Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Insurance companies and non-profit organizations are most likely to fall for phishing attacks, according to a study of 6 million users conducted by KnowBe4 [Read More]
A British teenager managed to access the communications accounts of top US intelligence and security officials including the then CIA chief John Brennan [Read More]
High-Tech Bridge improves Trademark Monitoring Radar with new feature designed to identify squatted or fraudulent accounts on social networks and code repositories [Read More]
Facebook introduces simple new security feature to help users check if the emails they receive are legitimate or part of a phishing campaign [Read More]
Organizations are getting better at detecting breaches, but attackers are also working on improving their tactics and techniques [Read More]
Israel-based anti-phishing firm IRONSCALES raises $6.5 million. Money will be used to expand sales and expedite R&D for its technologies [Read More]
Account takeover study conducted by Google shows that phishing poses the greatest threat to users, followed by keyloggers and third-party breaches [Read More]
Cybersecurity firm Proofpoint on Tuesday announced that it has agreed to acquire messaging security firm Cloudmark for $110 million in cash. [Read More]
The Russia-linked threat group known as Fancy Bear has abused Google’s Blogspot service in phishing attacks [Read More]
Security researchers hunted down more than 3,200 unique phishing kits, tracked the actors behind the kits, and identified kit re-use across sites, [Read More]

FEATURES, INSIGHTS // Phishing

rss icon

Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Jon-Louis Heimerl's picture
For a month, I kept all of my spam, then looked at the subject matter, where it was from and tried to analyze some additional characteristics of the spam.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Jon-Louis Heimerl's picture
What do you do when your organization has been victimized by a phishing attack? If you wait until you are actually under an attack it is too late.
Jon-Louis Heimerl's picture
Organizationally, there are things you can do to help avoid becoming a victim, and to minimize damage if you are victimized.
Ram Mohan's picture
The semiannual “Global Phishing Survey” from the Anti-Phishing Working Group (APWG) provides powerful insight into what is happening in phishing worldwide.
Idan Aharoni's picture
Cooperation in the underground economy could enable a fraudster in Russia who masters the art of phishing to team up with another fraudster who already has the infrastructure of cashing out compromised online banking accounts of US banks.
Chris Hinkley's picture
Businesses usually don’t think about social engineering when securing company data. It used to be believed that social engineering was reserved for governments and organizations with enemies. That's not the case anymore.
Ram Mohan's picture
Domain name typo squatting, a decade-old headache for marketing and legal departments, is putting corporate data at risk. But evidence suggests that it is becoming a risk that also needs to be on the CSO's radar.
Irida Xheneti's picture
The risks are real, and growing more complex by the month. That doesn't mean you're powerless to keep your infrastructure and data secure.