Phishing | News, how-tos, features, reviews, and videos

email popup warning window phishing cybersecurity security
pharming  >  faudulent website redirect

blocking spam e mail warning pop up phishing mail network security laptop computer

6 reasons why your anti-phishing strategy isn’t working

Phishing is such a successful scam that appears to be here to stay — and only get more effective. From over-reliance on technology to confusing and counterproductive training, here are six reasons why your anti-phishing strategy might...

New cyberattack tactics rise up as ransomware payouts increase

Although threat actors continue to use phishing, brand impersonation, and business email compromise (BEC) as common tactics, use of less familiar attack methods to infiltrate global organizations have picked up, Proofpoint says.

social engineering fraud impersonation neon face with hoodie by photo by sebastiaan stam on unsplash

HTML smuggling campaigns impersonate well-known brands to deliver malware

Researchers cite an increased prevalence of HTML smuggling activity including impersonation of brands such as Adobe Acrobat, Google Drive, and the US Postal Service.

chatbot_ChatGPT_AI_artificial intelligence_bot_assistant_shutterstock 1901618698

How AI chatbot ChatGPT changes the phishing game

The Microsoft-backed free chatbot is improving fast and can not only write emails, essays but can also code. ChatGPT is also polyglot and that could facilitate and increase exponentially phishing attacks.

Impersonation / disguise / fraud / false identity / identity theft

Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams

Researchers demonstrate how attackers can use the GPT-3 natural language model to launch more effective, harder-to-detect phishing and business email compromise campaigns.

Phishing attack   >   A fish hook hover above binary code with a caution triangle.

Attackers use stolen banking data as phishing lure to deploy BitRAT

Data from an older breach lends credibility to this newer sophisticated attack that delivers a highly obfuscated payload.

CSO > phishing / social engineering / security threat

Luna Moth callback phishing campaign leverages extortion without malware

Palo Alto’s Unit 42 investigated several incidents linked to the Luna Moth callback phishing extortion campaign that uses legitimate and trusted management tools instead of malware to exploit businesses.

lock padlock domain name system dns security data center lock icann

Global 2000 companies failing to adopt key domain security measures

Lookalike domains are targeting Forbes Global 2000 brands to launch phishing attacks and other forms of digital brand abuse/IP infringement.

lock circuit board bullet hole computer security breach

The 15 biggest data breaches of the 21st century

Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.

Detecting phishing attempts  >  A magnifying lens spots a hook trying to catch a fish.

Phishing attacks increase by over 31% in third quarter: Report

Cybersecurity company Vade reports that attackers sent more than 203.9 million emails in the third quarter alone, up from 155.3 million in the prior quarter

Detecting phishing attempts  >  A magnifying lens spots a hook trying to catch a fish.

Securing your organization against phishing can cost up to $85 per email

On average, organizations spend up to 60 minutes dealing with each phishing email identified in their email infrastructure, according to a new report by Osterman Research.

cso security malware breach hack alert gettyimages 1144604134 by solarseven 2400x1600px

Malware builder uses fresh tactics to hit victims with Agent Tesla RAT

A new malware campaign uses the recently discovered Quantum Builder and sophisticated tactics to deliver malicious payload.

hacker linkedin scam romance scam on social media phishing heart

How cybercriminals use public online and offline data to target employees

A LinkedIn post about getting a new job turned into a potential phishing scam. Similar incidents are more common than you might think.

A frowning, anxious woman looks at her phone in shock and horror.

Cybersecurity startup launches mobile app to protect against phishing attacks

Israeli startup novoShield has released an iPhone app that protects users against malicious websites.

CSO: Have you met these hackers? [slide 04]

Iranian cyberspies use multi-persona impersonation in phishing threads

Iran-sponsored groups use fake personas of real people to add credibility to phishing emails designed to deliver malware through remote template injection.

internet web browser

DNS data indicates increased malicious domain activity, phishing toolkit reuse

Akamai research discovers phishing toolkit reuse played a key role in increased malicious domain activity in the second quarter of 2022.

cso security hack breach identity infiltrate gettyimages 653137674 by solarseven 2400x1600px

Cisco admits hack on IT network, links attacker to LAPSUS$ threat group

Cisco says an employee’s credentials were compromised after an attacker gained control of a personal Google account.

pharming  >  faudulent website redirect

Microsoft takes top spot as most impersonated brand in phishing

Microsoft tops Vade's phishing report, which has some good news: The overall number of phishing attacks declined in the second quarter.

Load More