Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Ransomware is the most prevalent type of malware and it increasingly targets business-critical systems, according to Verizon’s 2018 Data Breach Investigations Report (DBIR) [Read More]
Over 95% of the email domains managed by the Executive Office of the President (EOP) haven’t implemented the Domain Message Authentication Reporting & Conformance (DMARC) protocol. [Read More]
Ukrainian national suspected of being the mastermind of a gang that used Carbanak malware to steal more than €1 billion from banks arrested in Spain [Read More]
PhishMe has been acquired by private equity firms in a deal that valued the company at $400 Million, and changed its name to Cofense. [Read More]
A new business email compromise (BEC) campaign is targeting accounts payable personnel at Fortune 500 companies in an attempt to trick victims into initiating fraudulent wire transactions to attacker-controlled accounts, IBM warns. [Read More]
Proofpoint has agreed to acquire Wombat Security Technologies for $225 million in cash. [Read More]
Malware and phishing attacks growingly abuse SSL to increase their chances of success, Zscaler said in its latest report [Read More]
Cybercriminals have hidden thousands of phishing pages in the /.well-known/ directory of legitimate websites [Read More]
Insurance companies and non-profit organizations are most likely to fall for phishing attacks, according to a study of 6 million users conducted by KnowBe4 [Read More]
A British teenager managed to access the communications accounts of top US intelligence and security officials including the then CIA chief John Brennan [Read More]

FEATURES, INSIGHTS // Phishing

rss icon

Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Jon-Louis Heimerl's picture
For a month, I kept all of my spam, then looked at the subject matter, where it was from and tried to analyze some additional characteristics of the spam.
Jon-Louis Heimerl's picture
Social engineering attacks can happen at any time. Here are some strategies you can use to help reduce the chances of a successful social engineering/phishing attack you or your organization.
Jon-Louis Heimerl's picture
What do you do when your organization has been victimized by a phishing attack? If you wait until you are actually under an attack it is too late.
Jon-Louis Heimerl's picture
Organizationally, there are things you can do to help avoid becoming a victim, and to minimize damage if you are victimized.
Ram Mohan's picture
The semiannual “Global Phishing Survey” from the Anti-Phishing Working Group (APWG) provides powerful insight into what is happening in phishing worldwide.
Idan Aharoni's picture
Cooperation in the underground economy could enable a fraudster in Russia who masters the art of phishing to team up with another fraudster who already has the infrastructure of cashing out compromised online banking accounts of US banks.
Chris Hinkley's picture
Businesses usually don’t think about social engineering when securing company data. It used to be believed that social engineering was reserved for governments and organizations with enemies. That's not the case anymore.
Ram Mohan's picture
Domain name typo squatting, a decade-old headache for marketing and legal departments, is putting corporate data at risk. But evidence suggests that it is becoming a risk that also needs to be on the CSO's radar.
Irida Xheneti's picture
The risks are real, and growing more complex by the month. That doesn't mean you're powerless to keep your infrastructure and data secure.