Articles about Phishing

The first quarter of 2023 has seen a significant increase in cyberattacks looking to exploit trust in established tech brands like Microsoft and Adobe.

A new report from Avast also finds a 40 percent rise in the share of phishing and smishing attacks over the previous year. Overall, two out of three threats people encounter online now seek to use social engineering techniques, taking advantage of human weaknesses.

Continue reading →

U.S. taxpayers beware! Tax scams and malware attacks are running rampant as we approach this year's tax deadline -- mostly driven by phishing scams.

With the looming April 18 US tax deadline, cybercriminals have sprung into action. For one, a devious Emotet malware phishing campaign has been launched, masquerading as official W-9 tax form emails sent from the Internal Revenue Service (IRS) and companies that may be connected to your work life. A malicious group known as Tactical#Octopus is also on the prowl and looking to spread malware through fake file downloads claiming to be related to taxes.

Continue reading →

Phishing attack volumes increased by 102 percent in the first quarter of 2023 according to a new report from email security and threat detection company Vade.

In the first quarter of this year Vade detected 562.4 million phishing emails, passing the previous quarter's total by 284.8 million. January accounted for the highest volume of phishing emails in Q1 with 488.5 million.

Continue reading →

Business Email Compromise attacks increased dramatically last year with a 72 percent rise year-on-year over 2021.

The 2023 Email Security Threat Report from Armorblox shows high volumes of language-based and socially engineered attacks targeting organizations of all sizes and across industries.

Continue reading →

New research from cybersecurity AI company Darktrace shows a 135 percent increase in social engineering attacks using sophisticated linguistic techniques, including increased text volume, punctuation, and sentence length, and with no links or attachments.

This trend suggests that generative AI tools, such as ChatGPT, are enabling threat actors to craft sophisticated and targeted attacks at speed and at scale.

Continue reading →

A new report shows that 2022 saw a 569 percent increase in malicious phishing emails and a 478 percent increase in credential phishing-related threat reports published.

The report from Cofense also looks at emails bypassing SEGs and hitting users' inboxes and highlights that delivery methods for carrying out phishing campaigns continue to keep up with the advancement of technology. Cofense has witnessed a continued blending of tactics to make detection and mitigation even more difficult for organizations.

Continue reading →

As news of Silicon Valley Bank’s (SVB) collapse continues to dominate the headlines, cybercriminals are running phishing campaigns impersonating SVB and other financial institutions, including M-F-A and Bloomberg.

Responding quickly to the 24-hour news cycle, cybercriminals aim to leverage their victims’ potential distress over their financial situation to make them more susceptible to this type of attack.

Continue reading →

There's been a fair bit of hype recently surrounding the potential for ChatGPT and similar tools to be used for creating phishing campaigns, eliminating the typos and other errors that are the giveaways of a scam.

However, new research from Hoxhunt suggests that AI might not be quite so good at going phishing after all.

Continue reading →

With 70 percent of government workers reporting that they work virtually at least some of the time, a new survey shows some worrying trends.

The report from Ivanti finds five percent of government workers have fallen victim to a phishing attempt. However, 34 percent don't believe their actions impact their organization's ability to stay safe.

Continue reading →

Threat protection company Vade has released its latest Phishers' Favorites report for 2022 which finds that financial services is the most impersonated industry, accounting for 34 percent of phishing pages as attackers continue to follow the money.

There are also seven finance brands in the top 20, with PayPal, MTB, Crédit Agricole, and La Banaque Postale all securing a spot in the top 10.

Continue reading →

The latest Annual Trends Report from Jamf, based on a sample of 500,000 devices protected by the company's technology, looks at the threats impacting devices used in the modern workplace and finds social engineering tops the list.

The combination of an increasingly distributed workforce with the relative ease with which bad actors can carry out phishing campaigns, leads to the leakage of user credentials. In 2022, 31 percent of organizations had at least one user fall victim to a phishing attack.

Continue reading →

According to data from Lookout, 2022 has seen the highest percentage of mobile phishing encounter rates ever, with an average of more than 30 percent of personal and enterprise users exposed to these attacks every quarter.

Since 2021, mobile phishing encounter rates have increased by around 10 percent for enterprise devices and more than 20 percent for personal devices.

Continue reading →

Reddit has fallen victim to a security incident that has been described as a "sophisticated and highly-targeted phishing attack". Hackers targeted employees of the site a few days ago, and were able to gain access to "some internal documents, code, and some internal business systems".

The unknown attackers sent Reddit employees "plausible-sounding prompts" leading to a website that cloned the behavior of the company's intranet gateway. While able to use an employee's credentials to steal data and code, user accounts are not affected.

Continue reading →

Phishing emails usually try to trick the user into opening an attachment or visiting a website. Often this is by instilling a sense of urgency -- telling you your account is about to expire, for example.

Researchers at NordVPN have uncovered a new tactic involving email birthday cards. After all, if it's your birthday and you've opened several eCards already you're not going to think there's anything phishy about another one.

Continue reading →

Phishing volumes increased 36 percent, with 278.3M unique phishing emails in the fourth quarter of 2022, while malware volumes increased 12 percent QoQ, accounting for 58.9M emails, in the same period.

The latest Phishing and Malware Report from Vade shows the company detected 278.3 million unique phishing emails in Q4, surpassing the previous quarter’s total by 74.4 million. December saw the biggest jump in phishing emails, up 260 percent, as threat actors tried to cash in on the holiday period, this echoes a similar pattern at the end of 2021.

Continue reading →