#Phishing Attacks


Microsoft warns about this phishing attack that wants to read your emails

Microsoft is warning that Office 365 customers are receiving phishing emails that aim to trick them into giving OAuth permissions to a bogus app that then lets attackers read and write emails. Microsoft's Security Intelligence team warned this week that attackers are sending the OAuth phishing emails to "hundreds" of...
Picture for Microsoft warns about this phishing attack that wants to read your emails

Google Drive now warns you of suspicious phishing, malware docs

Google is rolling out new warning banners in Google Drive to alert users of potentially suspicious files that threat actors could use for malware delivery and in phishing attacks. This extra defense against abusive behavior and content was first announced in October during the Google Cloud Next 2021 user conference.
Picture for Google Drive now warns you of suspicious phishing, malware docs
Wiredpr News

SMS phishing scams in S’pore shed light on digital bank security, what’s next? – Wired PR Lifestyle Story

She clicked an SMS that she thought was from her bank. It brought her to a link that looked like the bank’s internet banking login page. After the bank user keyed in her authentication code, hackers hijacked her bank account and drained it of her entire life savings. That was it – within minutes, hard-earned years of savings were wiped clean and “disappeared”.
Picture for SMS phishing scams in S’pore shed light on digital bank security, what’s next? – Wired PR Lifestyle Story

How to block a phishing site

Cybercriminals have many schemes that involve the creation of malicious or phishing domains. They can use those domains in attacks on your customers, partners or even your employees. That is why from time to time companies need to block a dangerous domain, and some of them faces such threats quite often. Usually takedown of a malicious domain is not impossible, but it requires certain expertise and a lot of time. But usually when you identify such a threat, you do not have time to waste — it can lead to a loss of revenue, reputational damages, loss of customer trust, data leaks, and more. That is why we upgraded our threat intelligence portfolio with a new service — Kaspersky Takedown Service.

2022 Cybersecurity Trends: Ransomware, Security-as-a-Service, Zero Trust | #education | #technology | #training

​The profile of enterprise cybersecurity has never been higher. Some of the most conspicuous trends revolve around ransomware, security-as-a-service and zero trust. Ransomware attacks are very much on the rise. The European Union Agency for Cybersecurity noted a 150 percent rise in ransomware in 2021 and expects that trend to continue in 2022. High-profile victims have included Colonial Pipeline, UKG (Kronos), JBS, Kaseya and SolarWinds. Even bigger names are likely to be on this year’s ransomware honors list.

Mitigating the threat of ransomware, FHFA uses all the tools at their disposal

Going Beyond Data Protection Month - January 25, 2022. Have you ever gotten one of those phishing test emails from your agency’s IT team? You know the ones promising free food for filling out a form or a suspicious request to buy a bunch of iTunes gift cards for your boss. It turns out that those test emails are effective at countering real-life phishing attacks. That is according to Ralph Mosios, the chief information security officer at the Federal Housing Finance Agency.

The Most Imitated Brands in Phishing Attempts

DHL has surpassed Microsoft’s long-standing reign as the brand most frequently imitated by cybercriminals in attempts to steal credentials or deploy malware via sophisticated phishing techniques. Twenty-three percent of all brand phishing attempts were related to DHL, up from just 9% in the previous quarter, according to Check Point...

What Are The 7 Types Of Phishing Attacks?

Phishing attacks are one of the most common ways for cybercriminals to steal your information. In fact, it’s estimated that over 90% of data breaches start with a phishing attack. And while there are many different types of phishing attacks, they all have one goal in mind: to get you to click on a malicious link or open an infected email attachment. So, what are the 7 most common types of phishing attacks? And how can you protect yourself from them? Read on to find out.

Notable Blockchain Security Issues in 2021

Many people are not mistaken when they assume blockchain is inherently secure. However, blockchain also has some drawbacks when it comes to security. Blockchain is definitely helpful for businesses, although with a heavier downside due to its particular security issues. Armors, a well-known blockchain security company, summarizes the issues worthy of attention in blockchain security in 2021.

How to Solve the Ethernaut Game's Level 4: Telephone

In level 4 of the Ethernaut Game our goal is to claim ownership of the `Telephone` contract. In this game we use a simple contract with only one function and constructor that assigns the ownership to the address that deployed the contract. To claim the ownership we need to first understand what is the difference between `tx.origin` and `msg.sender` and why contracts that use the `txorigin` to authorize users are vulnerable to phishing attacks. We need to create a new malicious contract and encourage the owner to call a specific function that under the hood will change the ownership.

Spike in brand abuse attacks, 3-D Secure transaction volume rising

Outseer has published its latest quarterly Fraud & Payments report, confirming a troubling and massive spike in worldwide brand abuse attacks. The Q4 installment of the report features insights from July through September of 2021 as captured and collected while authenticating consumer transactions and investigating threats. According to the report,...

COVID test related scam emails still highly popular among cybercriminals

The Omicron variant has contributed to a 521 per cent rise in COVID test related scam emails between October 2021 and January 2022, according to Barracuda Networks. Researchers concluded that this surge in ‘COVID-test’ related phishing attacks is just the latest edition of COVID-19 themed phishing attack campaigns that cyber criminals have exploited throughout the course of the pandemic.

OCBC implements anti-scam measures following increased phishing attacks

One measure is the removal of the clickable links in SMSes sent by the bank. Anti-scam measures were the main focus of OCBC in their latest move to address the latest influx of SMS phishing attacks. Clickable links in both SMSes and marketing materials have been removed since 11 January.

Phishing Intelligence Report Reveals the Message Formats Most Likely to Trick Employees

Phished, a specialist in AI-driven cybersecurity training software, has announced the results of its 2021 Phishing Intelligence Report. The report, which analyzed data from more than 100 million phishing simulations, revealed that globally, almost a quarter (22%) of employees are likely to expose their organization to the risk of cyber attack via a successful phishing attempt.

3 reasons why humans are the strongest defense against phishing attacks

Phishing, one of the oldest forms of cybercrime, is still rampant. In fact, nearly all cyberattacks begin with a phishing scam. Since phishing thrives on the manipulation of people, cybersecurity experts often label the employees as the weakest link. One could argue: are people the weakest link, or is technology failing at detecting email phishing?

To Spread STRRAT Malware, Phishing Campaign Impersonates Shipping Giant Maersk

A new phishing campaign employing bogus shipping delivery lures installs the STRRAT remote access trojan on the computers of unsuspecting victims. Fortinet identified the new campaign after detecting phishing emails mimicking Maersk Shipping, a worldwide shipping behemoth, but utilising seemingly authentic email addresses. STRRAT is a multi-functional Remote Access Trojan...