Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. A screenshot of the phishing domain privatemessage dot net.

Phishing 239

Phishing Blockchain Manufacturing Encryption 239

The Last Watchdog

AUGUST 21, 2024

I recently learned all about the state-of-the art of phishing attacks – the hard way. We discussed just how targeted and contextualized advanced phishing attacks, like the one I experienced, can be. Foolishly, I did so all too quickly. For a full drill down, please give the accompanying podcast a listen.

Phishing 289

Phishing Security IT 289

Data Breach Today

JULY 22, 2024

Authorities Warn About Domains Targeting Victims Seeking to Restore Windows Devices Cybercriminals are exploiting the chaos created by the CrowdStrike outage by launching fake websites and phishing campaigns to trick victims into downloading malware or divulging sensitive information, according to the U.S.

Phishing 284

Phishing Cybersecurity Security 284

Krebs on Security

MAY 26, 2023

The number of phishing websites tied to domain name registrar Freenom dropped precipitously in the months surrounding a recent lawsuit from social networking giant Meta , which alleged the free domain name provider has a long history of ignoring abuse complaints about phishing websites while monetizing traffic to those abusive domains.

Phishing 284

Phishing Mining IT 284

Data Breach Today

JULY 20, 2024

Authorities Warn About Domains Targeting Victims Seeking to Restore Windows Devices Cybercriminals are exploiting the chaos created by the CrowdStrike outage by launching fake websites and phishing campaigns to trick victims into downloading malware or divulging sensitive information, according to the U.S.

Phishing 246

Phishing Cybersecurity Security 246

Data Breach Today

OCTOBER 25, 2023

AI Generated Phishing Still Cannot Beat Humans, But Not for Long: IBM ChatGPT can craft almost perfect phishing emails in five minutes, nearly beating a social engineering team with decades of experience, the results of a "nail-biting" experiment by IBM showed.

Phishing 316

Phishing 316

Thales Cloud Protection & Licensing

OCTOBER 9, 2024

Secure Your World with Phishing Resistant Passkeys madhav Thu, 10/10/2024 - 05:12 As we celebrate Cybersecurity Awareness Month 2024 with the theme "Secure Our World," exploring innovative technologies is crucial to help us achieve this goal. One such advancement that's revolutionizing online security and user authentication is passkeys.

Phishing 133

Phishing Security Authentication Passwords 133

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. Manipulaters advertisement for “Office 365 Private Page with Antibot” phishing kit sold on the domain heartsender,com.

Phishing 244

Phishing Passwords Risk Sales 244

Data Breach Today

MARCH 4, 2024

Researchers Say Hackers Used Fake Login Pages to Trick 100 Victims, Crypto Workers A new phishing campaign is targeting victims through mobile devices by mirroring legitimate login pages for the Federal Communications Commission and large cryptocurrency platforms including Binance and Coinbase.

Phishing 259

Phishing Communications 259

Data Breach Today

SEPTEMBER 16, 2024

federal prosecutors indicted a Chinese national employed by a state-owned aerospace and defense conglomerate with a yearslong phishing campaign aimed at extracting software developed for NASA. At-Large Wu Song, 39, Faces 28-Count Criminal Indictment U.S. Prosecutors said Song began sending out targeted emails in 2017.

Phishing 173

Phishing 173

Data Breach Today

DECEMBER 21, 2023

Also: Hackers Scrooge The North Face Holiday Shipments This week, MongoDB blamed a phishing email for causing unauthorized access to its corporate environment, hackers interrupted VF Corp.

Phishing 303

Phishing Access IT 303

KnowBe4

OCTOBER 23, 2024

Researchers at Trustwave observed a 140% increase in callback phishing attacks between July and September 2024. Callback phishing is a social engineering tactic that involves emails and phone calls to trick users into handing over login credentials or other sensitive data or installing malware.

Phishing 114

Phishing Ransomware Security 114

Krebs on Security

AUGUST 18, 2022

” A copy of the phishing message included in the PayPal.com invoice. While the phishing message attached to the invoice is somewhat awkwardly worded, there are many convincing aspects of this hybrid scam. Details of this scam were shared Wednesday with PayPal’s anti-abuse (phish@paypal.com) and media relations teams.

Phishing 339

Phishing IT Access 339

Security Affairs

NOVEMBER 4, 2024

for phishing scams that stole millions by hacking email accounts. for phishing scams that resulted in the compromise of millions of email accounts. for phishing scams that resulted in the compromise of millions of email accounts. Nigerian Kolade Ojelade gets 26 years in U.S. ” reads the press release published by DoJ.

Phishing 124

Phishing Access IT Information Security 124

KnowBe4

NOVEMBER 5, 2024

Attackers are abusing Eventbrite’s scheduling platform to send phishing emails, according to researchers at Perception Point. These attacks increased by 900% between July and October 2024.

Phishing 99

Phishing Security 99

KnowBe4

OCTOBER 29, 2024

Halloween-themed spam and phishing emails have surged over the past two months, with a significant increase beginning in October, according to researchers at Bitdefender.

Phishing 102

Phishing Security 102

KnowBe4

NOVEMBER 1, 2024

In the ever-evolving landscape of cybersecurity threats, we've recently encountered a sophisticated phishing attempt targeting one of our valued KnowBe4 customers. This incident serves as a crucial reminder of the importance of remaining vigilant and maintaining robust email security measures.

Phishing 103

Phishing Cybersecurity Security 103

KnowBe4

APRIL 30, 2024

Let’s dive into the cautionary world of phishing simulations gone wrong. You know, those attempts to train users not to fall for phishing that somehow end up setting off more alarms than a Hawaiian missile alert system. This blog was co-written by Javvad Malik and Erich Kron.

Phishing 111

Phishing 111

KnowBe4

NOVEMBER 7, 2024

Cybercriminals are impersonating OpenAI in a widespread phishing campaign designed to trick users into handing over financial information. The emails inform users that a payment for their ChatGPT subscription was declined, inviting them to click a link in order to update their payment method.

Phishing 100

Phishing 100

KnowBe4

OCTOBER 28, 2024

Analysis of phishing emails in the second quarter of this year paints a picture of what security teams and vigilant recipients should expect from modern phishing attacks.

Phishing 116

Phishing Security 116

KnowBe4

OCTOBER 22, 2024

Sixty-four percent of IT leaders have clicked on phishing links, a new survey by Arctic Wolf has found. Despite this, 80% of these same professionals are confident their organization won’t fall victim to a phishing attack.

Phishing 112

Phishing IT Security 112

Security Affairs

SEPTEMBER 21, 2024

A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users. Europol supported European and Latin American law enforcement agencies in dismantling an international criminal network that unlocks stolen or lost mobile phones using a phishing platform.

Phishing 131

Phishing Computer and Electronics Marketing Access 131

KnowBe4

NOVEMBER 15, 2024

Threat actors are exploiting Microsoft Visio files and SharePoint to launch two-step phishing attacks, according to researchers at Perception Point.

Phishing 82

Phishing Security awareness Security 82

KnowBe4

OCTOBER 7, 2024

A free phishing-as-a-service (PhaaS) platform named Sniper Dz has assisted in the creation of more than 140,000 phishing sites over the past year, according to researchers at Palo Alto Networks. The service allows unskilled criminals to spin up sophisticated phishing sites that steal credentials or deliver malware.

Phishing 105

Phishing 105

KnowBe4

JUNE 7, 2024

I have created a comprehensive webinar, based on my recent book , “Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing”. It contains everything that KnowBe4 and I know to defeat scammers.

Phishing 110

Phishing IT 110

Security Affairs

AUGUST 23, 2024

ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs). The technique allows the installation of a phishing application from a third-party website without requiring the user to enable third-party app installations. ” reads the report published by ESET.

Phishing 132

Phishing IT Security Information Security 132

KnowBe4

SEPTEMBER 5, 2024

Phishing remains a top initial access vector for threat actors, according to researchers at ReliaQuest. Phishing and other social engineering tactics can bypass security technologies by targeting humans directly.

Phishing 109

Phishing Access Security 109

Security Affairs

SEPTEMBER 17, 2024

US DoJ charged a Chinese national who used spear-phishing emails to obtain sensitive info from NASA, the U.S. DoJ charged a Chinese national, Song Wu (39), who used spear-phishing emails to target employees of NASA, the U.S. Air Force, Navy, Army, and the FAA. Air Force, Navy, Army, and the FAA.” “According to U.S.

Phishing 133

Phishing Government Military Security 133

KnowBe4

OCTOBER 18, 2024

Microsoft warns that threat actors are abusing legitimate file-hosting services to launch phishing attacks. These attacks are more likely to bypass security filters and appear more convincing to employees who frequently use these services.

Phishing 112

Phishing Security Security awareness 112

KnowBe4

NOVEMBER 11, 2024

Researchers at Malwarebytes warn that cybercriminals are using search engine poisoning to boost phishing pages to the top of Bing’s search results.

Phishing 88

Phishing Security 88

KnowBe4

JUNE 26, 2024

If you had to choose between regular cybersecurity training and simulated phishing testing, the data shows you should choose simulated phishing tests.

Phishing 97

Phishing Cybersecurity Security awareness Security 97

Security Affairs

JULY 30, 2024

Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a sophisticated phishing campaign targeting Microsoft OneDrive users.

Phishing 143

Phishing File names Archiving Access 143

KnowBe4

SEPTEMBER 11, 2024

Attackers frequently use phishing to gain initial access to an organization’s networks. Researchers at Bitdefender warn that law firms are high-value targets for ransomware gangs and other criminal threat actors.

Phishing 116

Phishing Ransomware Access Security 116

KnowBe4

SEPTEMBER 24, 2024

A phishing campaign is targeting GitHub users with phony CAPTCHA pages, according to researchers at McAfee. The phishing emails ask users to address a security vulnerability in a GitHub repository that they recently contributed to, and contain a link to find more information about the alleged vulnerability.

Phishing 99

Phishing Security 99

IBM Big Data Hub

SEPTEMBER 20, 2023

The simple answer: spear phishing is a special type of phishing attack. Phishing is any cyberattack that uses malicious email messages, text messages, or voice calls to trick people into sharing sensitive data (e.g., Spear phishing is targeted phishing. What’s different about a spear phishing attack?

Phishing 97

Phishing Authentication Artificial Intelligence Analytics 97

KnowBe4

OCTOBER 16, 2024

OpenAI has disclosed that its employees were targeted by spear-phishing attacks launched by a suspected Chinese state-sponsored threat actor.

Phishing 108

Phishing IT Security awareness Security 108

Schneier on Security

JUNE 3, 2024

Recent research showed that 60% of participants fell victim to artificial intelligence (AI)-automated phishing, which is comparable to the success rates of non-AI-phishing messages created by human experts. Here’s the full text.

Phishing 121

Phishing Artificial Intelligence 121