Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Spam messages accounted for 65% of overall email in 2016, with 8-10% of spam considered malicious, according to Cisco's 2017 Annual Cybersecurity Report . [Read More]
A recently observed phishing campaign is targeting PayPal users with fake pages that are well designed and difficult to distinguish from the real ones, ESET researchers warn. [Read More]
The number of data breaches disclosed in the United States increased by 40 percent in 2016 compared to the previous year, said ITRC and CyberScout [Read More]
Unpatched vulnerabilities in the McDonald’s website expose user passwords to phishing attacks [Read More]
Gmail phishing attack: cybercriminals use cleverly designed URLs and they immediately access the hacked accounts [Read More]
The EyePyramid malware used to spy on important people in Italy is not very sophisticated, but it still allowed attackers to steal a lot of sensitive data for a long time [Read More]
A recently detected phishing campaign designed to steal credit card information employed a series of attack tactics previously associated with malware distribution. [Read More]
"Hailstorm" spam campaigns have evolved from sending a low number of messages for long periods of time to sending a high volume of emails over a short time span, [Read More]
A new phishing attack targeting Office 365 business email users was found using Punycode to go undetected by both Microsoft’s default security and desktop email filters. [Read More]
Scammers are abusing YouTube as a new way to promote backdoored phishing templates and provide potential buyers with information on how to use the nefarious software, Proofpoint researchers warn. [Read More]

FEATURES, INSIGHTS // Phishing

rss icon

Jon-Louis Heimerl's picture
What do you do when your organization has been victimized by a phishing attack? If you wait until you are actually under an attack it is too late.
Jon-Louis Heimerl's picture
Organizationally, there are things you can do to help avoid becoming a victim, and to minimize damage if you are victimized.
Ram Mohan's picture
The semiannual “Global Phishing Survey” from the Anti-Phishing Working Group (APWG) provides powerful insight into what is happening in phishing worldwide.
Idan Aharoni's picture
Cooperation in the underground economy could enable a fraudster in Russia who masters the art of phishing to team up with another fraudster who already has the infrastructure of cashing out compromised online banking accounts of US banks.
Chris Hinkley's picture
Businesses usually don’t think about social engineering when securing company data. It used to be believed that social engineering was reserved for governments and organizations with enemies. That's not the case anymore.
Ram Mohan's picture
Domain name typo squatting, a decade-old headache for marketing and legal departments, is putting corporate data at risk. But evidence suggests that it is becoming a risk that also needs to be on the CSO's radar.
Irida Xheneti's picture
The risks are real, and growing more complex by the month. That doesn't mean you're powerless to keep your infrastructure and data secure.
Ram Mohan's picture
Cybercriminals have enough information to construct highly targeted phishing attacks. So, how can you mitigate the risk of falling victim to spear-phishing attacks?
Idan Aharoni's picture
Unlike real-world dumpster diving, "electronic dumpster diving" can enable cybercriminals to access all the documents currently held by the user, not just those that were thrown away.
Greg Olsen's picture
These best practices for DKIM can help you get more email delivered and lower the likelihood that a message will be categorized as spam.