Articles about Phishing

Email is often cited as the technology that made the internet essential for businesses. You would have thought by now that something else would have come along to replace it in our affections, but the popularity of email shows no sign of waning.

A new infographic from email authentication company ValiMail shows that 98.5 percent of people check their email daily and spend as much as six hours doing so.

Continue reading →

Protecting against data breaches is always better than dealing with their aftermath. And since phishing is still one of the most popular attack methods businesses and employees need to be alert to the risks.

Authentication specialist Duo Security is launching a new, free tool to let IT teams run internal phishing simulations and assess their vulnerability to such attacks.

Continue reading →

Out of 300 IT professionals attending the Infosecurity Europe conference, almost half (49 percent) believe their CEO has fallen victim to a targeted phishing attack.

The results have been published in a new paper by unified security management and crowd-sourced threat intelligence company, AlienVault.

Continue reading →

Microsoft has changed the way it displays malware warnings in its search engine Bing to help users distinguish between the various forms of attacks that can appear in its searches.

The company has decided to replace its generic warning for websites that could be potentially dangerous for users, and instead offer separate warnings for sites that are known to contain malware and phishing sites.

Continue reading →

Hotels represent rich pickings for cyber criminals. There's the potential to steal information from large numbers of customers with consequent financial gains.

Researchers at Panda Security have issued a report showing the major attacks targeted against hotel chains in 2015.

Continue reading →

As the April 18 deadline for submitting individual and company tax returns in the US approaches, many people will be rushing to submit their information and this makes it a major opportunity for cyber criminals.

The run up to the deadline is likely to see millions of phishing emails sent to consumers and businesses. These will be trying to grab social security numbers, paycheck stubs, bank accounts, passwords, IDs and other key pieces of personal and professional information, using fake web sites and fraudulent emails that masquerade as official government collection agencies.

Continue reading →

Victims of online fraud are to blame for their misfortune and should not be rewarded with a refund for money they lose. This is the view of UK Metropolitan police commissioner Sir Bernard Hogan-Howe who says that banks should not pay money lost to online fraud as the victims have not taken their security seriously.

Rather than offering refunds to customers, banks should instead be encouraging them to use stronger password, keep antivirus software up to date, and generally be more careful. It's a view that’s certainly going to prove controversial and raises the question of whether the carrot or the stick is the best approach to tackling online fraud.

Continue reading →

Companies seem to get compromised on a regular basis and, for the most part, it's security holes in their systems. But user error can also be blamed in some cases -- an errant click on an email attachment can unleash all matter of headaches for an IT department.

Such seems to be the case now with Seagate as reports are emerging of a loss of employee data that came via a phishing scam.

Continue reading →

Signature-based security could be virtually useless as 97 percent of malware is unique to a specific endpoint says a new report.

This is among the findings of the latest annual Webroot Threat Brief which shows that today's threats are truly global and highly dynamic. Many attacks are staged, delivered, and terminated within a matter of hours, or even minutes, having harvested user credentials and other sensitive information.

Continue reading →

Hackers are constantly seeking new ways to attack systems and gain insider access to data. A new survey from IT security company Balabit reveals the 10 most popular hacking methods to help companies understand how to protect themselves.

The survey of almost 500 IT security practitioners reveals that social engineering is the most popular means of attack. Hackers aim to get a 'low level' insider user account by means of phishing and escalate its privileges.

Continue reading →

According to a new report from security awareness specialist Wombat Security phishing attacks are on the rise and are supported by increasingly aggressive social engineering practices that make them more difficult to prevent.

Organizations surveyed indicated they have suffered malware infections (42 percent), compromised accounts (22 percent), and loss of data (4 percent) as a direct result of successful phishing attacks.

Continue reading →

A new malware campaign is aiming specifically at businesses and consumers using the WhatsApp mobile messaging service.

Uncovered by researchers at Comodo Labs the campaign uses emails masquerading as WhatsApp content. These have an attached zip file containing a malware executable.

Continue reading →

With the approach of the holiday season there's a spike in online shopping which means many people will be expecting the delivery of packages.

This of course is a window of opportunity for cyber criminals looking to steal personal information. It's perhaps not surprising then that Comodo Antispam Labs has identified a new global phishing threat, targeted at businesses and individuals who use DHL shipping.

Continue reading →

Online attacks take a number of forms, and phishing is one of the more recent problems. Chrome has long featured Safe Browsing to notify people when they visit potentially dangerous websites, and today Google announces that the feature is growing to include social engineering.

Google describes social engineering as being a much broader category than traditional phishing. Typical examples include sites that trick visitors into imparting passwords or credit card details, and those which purport to be an official website when they are in fact malicious. The Safe Browsing expansion offers protection against a range of social engineering attacks that Google provides examples of.

Continue reading →

A new phishing threat is targeting businesses and consumers with Apple IDs in an effort to steal IDs, passwords and credit card information.

The attack has been identified by Comodo Antispam Labs and looks like an official Apple email. It has the Apple logo and includes Apple's physical address, as well as an email address that, at a quick glance, appears to to be from Apple -- giving the recipient the illusion of the message being authentic.

Continue reading →