Phishing

NordVPN has added a new tool to its security suite for macOS and Windows, introducing email protection for users facing growing phishing and malware threats. The feature checks links inside emails as you open them in a browser and displays visual alerts when it identifies unsafe destinations. It then gives users real time guidance before they click anything risky.

Email protection checks each visible link in an open message and compares it with threat intelligence data. If a link leads to a site tied to phishing, malware, or other harmful activity, the system alerts users immediately so that they can take the relevant steps to avoid it.

The latest Cyber Threat Intelligence Report from Hoxhunt looks at the quantity and quality of threats that bypass firewalls and email filters.

It finds attackers are improving their techniques to create more credible threats which are more likely to slip past defenses. Phishing techniques are improving with cleaner language, more convincing formatting and more believable workflow mimicry.

Although the UK's Online Safety Act has made significant strides in holding online platforms accountable for harmful content, new research reveals a concerning gap in personal cybersecurity awareness among British internet users.

The study from AstrillVPN analysed search data from Google Keyword Planner to identify the privacy concerns most frequently searched by Britons. The results show password security and anonymous browsing are currently dominating the public’s attention.

With Black Friday on the horizon and peak holiday shopping underway people are expecting deliveries. When shoppers are tracking multiple orders at once they are far more willing to trust a parcel that arrives unexpectedly and a new quishing scam is looking to exploit that.

If scammers have your name and address from previous data breaches, scraped social media posts or public directories, they cab easily make a fake parcel look authentic. Adding a QR code makes people think it’s related to tracking or returns so they’re likely to scan it without thinking.

As we approach the busiest time of the year for online shopping, scammers and phisherfolk are also preparing for a seasonal bonanza. 1Password has surveyed 2,000 American adults to learn how people are protecting themselves -- or not -- from phishing scams.

It finds that 66 percent of respondents say they’ve noticed more 'scammy' messages, phone calls, and ads since AI became more prevalent. In addition 82 percent of respondents have been phished, or have come dangerously close to it.

Among all of the various forms of cyberattack phishing attempts delivered by email are still one of the most common.

What’s more AI is making these attacks more effective, because you can no longer rely on looking out for dodgy grammar or other signs that a message may not be what it seems.

Microsoft was the most impersonated brand in worldwide phishing attacks during the third quarter of 2025. 40 percent of such attempts used the company’s name, according to Check Point Research’s Brand Phishing Report for Q3.

Google took the second spot with 9 percent of global phishing activity, while Apple was third with 6 percent. Together, those three names accounted for more than half of all brand impersonation attempts in the period.

A new study of over 1,000 US parents with children at home between the ages of two and 20 finds that 35 percent of families have experienced a phishing scam via text, email or chat, and 25 percent have had a game or social media account hacked.

The report from Bitwarden finds that children as young as three to five are already using the internet, and 42 percent of parents in this age group say their child has unintentionally shared personal information. Nearly 80 percent of kids ages three to 12 have their own tablet, making device access nearly universal by early elementary school.

Cybercrime has become a global epidemic, with costs soaring across sectors and borders. But who’s paying the price and how has that changed since the turn of the century?

Researchers from vpnMentor have analyzed 25 years of FBI Internet Crime Complaint Center (IC3) data along with a review of major global incidents to discover the cost of cybercrime and how it’s evolving.

A new survey reveals that 44 percent of all participants admit to having interacted with a phishing message in the last year. Gen Z stands out as the most susceptible demographic, with 62 percent reporting engagement with a phishing scam in the past year, significantly higher than other age groups.

Commissioned by Yubico and conducted by Talker Research, the survey gathered insights from 18,000 employed adults across nine countries including Australia, France, Germany, India, Japan, Singapore, Sweden, the UK and the US. It explored individuals’ cybersecurity habits in both their workplace and personal lives.

Phishing has overtaken all other vectors as the leading entry point for ransomware, cited by 35 percent of affected organizations, up sharply from 25 percent in 2024.

This is one of the findings of a new report from SpyCloud which also shows that 85 percent of organizations were affected by ransomware at least once in the past year, with nearly a third (31 percent) reporting six to 10 ransomware events in the last year.

As we do more and more on our mobile devices it’s clear that the front line of cyber defense isn't the corporate server it's the employee's phone.

As AI boosts social engineering, hackers are bypassing traditional firewalls to target people directly with smishing and phishing, making every employee a critical, and often vulnerable, defender against highly convincing threats.

We tend to think of cybersecurity as being a technology problem, but in fact it’s often about humans. Attackers exploit our weaknesses with social engineering, phishing and other attacks designed to trick us into giving up valuable information.

A new whitepaper released today by KnowBe4 looks at the core principles of a modern human risk management (HRM) approach and how organizations can apply the framework to strengthen security culture and drive measurable change in employee behavior.

Phishing emails often feature malicious links (URLs) that lead victims to fake websites
where they are infected with harmful software or tricked into giving away personal
information.

There’s a constant battle between security tools getting better at identifying bad links and attackers trying to hide them more effectively. Barracuda has uncovered some of the latest approaches its researchers are seeing in attacks involving the advanced phishing-as-a-service (PhaaS) kit, Tycoon.

Google has taken the unusual move of addressing claims about a major Gmail security issue – claims the company says are “entirely false”.

Insisting that “Gmail’s protections are strong and effective”, Google does not specify which claims it is referring to or where they stem from. What is clear, though, is that the company has been rattled by whoever has tried to bring into question the security of its email platform.