Archive for the ‘Phishing’ Category

The 5 most common types of phishing attack

Phishing is among the biggest cyber threats facing organisations. According to Proofpoint’s 2021 State of the Phish Report, more than 80% of organisations fell victim to a phishing attack last year. One of the most frustrating things about this is that most people know what phishing is and how it works, but many still get caught […]

Leave a Comment

1000s of phishing emails sent from NHS inboxes

New research from the email security firm Inky has revealed that more than 1000 emails were sent from NHS inboxes over a six month period. The firm has claimed that the campaign, beginning October 2021, escalated “dramatically” in March of this year. After the findings were reported to the NHS on April 13, Inky reported that the […]

Leave a Comment

Phishing goes KISS: Don’t let plain and simple messages catch you out!

We’re sure you’ve heard of the KISS principle: Keep It Simple and Straightforward. In cybersecurity, KISS cuts two ways. KISS improves security when your IT team avoids jargon and makes complex-but-important tasks easier to understand, but it reduces security when crooks steer clear of mistakes that would otherwise give their game away. For example, most of the phishing scams we […]

Leave a Comment

Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors

Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. Cybercriminals are leveraging advanced tactics in their phishing-kits granting them a high delivery success rate of spoofed e-mails which contain malicious attachments right before the end of the 2021 IRS income tax return deadline in the […]

Leave a Comment

Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing

The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of an ongoing spear-phishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. The Ukrainian agency attributes the campaign to the Belarus-linked cyberespionage group tracked as UNC1151. In mid-January, […]

Leave a Comment

How to Detect Phishing Mails and Websites

Concerning e-mails, pay attention to the following features: Impersonal form of address:The sender of the e-mail does not know your correct name. The mail begins with “Dear costumer” instead of “Dear Mrs. / Mr. XY”. Perhaps you name is inserted, but misspelled. The sender is using threads:The sender threatens you, e.g. “if you don’trefresh your […]

Leave a Comment

Analyzing Phishing attacks that use malicious PDFs

Cybersecurity researchers Zoziel Pinto Freire analyzed the use of weaponized PDFs in phishing attacks Every day everybody receives many phishing attacks with malicious docs or PDFs. I decided to take a look at one of these files. I did a static analysis and I went straight to the point to make this reading simple and fast. Here […]

Leave a Comment

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last year. Microsoft revealed that Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks last year. The IT giant added has blocked more than 25.6 billion Azure AD […]

Leave a Comment

How phishing kits are enabling a new legion of pro phishers

It’s no wonder then that so many use phishing as their default attack method. Malicious emails can be used to reach many targets with relative ease, and criminals can purchase ready-made phishing kits that bundle together everything they need for a lucrative campaign. After analyzing three months of phishing email traffic, we found that most attacks follow […]

Leave a Comment

How Coinbase Phishers Steal One-Time Passwords

A recent phishing campaign targeting Coinbase users shows thieves are getting smarter about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to sign up for new Coinbase accounts by the millions as part of an effort to identify email addresses that are already associated with active accounts. Coinbase […]

Leave a Comment

Cybersecurity awareness month: Fight the phish!

It’s the second week of Cybersecurity Awareness Month 2021, and this week’s theme is an alliterative reminder: Fight the Phish! Unfortunately, anti-phishing advice often seems to fall on deaf ears, because phishing is an old cybercrime trick, and lots of people seem to think it’s what computer scientists or mathematical analysts call a solved game. Tic-tac-toe (noughts and […]

Leave a Comment

Hackers Are Going ‘Deep-Sea Phishing,’ So What Can You Do About It?

Nick Kael, CTO at Ericom, discusses how phishing is gaining sophistication and what it means for businesses. Hackers are upping their game, using an approach I call “Deep Sea Phishing,” which is the use of a combination of the techniques described below to become more aggressive. To keep pace, cybersecurity innovators have been working diligently […]

Leave a Comment

Phishing Staff Awareness Training

Microsoft has been warning of a “widespread” phishing campaign in which fraudsters use open redirect links to lure users to malicious websites to harvest Office 365 and other credentials. ITG Phishing Staff Awareness Training Program educates your staff on how to respond to these types phishing attacks 📧 Phishing Staff Awareness E-Learning Course

Leave a Comment

Men, Executives Pose Higher Cybersecurity Risk

When it comes to online behaviors, women are far safer than men, according to a wide-ranging survey from SecurityAdvisor. Despite the fact that women made up 42% of the sample data, they account for 48% of the top safe users and only 26% of risky users. Men, on the other hand, account for 74% of risky […]

Leave a Comment

Crooks use Telegram bots and Google Forms to automate phishing

Group-IB, a global threat hunting and adversary-centric cyber intelligence company, has found that cybercriminals increasingly often use legitimate services such as Google Forms and Telegram to obtain user data stolen on phishing websites. Alternative ways to obtain data help cybercriminals keep it safe and start using the information immediately. In addition, ready-to-go platforms that automate phishing and which are available on […]

Leave a Comment

Catches of the month: Phishing scams for March 2021

Leave a Comment

How to Keep your Company safe from Phishing Attacks

Leave a Comment

Security Awareness – Phishing and Ransomware

Leave a Comment

Key 2021 Insights: Proactive Security Needed for Ransomware, Phishing

Healthcare leaders will need to shift into a proactive security approach into 2021, if they hope to defend against the onslaught of ransomware and phishing threats. The ransomware surge during the last few months has already continued into 2021. And though the malware will remain a key trend into this year, healthcare industry stakeholders will need […]

Leave a Comment

SMS phishing scam pretends to be Apple “chatbot” – don’t fall for it!

If you got someone else’s “free offer” in what looked like a misdirected message, would you take a peek? Dear Christopher, we have your packet in queue. Address: Londonderry, Ballynagard crescent http COLON SLASH SLASH xxxxxxxx DOT com SLASH zzzzzzz The message is meant to look as though it was sent to the wrong number, […]

Leave a Comment