Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A database with information on virtually the entire US voting population has been circulated on hacker forums, opening up the potential for disinformation and scams. [Read More]
Google says its Threat Analysis Group (TAG) hasn’t observed any significant coordinated influence campaigns that are targeting United States voters on its platform. [Read More]
Law enforcement agencies in 16 countries worked together to dismantle a criminal network involved in the laundering of money from high-level cybercriminals. [Read More]
Organizations using the Playback Now conference platform have been targeted by cybercriminals with a payment card skimmer. [Read More]
Hack-for-hire group BAHAMUT managed to build a fake online empire to leverage in cyber-espionage operations targeting the Middle East and other regions around the world. [Read More]
Hackers associated with the “Fullz House” group have compromised the website of Boom! Mobile and planted a web skimmer. [Read More]
Washington state is among those being targeted by a “large-scale, highly sophisticated” nationwide phishing campaign, the office of Gov. Jay Inslee said Thursday. [Read More]
Mozilla is discontinuing the Send feature in Firefox due to the fact that it has been abused to deliver malware and phishing attacks. [Read More]
Thousands of Magento-powered online stores have been hacked over the past few days as part of a skimming campaign that has been described as the “largest ever.” [Read More]
Warner Music Group has disclosed a data breach that impacts some of its e-commerce websites. [Read More]

FEATURES, INSIGHTS // Phishing

rss icon

Torsten George's picture
Vishing is a form of criminal phone fraud, combining one-on-one phone calls with custom phishing sites.
Alastair Paterson's picture
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Torsten George's picture
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Laurence Pitt's picture
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Alastair Paterson's picture
Domain name typo-squatting is an established tactic in the world of cybercrime.
Alastair Paterson's picture
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
Siggi Stefnisson's picture
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
Alastair Paterson's picture
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Devon Kerr's picture
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.