Phishing threats tend to be fast moving, so the ability to block them quickly is essential for protection.

But a new survey finds that even large companies with multi-layer security controls and multiple threat feeds lack adequate safeguards to protect their employees from phishing attacks that employ links to malicious sites.

As we have seen in another report today, the financial sector remains a prime target for cybercriminals. Phishing attacks and credential stuffing are the two most common forms of attack used against the industry according to another report from Akamai.

In the six months between December 2018 and May 2019, nearly 200,000 phishing domains were discovered by the research and 50 percent of all unique organizations impacted are from the financial services sector.

In the past three months 22 percent of businesses have suffered a data breach as a result of an email attack according to a new report.

The study released by email security platform GreatHorn spoke to more than 1,000 professionals to get a better understanding of the current state of enterprise email security.

You might think that cyber attacks are a constant year round activity, or perhaps that they are focused on peak shopping periods like Christmas. But a new study from threat protection specialist Lastline reveals many security professionals believe their organizations are more at risk in summer.

In a survey of 1,000 security professionals more than half believe cyber attacks are seasonal and 58 percent of those (30.5 percent overall) say that they see more attacks during the summer months.

Impersonating a company's CEO or other senior executive has become a favorite technique for cybercriminals seeking to extract payments from businesses.

Historically this has been aimed at accounts payable departments, but the latest email threat report from FireEye shows attackers using two new variants to target payroll and supply chains.

We know that phishing attacks are gaining in sophistication and are one of the most popular ways of hackers and cybercriminals gaining access to an organization's systems.

But this type of attack is notoriously difficult to guard against using technology and employee awareness is a big part of any business' defense strategy. This is underlined by a new report from awareness training company KnowBe4 which looks at the level of risk and finds that 29.6 percent of organizations are 'phish-prone'.

At least 3.4 billion fake emails are sent around the world every day, according to a new report from email verification company Valimail, with the majority of suspicious emails coming from US-based sources.

The report shows that email impersonation -- accounting for 1.2 percent of all email sent in the first quarter of 2019 -- is a phishing attacker's primary weapon to gain access into an organization's network, systems, intellectual property and other sensitive assets.

Despite businesses investing in next-gen technologies, phishing threats continue to become more sophisticated and effective according to a new report.

The study from intelligent phishing defense company Cofense shows how threat actors, armed with an ever-growing arsenal of tactics and techniques, continue to tweak their campaigns and enhance their capacity to deliver malware, ultimately getting more messages past perimeter controls to user inboxes.

Social media phishing, primarily on Facebook and Instagram, has seen a 74.7 percent increase in the first quarter of 2019.

A new report on the current phishing landscape from predictive email defense company Vade Secure also shows that Microsoft has retained its spot as the most impersonated brand for four straight quarters, due to the potentially lucrative returns to be gained from Office 365 credentials.

According to a new study analyzing more than 55 million emails, 25 percent of phishing emails bypass Office 365 security, using malicious links and attachments as the main vectors.

Other findings of the report from cloud-native security firm Avanan include that 33 percent of emails contain a link to a site hosted on WordPress and 98 percent of emails containing a crypto wallet address are phishing attacks.

Payday should be a pleasurable time of the month, but thanks to a new spear phishing campaign, some employees are losing their pay checks to cybercriminals.

Email defense specialist Vade Secure uncovered the attack in which criminals initiate an email conversation with HR staff to get them to change bank details for receiving direct payroll payments.

With 155 million corporate users, the highly popular Microsoft Office 365 has become a target-rich environment for sophisticated phishing attacks. On top of all the standard phishing and spear phishing threats, Office 365 presents a number of unique attack techniques for hackers looking to compromise the platform.

Microsoft is the number one phished brand for the third straight quarter -- thanks to Office 365. A multisystem platform, Office 365 combines email, file storage, collaboration, and productivity applications, including OneDrive and SharePoint. Together, they represent a honeypot of sensitive data and files that phishers are looking to exploit.

Phishing is a major problem for large organizations, but while there are standards to authenticate email and prevent phishers from spoofing domains with fake emails, a majority of companies have not made full use of them.

The tech sector has moved faster than some but while they are beginning to implement protection many companies in this sector are still at an early stage with the result that 90 percent are still vulnerable to impersonation.

An increasingly common -- and frankly rather annoying -- feature of many commercial websites is the little chat box that pops up in the bottom right corner and asks if you need any help.

Security researcher Michael Gillespie has revealed that an Office 365 phishing site is using this live support technique to give its page an air of legitimacy.

A Nigeria-based gang of scam artists, known as Scarlet Widow, have been using romance scams to trick victims out of large amounts of cash.

Secure email company Agari has uncovered the scam which involves posting fake personas on the largest dating websites like Match, eHarmony, and OKCupid.