Items tagged with Phishing
Cloudflare says that it was hit by the same smishing (sms phishing) attack that recently resulted in a user data breach at Twilio. However, unlike Twilio, Cloudflare managed to prevent the attack from escalating to a data breach thanks to its strong security measures. While the attackers managed to steal login...
Read more...
If we’ve learned anything from reporting on phishing attacks, it’s that no company, organization, or institution is immune from becoming the victim of one. Even the US Department of Defense recently fell victim to a $23.5 million phishing scam. If anything, larger organizations simply make for larger and more...
Read more...
Malware campaigns employ different techniques to smuggle malicious software onto computing devices without the notice of users or anti-virus systems. Threat actors who develop and distribute malware frequently rely on various forms of mimicry to take advantage of users’ trust in legitimate websites, services, and...
Read more...
While malware and phishing are two different kinds of cyberattacks, threat actors sometimes use both methods in malicious campaigns. A threat actor known as Roaming Mantis appears to be doing exactly that in a new campaign documented by researchers at the cybersecurity firm SEKOIA. Roaming Mantis has previously...
Read more...
Phishing attacks employ various methods to trick users into handing over sensitive information, such as login credentials. Over time, as users have become more suspicious and email clients, web browsers, and IT departments have implemented anti-phishing measures, scammers have had to get creative and devise more...
Read more...
Popular portrayals of hackers tend to show them as computer geniuses who use their elite technical skills to breach computer systems. However, in real life, bad actors often don’t bother to directly hack computer systems when they can access those same systems by hacking people instead. People are often willing to...
Read more...
It’s a new week, and there’s another proof of concept for a phishing technique. Last week, we covered a phishing technique for hijacking WhatsApp accounts, and the week before that we reported on a phishing campaign targeting Intuit QuickBooks users. This new proof of concept leverages an established phishing...
Read more...
WhatsApp, the messaging app owned by Meta that employs the end-to-end encryption Signal Protocol, is massively popular worldwide. The app boasts more than 2 billion users, which is over a fourth of the world's population. Unsurprisingly, given the app’s popularity, scammers and hackers often target WhatsApp and its...
Read more...
The only real certainties in life are death, taxes, and scammers trying to swindle you out of your money. In the digital age, that means phishing scams run rampant, as it's a relatively low effort and potentially high reward ruse. Some efforts are more convincing than others, perhaps such as the one that is targeting...
Read more...
We’ve recently covered a number of sophisticated phishing scam techniques, including fake animated windows designed to steal passwords and automated call bots that trick victims into giving away multi-factor authentication codes. While ransomware attacks are currently on track to surpass phishing attacks as the number...
Read more...
No place on the internet is safe from scams. Social media sites, including Facebook, are especially irresistible targets to those with nasty intentions. Many of us have become quite familiar with signs of a phishing scam, but bad actors have gotten more creative. A recent Facebook phishing scam directed victims to a...
Read more...
We’ve written before about how two-factor authentication (2FA) provides much stronger protection against attackers attempting to access user accounts than a single password. Even so, it’s still important to remain vigilant, as 2FA doesn’t make user accounts unbreachable. We recently reported on Android malware that...
Read more...
Back in January, we covered a phishing report by Check Point that placed DHL as the number one most-imitated brand in phishing attacks for the fourth quarter of 2021. DHL spoofs, representing 23% of global phishing attacks, passed Microsoft spoofs, which sat at 20%. However, Check Point just released its phishing...
Read more...
There are reportedly nearly two billion WhatsApp users globally as of 2021. This is a number that is far too tempting to those with bad intent. A phishing campaign recently impacted nearly 28,000 email accounts by impersonating a notification for a WhatsApp voicemail message.
The phishing campaign utilizes...
Read more...
Phishing attacks are currently the number one cause of data compromises, and they are becoming more sophisticated as additional countermeasures are developed and deployed and users become more wary of suspicious or unexpected messages. Just last week, we covered a new phishing technique that creates an animated login...
Read more...
According to a recent cybersecurity report, ransomware attacks, having doubled in each of the past two years, are on track to outpace phishing attacks as the number one cause of data compromises. That said, phishing attacks are still king for now and will continue to pose a serious threat even if they are surpassed by...
Read more...
Microsoft has been toppled from its position on at least one list, but it’s doubtful the company is too upset over it. International shipping service DHL took the No. 1 spot as most-imitated (spoofed) brand in phishing attacks for the fourth quarter of 2021.
In many phishing attacks, the attacker tries to fool the...
Read more...
Google Docs pretty much revolutionized online collaboration when it came about. Instead of having to install clunky network software packages, or worse, use awkward remote desktop features, you could simply send your coworker or collaborator a web link and the two of you could work on a document simultaneously in your...
Read more...
While you may be trying to buy a Vebjörn desk or snag a deal on a Yttervåg, IKEA is trying to quell an ongoing cyberattack within its infrastructure. On Friday, it was discovered that cybercriminals were targeting IKEA employees with internal phishing attacks, using stolen reply-chain emails.
Reply-chain email...
Read more...
Do you ever forget to type the TLD (like, ".com") for websites that you visit, then click the top result when the inevitable search comes up? We might recommend you to stop doing that in the future. At least on Google and Bing, the first few results are advertisements, and those advertisements might not be as safe as...
Read more...
Craigslist does not have the best reputation. You can find almost anything on Craigslist, including apparently malware. A recent report claimed that hackers were attempting to use the Craigslist mailing system to distribute malware to users.
One feature on Craigslist is the ability to send a message through its...
Read more...
Colonial Pipeline was content to fly under the radar as the top fuel pipeline in the United States, but then it was hit by a ransomware attack that severely disrupted operations, and its name was plastered across headlines. Looking to take advantage of the situation and newfound name recognition, hackers are hoping to...
Read more...
