Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Iranian hackers target aerospace and energy organizations in the US, Saudi Arabia and South Korea [Read More]
DMARC effectively whitelists the genuine emails from genuine domains, so that ISPs and receiving organizations (such as universities) can reject or block spoofed mails. [Read More]
Security researchers have proposed a methodology for effectively detecting credential spear-phishing attacks in corporate networks while achieving a very low number of false positives. [Read More]
A Paris-based malware researcher known as Benkow has discovered more than 700 million records used by the Onliner spambot on a misconfigured server. [Read More]
Facebook awards Internet Defense Prize of $100,000 to researchers who described a novel method for detecting spear-phishing in enterprises [Read More]
Russia-linked cyberspy group APT28 targets hotels in Europe and their main target may be government and business travelers [Read More]
In July 2017, global spam rate reached the highest level registered since March 2015, fueled by the emergence of malware families attempting to self-spread via email, Symantec warns. [Read More]
Over one million users were exposed to adware after the developer of a highly popular Chrome extension fell victim to a phishing attack. [Read More]
A variant of the Dok malware for Mac targets Swiss banking users in attacks that appear to be part of Operation Emmental [Read More]
Hackers used template injection to phish credentials in recent attacks targeting critical infrastructure companies in the U.S. and Europe [Read More]

FEATURES, INSIGHTS // Phishing

rss icon

Jon-Louis Heimerl's picture
What do you do when your organization has been victimized by a phishing attack? If you wait until you are actually under an attack it is too late.
Jon-Louis Heimerl's picture
Organizationally, there are things you can do to help avoid becoming a victim, and to minimize damage if you are victimized.
Ram Mohan's picture
The semiannual “Global Phishing Survey” from the Anti-Phishing Working Group (APWG) provides powerful insight into what is happening in phishing worldwide.
Idan Aharoni's picture
Cooperation in the underground economy could enable a fraudster in Russia who masters the art of phishing to team up with another fraudster who already has the infrastructure of cashing out compromised online banking accounts of US banks.
Chris Hinkley's picture
Businesses usually don’t think about social engineering when securing company data. It used to be believed that social engineering was reserved for governments and organizations with enemies. That's not the case anymore.
Ram Mohan's picture
Domain name typo squatting, a decade-old headache for marketing and legal departments, is putting corporate data at risk. But evidence suggests that it is becoming a risk that also needs to be on the CSO's radar.
Irida Xheneti's picture
The risks are real, and growing more complex by the month. That doesn't mean you're powerless to keep your infrastructure and data secure.
Ram Mohan's picture
Cybercriminals have enough information to construct highly targeted phishing attacks. So, how can you mitigate the risk of falling victim to spear-phishing attacks?
Idan Aharoni's picture
Unlike real-world dumpster diving, "electronic dumpster diving" can enable cybercriminals to access all the documents currently held by the user, not just those that were thrown away.
Greg Olsen's picture
These best practices for DKIM can help you get more email delivered and lower the likelihood that a message will be categorized as spam.