Phishing

Phishing | News, how-tos, features, reviews, and videos

cyber threat security compromised vulnerable men on the street
Analysis

Cybersecurity in 2020: Vigilance and the human element

Todd Inskeep, of Booz Allen Hamilton and the RSA Conference Advisory Board, writes that individuals must remain vigilant to stay a step ahead of those wishing to inflict chaos. Here’s how humans and technology can work together in...

smart city - Industry 4.0 - industrial IoT internet of things - mobile wireless network
News

Hackers use free tools in new APT campaign against industrial sector firms

Attackers seek to make attribution harder and use sophisticated, realistic spear-phishing emails.

rear view mirror with desert scene in the distance
Security Eye on AIBy

2019 in review: data breaches, GDPR’s teeth, malicious apps, malvertising and more

As 2019 draws to a close, it is time to reflect on what’s happened in cybersecurity over the past twelve months – and in some cases, what didn’t happen this year.

security threats and vulnerabilities
Feature

7 mobile security threats that may catch you by surprise

Even if you're usually savvy about cybersecurity, anyone can have a vulnerable moment (in our writer's case, it was his mother's funeral).

A business man touches a futuristic lock + circuit board security interface.
Review

Review: How CybeReady delivers targeted, timely security awareness training

Users will always be the last line of defense for email-based attacks. The CybeReady platform effectively trains them to spot phishing and other dangers, unobtrusively and as-needed.

Detecting phishing attempts > A magnifying lens spots a hook trying to catch a fish.
News

Defenders can discover phishing sites through web analytics IDs

Many phishing websites are now using unique user IDs (UIDs), and that gives defenders a signal to detect phishing attacks before they do much damage.

A hook is cast at laptop email with fishing lures amid abstract data.
News

Attackers phish Office 365 users with fake voicemail messages

Recent phishing campaigns have combined a clever use of fake voicemail, phony Microsoft email, and off-the-shelf phishing kits to target high-value victims.

Social media threat / danger / risk > Text bubbles interact, one bearing skull + crossbones
Feature

Social engineering explained: How criminals exploit human behavior

Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems or data.

cybersecurity controls
Feature

The 5 CIS controls you should implement first

The CIS Critical Security Controls list (formerly the SANS Top 20 controls) has been the gold standard for security defense advice. These are the tasks you should do first.

healthcare data breach / medical patient privacy security violation
Feature

6 biggest healthcare security threats for 2020

Healthcare continues to be a popular target for ransomware, cryptomining, data theft, phishing, and insider threats.

secured network of computers with locks displayed on screens
Feature

Why giving users two separate systems won't improve security

Red/green systems, which give users one system for work and another for other tasks, no longer makes sense from a security and cost perspective. There are alternatives.

A team with megaphones promotes their message.
Feature

How to market security: 8 tips for recruiting users to your cause

Getting users to care about security is a much-lamented challenge. What you need is a marketing plan.

Email takeover > Puppeteer hands manipulating the strings of an email client
Feature

Beware rogue email rules and forms

Creating malicious rules and forms in a compromised email client is an old but effective hacker trick that evades traditional antimalware software. Here’s how to make sure you can detect it.

Mastery of technology skills + knowledge.
Opinion

12 things every computer security pro should know

Fighting the good fight takes specialized knowledge. Here's the baseline of what all security pros should know.

Smishing, an SMS phishing attack / Vishing, a voice phishing attack by phone
InfoSec at Your ServiceBy

Smishing and vishing: How these cyber attacks work and how to prevent them

Smishing and vishing are types of phishing attacks that try to lure victims via SMS message and voice calls. Both rely on the same emotional appeals employed in traditional phishing scams and are designed to drive you into urgent...

man in boat surrounded by sharks risk fear decision attack threat by peshkova getty
Security Eye on AIBy

Sharks and phishers are circling, looking to snag a bite

Security professionals need to work together to come up with effective threat strategies, better training and intelligence alert systems in effort to keep phishing attacks at a minimum.

CSO > wolf in sheeps clothing / fraud / identity theft / social engineering
Feature

Famous social engineering attacks: 12 crafty cons

This rogues gallery of social engineering attack examples made headlines by taking advantage of human nature.

business intelligence crowd binary virtual world
Opinion

How attackers identify your organization's weakest links

Understanding the techniques and tools attackers use in targeted phishing attacks.

6 handling email phishing
Crossroads of Cybersecurity and the LawBy

Business email compromise: The odds of being a victim are increasing

Given the growth over the last few years in BEC and EAC fraud, businesses should educate employees about the risks involved and red flags of this activity.

8 getting breached is bad for business
News Analysis

From phish to network compromise in two hours: How Carbanak operates

Cybercriminal group Carbanak has stolen hundreds of millions of dollars from financial institutions. Here's a detailed analysis by Bitdefender of an attack on one bank.

Load More