Articles about Phishing

According to a new study analyzing more than 55 million emails, 25 percent of phishing emails bypass Office 365 security, using malicious links and attachments as the main vectors.

Other findings of the report from cloud-native security firm Avanan include that 33 percent of emails contain a link to a site hosted on WordPress and 98 percent of emails containing a crypto wallet address are phishing attacks.

Continue reading →

Payday should be a pleasurable time of the month, but thanks to a new spear phishing campaign, some employees are losing their pay checks to cybercriminals.

Email defense specialist Vade Secure uncovered the attack in which criminals initiate an email conversation with HR staff to get them to change bank details for receiving direct payroll payments.

Continue reading →

With 155 million corporate users, the highly popular Microsoft Office 365 has become a target-rich environment for sophisticated phishing attacks. On top of all the standard phishing and spear phishing threats, Office 365 presents a number of unique attack techniques for hackers looking to compromise the platform.

Microsoft is the number one phished brand for the third straight quarter -- thanks to Office 365. A multisystem platform, Office 365 combines email, file storage, collaboration, and productivity applications, including OneDrive and SharePoint. Together, they represent a honeypot of sensitive data and files that phishers are looking to exploit.

Continue reading →

Phishing is a major problem for large organizations, but while there are standards to authenticate email and prevent phishers from spoofing domains with fake emails, a majority of companies have not made full use of them.

The tech sector has moved faster than some but while they are beginning to implement protection many companies in this sector are still at an early stage with the result that 90 percent are still vulnerable to impersonation.

Continue reading →

An increasingly common -- and frankly rather annoying -- feature of many commercial websites is the little chat box that pops up in the bottom right corner and asks if you need any help.

Security researcher Michael Gillespie has revealed that an Office 365 phishing site is using this live support technique to give its page an air of legitimacy.

Continue reading →

A Nigeria-based gang of scam artists, known as Scarlet Widow, have been using romance scams to trick victims out of large amounts of cash.

Secure email company Agari has uncovered the scam which involves posting fake personas on the largest dating websites like Match, eHarmony, and OKCupid.

Continue reading →

An analysis of phishing attacks in the final quarter of 2018 reveals the majority of attacks showed an increase in target personalization, making them considerably more difficult to detect.

The study by email protection start up INKY shows 12 percent of phishing attacks in the period took the form of corporate VIP impersonations, 10 percent were sender forgery and six percent were via corporate email spoofing.

Continue reading →

If you're anything like me, you probably inwardly roll your eyes -- or laugh outright -- when you hear of someone falling for a phishing scam. Surely you'd have to be a certified idiot to be taken in by one of these, right?

You may have avoided falling victim up until now, but maybe that's been more through luck than good judgement. Or perhaps you really do think you could spot a phishing scam at a hundred paces. If you think you're up to it, why not put yourself to the test and take Google's phishing quiz?

Continue reading →

Security awareness training company KnowBe4 has put together its latest list of the most-clicked phishing subject lines.

Popular categories for phishing messages include, deliveries, passwords, company policies, vacations and IT department. Other popular keywords are, Amazon, Wells Fargo and Microsoft.

Continue reading →

Cybercriminals are increasingly recognizing that smaller businesses can be be lucrative targets as they are able to devote less resources to security.

Phishing defense specialist Cofense is launching a new Managed Security Service Provider (MSSP) program aimed at providing SMBs with human-driven solutions designed to stop active phishing attacks.

Continue reading →

It used to be easy to spot a phishing email, you just looked out for bad grammar and URLs that clearly didn't correspond to the organization being impersonated.

Recently though they've become harder to detect. According to the latest Global Threat Report from Comodo Cybersecurity, phishing really is getting better and it now represents one in every 100 emails received by enterprises.

Continue reading →

Businesses should expect to see a spike in potential cyberattacks starting with Black Friday and Cyber Monday and continuing throughout the holiday shopping season, according to a new report.

The report from predictive security specialist Carbon Black shows that global organizations encountered a 57.5 percent increase in attempted cyberattacks during the 2017 holiday shopping season.

Continue reading →

There has been an increase in the use of .com extensions in phishing emails that target financial service departments, according to a new analysis.

In October alone, anti-phishing company Cofense Intelligence analyzed 132 unique samples with the .com extension, compared to only 34 samples analyzed in the nine months before. Four different malware families were utilized.

Continue reading →

People are often the weakest link in the IT security chain and hackers are keen to exploit this with ever more sophisticated attacks.

Predictive email defense specialist Vade Secure is launching a new anti-phishing solution that helps security operations centers identify and block targeted phishing attacks.

Continue reading →

A new survey of cybersecurity decision-makers shows that most companies lack adequate safeguards against phishing threats and many don't fully understand the risks or how widespread the threat is.

The survey from phishing site detection company SlashNext reveals that 95 percent of respondents underestimate how frequently phishing is used at the start of attacks to successfully breach enterprise networks.

Continue reading →