driver's License Information Fraudsters operating an election-themed phishing campaign have tweaked their malicious landing pages to harvest more information, including banking credentials, account data and vehicle identification information, Proofpoint reports.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
NOVEMBER 18, 2020
Fraudsters Using Evasive Techniques to Bypass Secure Email Gateways Microsoft's Security Intelligence team is warning users of the Office 365 suite about an ongoing phishing campaign that appears to be harvesting victims' credentials.
Data Breach Today
SEPTEMBER 24, 2020
Two Men Accused of Sending Messages to Obtain Personal, Bank Information Australian police say they've broken up a sophisticated SMS phishing scheme designed to collect personal details and bank login credentials.
Data Breach Today
JANUARY 6, 2021
Messages Contain Malware, Attempt to Steal Banking Credentials The Australian Cyber Security Center is warning that fraudsters have recently started sending phishing emails that spoof the agency and contain malware designed to steal banking credentials
Data Breach Today
DECEMBER 8, 2020
Researchers Say Fraudsters Are Likely Harvesting Office 365 Credentials An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales.
Data Breach Today
NOVEMBER 30, 2020
Researchers: Employees Lured With Messages About Shift to Workplace Researchers at Abnormal Security have uncovered a credential-stealing phishing campaign that spoofs internal company memos concerning returning to the office
Data Breach Today
DECEMBER 14, 2020
Researchers: Campaign Looks To Harvest Users' Office 365 Credentials An ongoing phishing campaign designed to harvest Office 365 credentials is using a Microsoft Outlook migration message, according to researchers at Abnormal Security.
Data Breach Today
JULY 22, 2020
Cofense: Fraudsters Use Trusted Web Services to Evade Security Protocols A fresh round of phishing attacks is relying on using trusted services and a well-designed social engineering scheme to trick users into enabling malware to bypass an end point's security protocols, says Aaron Higbee of the security firm Cofense.
Data Breach Today
OCTOBER 23, 2020
Researchers: Fraudsters Target Office 365 Users to Harvest Credentials Researchers have uncovered a fresh phishing campaign that mimics the automated messages of the popular business communication platform Microsoft Teams in an attempt to harvest users' Office 365 login credentials
Data Breach Today
JULY 31, 2020
Social Media Firm Says Fraudsters Executed Their Cryptocurrency Scam Within a Day The hackers who hijacked 130 high-profile Twitter accounts as part of a cryptocurrency scam earlier this month used a telephone-based spear-phishing attack to obtain employee credentials, the social media company says
Data Breach Today
AUGUST 10, 2020
Malwarebytes Says Campaign Designed to Steal Banking Credentials Malwarebytes reports that a newly discovered phishing campaign is spoofing a U.S. Small Business Administration loan offer in an attempt to steal banking credentials and other personal data
Data Breach Today
JANUARY 16, 2021
Researchers: Charming Kitten Campaign Used SMS and Email Messages A recent phishing campaign tied to an Iranian hacking group known as Charming Kitten used SMS and email messages to spread malicious links to steal the email credentials of potential victims in the U.S.,
Data Breach Today
NOVEMBER 11, 2020
Area 1 Security: Emails Deliver Bazar Backdoor and Buer Loader Researchers at Area 1 Security say a recently uncovered phishing campaign using a message saying that the recipient has been fired from their job is attempting to plant two malware strains - Bazar and Buer - using the Trickbot botnet
Data Breach Today
DECEMBER 3, 2020
CISA Calls Attention to New IBM Report on Supply Chain Risks CISA, citing a new report by IBM, is warning organizations involved in COVID-19 vaccine production and distribution of a global phishing campaign targeting the cold storage and transport supply chain.
Data Breach Today
DECEMBER 10, 2020
Researchers: Backdoor Tied to Russia-Linked Group Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports
Data Breach Today
MARCH 23, 2020
Latest Schemes Target At-Home Employees; Some Spoof Health Agencies As the global COVID-19 pandemic worsens, security firms and law enforcement, including the FBI, are warning of increasing phishing and other the cybercriminal scams targeting a largely at-home workforce
Adam Levin
SEPTEMBER 16, 2020
A phishing campaign is targeting employees with phony email reminders for cybersecurity and phishing awareness training. . The post Phishing Campaign Pretends to be Phishing Training Reminder appeared first on Adam Levin.
Data Breach Today
APRIL 20, 2020
Phishing Campaigns Up Since the Onset of Pandemic TrickBot is the malware most commonly distributed in phishing emails that use the COVID-19 pandemic as a lure to entice victims to open up attached files or malicious links, according to Microsoft
Data Breach Today
DECEMBER 10, 2020
Researchers: Backdoor Tied to Russia-Linked Group Russia-linked hackers used phishing emails with COVID-19 themes as a way to infect devices with a backdoor called Zebrocy, the security firm Intezer reports
Data Breach Today
MAY 20, 2020
Researchers: Campaign Designed to Steal Users' Credentials, Launch Other Attacks A recent phishing campaign bypassed multifactor authentication protections within Microsoft Office 365 to steal users' credentials stored in the cloud or launch other attacks, according to the security firm Cofense
Data Breach Today
NOVEMBER 20, 2020
Approach Helps Hackers Circumvent Security Tools Fraudsters are increasingly using free Google services to create more realistic phishing emails and malicious domains that circumvent security filters, the security firm Armorblox reports
Data Breach Today
SEPTEMBER 25, 2020
Employees Outraged at Phishing Test Teasing a Bonus Training employees to resist phishing emails is key to preventing compromises. created a searing backlash after its phishing exercise tempted employees with bogus bonuses in a year in which they had already endured financial hardships Tribune Publishing Co. But an exercise run by Tribune Publishing Co.
Threatpost
NOVEMBER 19, 2020
Watch out for these top phishing approaches this holiday season. InfoSec Insider Web Security brian foster COVID-19 holiday season infosec insider mobiliron online shopping phishing lures Smishing Spear Phishing top phishing types Vishing
Data Breach Today
DECEMBER 16, 2020
Researchers: Fraudsters' Domains Created to Steal Office 365 Credentials A recent spear-phishing campaign in which emails appear to originate with legitimate companies is targeting enterprise users to steal Office 365 credentials, according to Abnormal Security
Data Breach Today
OCTOBER 21, 2020
Messages Use an OAuth-Based Consent App to Gain Office 365 Access Fraudsters are sending phishing emails with messages about the Coinbase cryptocurrency exchange to Microsoft Office 365 users in an attempt to take over their inboxes and gain access to data, according to the security firm KnowBe4
Data Breach Today
MAY 22, 2020
Researchers: Emails Contain Google Links to Make Them Appear Credible Some fraudsters waging phishing campaigns are using fake websites hosted on Google's Firebase Storage service in an attempt to harvest credentials, according to Trustwave, which notes the phishing emails contain links to the service to make them look more credible
Data Breach Today
SEPTEMBER 25, 2020
Campaign Designed to Steal Credentials A recently uncovered phishing campaign used the European Union's General Data Protection Regulation as a lure to steal login credentials. The campaign enticed victims with subject lines indicating their email security system was not in compliance with the law, according to Area 1 Security
Schneier on Security
NOVEMBER 6, 2020
Research paper: Rick Wash, “ How Experts Detect Phishing Scam Emails “: Abstract: Phishing scam emails are emails that pretend to be something they are not in order to get the recipient of the email to undertake some action they normally would not. While technical protections against phishing reduce the number of phishing emails received, they are not perfect and phishing remains one of the largest sources of security risk in technology and communication systems.
Data Breach Today
MAY 2, 2020
Fraudsters Look to Harvest Office 365 Credentials From At-Home Employees A recently uncovered phishing campaign is spoofing notifications from Microsoft's Teams collaboration platform in order to harvest Office 365 credentials from employees working from home offices because of the COVID-19 pandemic, according to research from Abnormal Security
Krebs on Security
JANUARY 3, 2019
A new phone-based phishing scam that spoofs Apple Inc. As I noted in my October 2018 piece, Voice Phishing Scams are Getting More Clever , phone phishing usually invokes an element of urgency in a bid to get people to let their guard down. A Little Sunshine Latest Warnings The Coming Storm 866-277-7794 apple phone phishing Global Cyber Risk LLC Jody Westbyis likely to fool quite a few people.
Threatpost
OCTOBER 22, 2020
Up to 50,000 Office 365 users are being targeted by a phishing campaign that purports to notify them of a "missed chat" from Microsoft Teams.
Data Breach Today
JULY 28, 2020
Fraudsters Leverage Automated Messages in Effort to Steal Office 365 Credentials Fraudsters are mimicking automated messages from Microsoft SharePoint for a phishing campaign that attempts to steal Office 365 credentials, according to the security firm Abnormal Security
Data Breach Today
MAY 14, 2020
Microsoft Spots Malicious Messages Spreading LokiBot Infostealer Fraudsters are honing their phishing emails tied to the COVID-19 crisis, using fake messages about business continuity plans and new payment procedures to spread the LokiBot information stealer, Microsoft researchers report
Data Breach Today
APRIL 24, 2019
Among the top new spear phishing threats to enterprises: Extortion. Asaf Cidon of Barracuda outlines the top three spear phishing threats and new strategies to defend against them
Data Breach Today
APRIL 8, 2019
Myke Lyons of ServiceNow on Tackling Social Engineering Threats Phishing remains one of the most significant attack vectors, and security automation, orchestration and response, or SOAR, can help minimize the threat, says Myke Lyons of ServiceNow
Data Breach Today
JULY 31, 2020
Phishing campaigns spreading the malware are using COVID-19 themes as a lure
Data Breach Today
JULY 19, 2019
Researchers Say Campaign Uses Email Hyperlink Splits to Evade URL Filters Researchers have uncovered a new type of phishing campaign that is targeting American Express card users. In these incidents, attackers are sending a hyperlink as part of a phony account update to access the victim's credentials and other account details, according to researchers at the security firm Cofense
Krebs on Security
OCTOBER 1, 2018
Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. Fraudsters can use a variety of open-source and free tools to fake or “spoof” the number displayed as the caller ID, lending legitimacy to phone phishing schemes. FULLY AUTOMATED PHONE PHISHING.
Security Affairs
DECEMBER 13, 2020
Subway UK confirmed the hack of a marketing system that was used to send out phishing messages to deliver malware to the customers. Hackers have compromised a marketing system in Subway UK and used it to send out phishing messages to deliver malware to the customers.
Let's personalize your content