Group-IB, a global threat hunting and adversary-centric cyber intelligence company, has found that cybercriminals increasingly often use legitimate services such as Google Forms and Telegram to obtain user data stolen on phishing websites. Alternative ways to obtain data help cybercriminals keep it safe and start using the information immediately. In addition, ready-to-go platforms that automate phishing and which are available on […]

Healthcare leaders will need to shift into a proactive security approach into 2021, if they hope to defend against the onslaught of ransomware and phishing threats. The ransomware surge during the last few months has already continued into 2021. And though the malware will remain a key trend into this year, healthcare industry stakeholders will need […]

If you got someone else’s “free offer” in what looked like a misdirected message, would you take a peek? Dear Christopher, we have your packet in queue. Address: Londonderry, Ballynagard crescent http COLON SLASH SLASH xxxxxxxx DOT com SLASH zzzzzzz The message is meant to look as though it was sent to the wrong number, […]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released an alert about phishing attacks targeting various government organizations to steal logins for the Small Business Administration COVID-19 loan relief accounts. In a newer phishing attack that started in August, security researchers saw the threat actor using convincing tricks to fool potential victims into […]

Twitter shared an update in a blog post and tweets Thursday night. Source: Twitter says a spear phishing attack led to the huge bitcoin scam Twitter Says It Knows How Hackers Gained Access What is spear phishing? Phishing Scams Download a Security Risk Assessment Steps paper! Subscribe to DISC InfoSec blog by Email Take an […]

Cybercriminals create fake websites, malicious emails, text message or phone calls to trick people into clicking on links or revealing sensitive information. Source: 10 Ways to Identify a Phishing site | The PC Hero Phishing Attack Example – How to Spot a Scam Email Phishing Scam Download a Security Risk Assessment Steps paper! Subscribe to […]

Welp, at least that’s better than industry averages, says code-hosting biz Source: To test its security mid-pandemic, GitLab tried phishing its own work-from-home staff. 1 in 5 fell for it The mock attack simulated a targeted phishing campaign designed to get GitLab employees to give up their credentials. The GitLab Red Team – security personnel […]

Q3 2019 Top-Clicked Phishing Email Subjects from KnowBe4. Users continue to fall for LinkedIn, Facebook, and security-minded messages. See the full report! Source: Q3 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC] This is what happens when you reply to spam email | James Veitch How to Spot a Phishing Email I Fortune Anatomy of […]

Security Awareness writer Keil Hubert describes a mysterious email message that could well have been an insidiously clever spear phishing attack. Source: A guide to phishing emails and how they work -TEISS® : Cracking Cyber Security This is what happens when you reply to spam email  Subscribe in a reader

Cybercriminal group Carbanak has stolen hundreds of millions of dollars from financial institutions. Here’s a detailed analysis by Bitdefender of an attack on one bank. Source: From phish to network compromise in two hours: How Carbanak operates

Anatomy of a spear phishing attack You may be wondering what it takes to send this type of attack. This is not trivial, and can only be done by someone trained in advanced hacking techniques. We will first take a look at the steps required to send an attack, and then we’ll look at steps […]

Stay out of the phishing net with these actionable tips – here’s how you can detect and prevent phishing attacks. Source: The ABCs of Detecting and Preventing Phishing  

UK-based Fidus Information Security was targeted by angler phishing Source: How a Security Vendor Tricked Social Media Phishers Phishing Scam Subscribe to DISC InfoSec blog by Email

Google Alphabet incubator Jigsaw says knowing how to spot a phish plus two-factor authentication are the best defenses against falling for a phishing email. Source: Google Creates Online Phishing Quiz Phishing Scam Subscribe to DISC InfoSec blog by Email

10 most clicked phishing email subject lines  Luke Irwin   Ironically, the most successful phishing emails of Q3 2017 told recipients that they had been victims of a data breach. This finding comes from a report from KnowBe4 that investigated the most effective phishing email subject lines. The report looked at tens of thousands of emails from simulated […]