Articles about Phishing

The need to protect remote working is exercising many organizations at the moment. Abnormal Security is launching a new Microsoft Teams Protection product to help guard the platform against social engineering attacks.

It automatically detects suspicious messages sent within a customer's Microsoft Teams environment, lowering the risk of phishing attacks infiltrating internal Teams communication channels.

Continue reading →

While many industries are struggling to continue during the lockdown, the cybercrime business is gearing up to exploit the economic stimulus and relief payments being offered around the world.

Researchers at Check Point have seen COVID-19 related cyberattacks rise to an average of 14,000 a day this month, which is six times the average number of daily attacks compared to March.

Continue reading →

A new study from Check Point Research highlights the brands which are most frequently imitated by criminals in attempts to steal individuals' personal information or payment credentials.

The Brand Phishing Report for the first quarter of this year shows Apple was the brand most frequently imitated, up from seventh place in the final quarter of 2019.

Continue reading →

It's not unusual for phishing attacks to focus their efforts on major events. The end of the tax year is always popular as are major sporting occasions. The latest lure of course is the current COVID-19 pandemic.

The problem for IT admins is how to protect against a sudden deluge of threats and spam messages while ensuring that important legitimate communications aren't accidentally blocked.

Continue reading →

With phisherfolk ever keen to cash in at the end of the tax year, a new study has analyzed the public DNS records for 200 domains likely to be impersonated for tax fraud and finds that 78 percent are not adequately protected.

The research from email security company Valimail looked at Fortune 100 businesses, US states' departments of revenue, federal tax agencies and well-known tax preparation services.

Continue reading →

The upcoming US presidential election is wrought with emotions. That makes it the perfect ruse for email scams targeting citizens, politicians, and government organizations. While election phishing is the top concern, there are a host of other scams that are making the rounds.

Your favorite politician -- or the one you’re most likely to vote for -- needs money to successfully run their campaign. Hackers are relying on our devotion not only to politicians but to our affiliated political party to lure us into a trap.

Continue reading →

Predictive email defense company Vade Secure has released a new report ranking the top 25 brands most impersonated in phishing attacks.

The report covering the final quarter of 2019 shows PayPal is the top brand impersonated by cybercriminals for the second quarter in a row, with Facebook taking the number two spot and Microsoft coming in third.

Continue reading →

Using analysis of the last three year's worth of data breach information from the UK's Information Commissioner's Office (ICO), cyber security awareness platform CybSafe has revealed that phishing breaches have jumped significantly.

In 2019, UK organizations reported more cyber security breaches to the ICO than ever before. A total of 2,376 reports were sent to the public body last year, up from 540 in 2017, and 1,854 reports in 2018.

Continue reading →

Some phishing emails are easy to spot: the spelling is bad, the spoofed email is clearly a fake, and the images are too warped to have possibly been sent by a reputable brand. If you receive one of these low-quality phishing emails, you’re lucky. Today’s phishing emails are extremely sophisticated, and if you’re not well trained to spot one, you probably won’t.

Email filters have long relied on fingerprint and reputation-based threat detection to block phishing emails. A fingerprint is essentially all the evidence a phisher leaves behind -- a signature that, once identified, will be recognized on future phishing attempts and the phishing email or webpage blocked. Examples of a fingerprint include the header, subject line, and HTML.

Continue reading →

As cybercriminals become more sophisticated, spotting phishing emails is increasingly difficult. Even if a user reports something suspicious to the IT security team it can take time to analyze it before others can be warned.

Security automation specialist LogicHub is launching its Autonomous Phishing Triage, which automatically and accurately analyzes and classifies emails with 97 percent accuracy, reducing the number of alerts requiring human analysis by 75 percent or more.

Continue reading →

We know that cybercrime is increasingly a very serious business and a new report from Akamai Technologies reveals that enterprise-based development and deployment strategies are being used to create phishing attacks.

Tools such as phishing as a service (PaaS) are being used to leverage some of the world's largest tech brands, with 42.63 percent of domains observed targeting Microsoft, PayPal, DHL, and Dropbox.

Continue reading →

The personal data of nearly 7.5 million Adobe Creative Cloud users was exposed earlier this month when an unsecured database was discovered online.

The database, which could be accessed by anyone without the need for a username or password, included information such as email addresses, member IDs and payment status. People accessing the database were also able to see which Adobe products were used by individuals, the country they live in, and whether they are Adobe employees.

Continue reading →

Phishing attacks have become commonplace to the point where we almost take them for granted. From the cybercriminal's point of view they are popular because they work.

But what are the origins of phishing and how has it developed? Email security specialist Anavan has put together an infographic looking at the history and future of the threat.

Continue reading →

Nearly a quarter of malicious URLs are being hosted on trusted domains, as hackers know trusted domain URLs raise less suspicion among users and are more difficult for security measures to block.

This is one of the findings of the latest Webroot threat report which also shows 29 percent of detected phishing web pages use HTTPS as a method to trick users into believing they're on a trusted site via the padlock symbol.

Continue reading →

With nearly 151 million users worldwide, Netflix is the #1 streaming service in the world. It also has the distinction of being the most impersonated by hackers. For cybercriminals, Netflix phishing is a lucrative business. While other streaming services, including HBO NOW and Spotify, are also on the receiving end of phishing attacks, none comes close to Netflix.

Netflix’s 155 million subscriber base offers a lucrative supply of personal information, contributing to its favorability with phishers. In Vade Secure's quarterly Phisher’s Favorites report for Q2 2019, Netflix was the 4th most impersonated brand in phishing attacks, with 8.2 percent quarter-over-quarter growth in Q2 2019.

Continue reading →