Articles about Phishing

Researchers at Check Point have seen a 400 percent increase in phishing scams using DHL, Amazon and FedEx branding to try to get people to part with information during the peak online shopping period.

Two weeks ago, Check Point researchers documented an 80 percent increase in malicious phishing campaigns targeting online shoppers with 'special offers.' The latest spike uses subject lines like 'track your shipment' and 'delivery problem.'

Continue reading →

While the holiday season is a peak time for retailers, it also represents an opportunity for cybercriminals. This is particularly true of 2020 when more people than ever are likely to be shopping online.

Research from Comparitech analyzed around 30 million websites registered this month to identify efforts by cybercriminals to trick consumers looking for holiday shopping deals.

Continue reading →

Emotet began life as a banking Trojan back in 2014 but has since evolved into something much worse -- a self-propagating platform that can deploy multiple exploits and spam campaigns.

The number one malware threat today, Emotet usually takes a break during the summer months while the developers behind it work to add new features and capabilities, and now it’s back with a new 'Windows Update' attachment.

Continue reading →

The latest annual Cybersecurity Report Card from threat intelligence specialist DomainTools shows security breaches among those surveyed have remained essentially unchanged from last year's report at 16 percent.

Yet almost 60 percent of organizations detected a moderate to a dramatic increase in cyber attacks during and following the pandemic, which points to a rise in the overall breach prevention success rate.

Continue reading →

More than 80 percent of global employees do not want to return to the office full-time, despite 30 percent claiming that being isolated from their team was the biggest hindrance to productivity during lockdown.

A new study from mobile-centric security platform MobileIron also uncovers some worrying views around security, with 33 percent considering it to be low priority.

Continue reading →

Between March and July 2020, almost half of companies experienced a data breach or security incident according to a new report, and half of these were caused by phishing attacks.

The study from Tessian also reveals that 82 percent of IT leaders think their company is at greater risk of phishing attacks when employees are working away from the office.

Continue reading →

The numerous challenges of 2020 have proved to be fertile ground for ransomware attacks, with the number up by nine percent compared to the first quarter and by 59 percent compared to the second quarter of 2019.

The latest Threatscape report from Positive Technologies shows that 16 percent of phishing attacks took advantage of COVID-19 concerns, and there is also evidence that ransomware operators have started cooperating with each other.

Continue reading →

We're all familiar with the menace of phishing but, particularly following the recent Twitter attack, other methods of stealing credentials have been on the rise.

These include 'smishing' (phishing via SMS) and 'vishing' (phishing by voice call). We spoke to Ed Bishop, CTO at email security company Tessian to find out how businesses can identify vishing and smishing attacks, how the attacks work, and how companies can protect their employees.

Continue reading →

In yet another example of cybercriminals exploiting world events, the frequency of phishing threats has risen considerably since the start of the pandemic, with companies experiencing an average of 1,185 attacks every month.

New research from GreatHorn reveals that more than half (53 percent) of over 300 IT professionals surveyed by Cybersecurity Insiders say they had witnessed an increase in phishing activity since the start of the COVID-19 pandemic.

Continue reading →

Researchers at cloud security platform Armorblox have uncovered a phishing attack that seeks to steal Office 365 login credentials.

So far, so predictable. The clever twist here though is that the initial page victims are taken to via the email link is hosted on cloud file sharing service Box, followed by a credential phishing page that resembles the Office 365 login portal.

Continue reading →

Phishing is a problem that shows no signs of going away and indeed the COVID-19 pandemic has seen a new raft of malware and fraudulent emails seeking to trick the unwary.

Edison Software is launching a new AI-based email security subscription plan that can be added to the Edison Mail iOS app to help combat the threat.

Continue reading →

Researchers at F-Secure have uncovered a targeted, advanced attack on a cryptocurrency organization which they have linked to the Lazarus Group, and believe is part of a global, and financially motivated, hacking campaign.

Lazarus has been linked to the now infamous WannaCry attacks of 2017. This latest report identifies the tactics, techniques, and procedures (TTPs) used during the attack, such as spearphishing via a service (in this case, using LinkedIn to send a fake job offer tailored to the recipient’s profile).

Continue reading →

Email is still the favored attack vector for cybercriminals, with recent research from GreatHorn showing that a third of IT professionals are dealing with attacks every day.

In order to bolster defences the company is launching an update to its security platform offering visibility across the entire email security stack with intelligent phishing detection and response capability.

Continue reading →

A new report from email security and cyber resilience company Mimecast, released to coincide with this year's virtual Black Hat conference, reveals that threat actors are motivated by monetary gain more than stealing data or intellectual property.

It also finds that COVID-19 continues to be a major theme in current attacks, especially in certain sectors, and that opportunistic and malware-based campaigns are being launched at volumes never seen before, with manufacturing, retail/wholesale, finance/insurance, and media and publishing being the hardest hit.

Continue reading →

The DMARC standard for email verification has been around for several years. Domain-based Message Authentication, Reporting and Conformance has the potential to rebuild trust in email communications plagued by spam and phishing.

Google's announcement this week that it's about to start piloting the display of authenticated brand logos in Gmail could mark the start of the technology's mainstream adoption.

Continue reading →