New Report Identifies Latest Spear Phishing Trends
Mar21

New Report Identifies Latest Spear Phishing Trends

Researchers at email security firm Barracuda have conducted a study to identify current spear phishing trends and the tactics most commonly used to attack businesses and obtain sensitive information. Spear phishing is a highly targeted form of phishing. Campaigns tend to involve low numbers of emails that have been carefully crafted for attacks on a particular industry, company, or individual. Targets are usually researched, and...

Read More
MFA Bypassed in IMAP-Based Attacks on Office 365 and G Suite Accounts
Mar15

MFA Bypassed in IMAP-Based Attacks on Office 365 and G Suite Accounts

Multi-factor authentication can prevent accounts from being accessed if passwords are stolen or obtained using brute force tactics; however, Proofpoint has discovered that multi-factor authentication is being bypassed on Office 365 and G Suite accounts using the legacy IMAP protocol. The IMAP authentication protocol bypasses MFA and attackers are able to avoid being locked out of accounts. The methods used made failed login attempts...

Read More
Healthcare Employees Vulnerable to Phishing Attacks
Mar14

Healthcare Employees Vulnerable to Phishing Attacks

The healthcare industry appears to have more than its fair share of phishing attacks. Barely a week goes by without a major phishing attack being reported by a healthcare provider in the United States. Healthcare organizations are targeted by cybercriminals as they hold valuable data. Healthcare records contain information that can be used for multiple types of fraud and the records sell for big bucks on darknet marketplaces....

Read More
SpamTitan Email Security Solution Now Incorporates Sandboxing and DMARC Authentication
Mar13

SpamTitan Email Security Solution Now Incorporates Sandboxing and DMARC Authentication

SMB and MSP email security solution provider TitanHQ has announced a major update of its SpamTitan email security solution. New features have been added to the solution to provide even greater protection against sophisticated phishing attacks and new malware threats. The new layers of security were applied to the solution this week and are now available to customers at no extra cost. The past few years have seen a major increase in...

Read More
1 in 61 Delivered Emails Contains a Malicious URL
Mar08

1 in 61 Delivered Emails Contains a Malicious URL

A new report from Mimecast has revealed cybercriminals are increasingly using malicious URLs in phishing emails to obtain credentials and deliver malware. Mimecast’s figures show there has been a 126% increase in delivered emails that contain malicious URLs between August 2018 and February 2019. The company has analyzed more than 28.4 million emails that had been determined to be safe by email security solutions and were delivered to...

Read More
New Microsoft Report Details 2018 Phishing Trends
Mar06

New Microsoft Report Details 2018 Phishing Trends

Microsoft’s latest Security Intelligence Report provides information on 2018 phishing trends, the changing tactics of cybercriminals, and ransomware, cryptojacking and malware attack statistics. 2018 Ransomware Trends 2017 saw ransomware attacks dominated the threat landscape; however, as the year progressed ransomware started to fall out of favor with cybercriminals and that trend continued throughout 2018. While ransomware attacks...

Read More
IRS Launches 2019 Campaign to Raise Awareness of Tax Scams with Phishing Warning
Mar05

IRS Launches 2019 Campaign to Raise Awareness of Tax Scams with Phishing Warning

The IRS has launched its annual campaign to raise awareness of tax scams that are highly prevalent during tax season. The Dirty Dozen campaign details 12 common tax scams that taxpayers, tax professionals and businesses need to be aware of and take steps to avoid. In the run up to the deadline for submitting 2018 tax returns, cybercriminals increase their efforts to obtain the personal information of taxpayers. The information can be...

Read More
UConn Health Phishing Attack Impacts 326K Patients
Feb25

UConn Health Phishing Attack Impacts 326K Patients

A UConn Health phishing attack in December has potentially allowed an unauthorized individual to gain access to the health information of hundreds of thousands of patients. The attack was detected on December 24, 2018, and all email accounts were secured to prevent further unauthorized access. It is unclear for how long the attacker had control of the accounts. The breach may have dated back months. During the time that accounts could...

Read More
Businesses Targeted in Ongoing Credential-Stealing Separ Malware Phishing Attack
Feb21

Businesses Targeted in Ongoing Credential-Stealing Separ Malware Phishing Attack

An ongoing phishing campaign is targeting businesses and distributing the information-stealing Separ malware. The campaign has mostly concentrated on businesses in South East Asia and the Middle East, although some businesses in North America have also been attacked. The Separ information stealer has been in use since September 2017, with earlier versions of the info-stealer dating back to 2013. The latest campaign, which uses an...

Read More
Trickbot Trojan Updated to Obtain VNC, PuTTY, and RDP Credentials
Feb19

Trickbot Trojan Updated to Obtain VNC, PuTTY, and RDP Credentials

The Trickbot banking Trojan has been updated with a new module which is capable of obtaining VNC, PuTTY, and remote desktop credentials. The latest variant of Trickbot is being distributed in a tax season-themed phishing campaign involving emails that offer help with recent changes to the U.S. tax code to reduce tax bills. The emails appear to have been sent by the accounting organization Deloitte and have a tax incentive-related...

Read More
FINRA Issues Phishing Warning to Brokerage Firms
Feb19

FINRA Issues Phishing Warning to Brokerage Firms

The Financial Industry Regulatory Authority (FINRA) has issued a warning to brokerage firms about a new phishing campaign. The scam involves spam emails which appear to have been sent from a credit union alerting the brokerage firm to potential money laundering by one of their clients. The email messages appear to have been sent by a BSA-AML compliance officer at a legitimate Indiana-based credit union and contain details of the...

Read More
Phishing Campaign Leverages Google Translate to Steal Google and Facebook Credentials
Feb11

Phishing Campaign Leverages Google Translate to Steal Google and Facebook Credentials

A phishing campaign has been detected that abuses Google Translate to make the phishing webpage appear to be an official login page for Google. The phishing emails in the campaign are similar to many other campaigns that have been run in the past. The messages have the subject “Security Alert” with a message body virtually identical to the messages sent by Google when a user’s Google account has been accessed from an unfamiliar device...

Read More
New BEC Campaign Targets Executives
Feb06

New BEC Campaign Targets Executives

Business email compromise attacks involve the impersonation of a high-level executive, often the CEO or CFO. The attacks often start with a spear phishing email to obtain the credentials of the CEO/CFO. If the credentials are obtained, the email account is used to send requests to employees. During tax season, W-2 Form data for all employees is often requested or requests are sent to the finance department to make wire transfers to...

Read More
Office 365 Phishing Campaign Uses SharePoint Collaboration Request as Lure
Feb06

Office 365 Phishing Campaign Uses SharePoint Collaboration Request as Lure

A single Office 365 username/password combination can give a hacker access to a vast quantity of sensitive information. Information detailed in emails can be of great value to competitors, identity thieves, and other fraudsters. Office 365 credentials also give hackers access to cloud storage repositories that can contain highly sensitive business information and compromised accounts can be used to distribute malware and conduct...

Read More
2019 State of the Phish Report Reveals Increase in Successful Phishing Attacks
Jan29

2019 State of the Phish Report Reveals Increase in Successful Phishing Attacks

The Proofpoint 2019 State of the Phish Report has revealed that while phishing is still used to infect users with malware, 70% of phishing attacks are concerned with obtaining credentials. In the past 12 months there has been a major increase in phishing attacks. The last time the report was produced in 2017, 38% of InfoSec professionals reported having experienced at least one account compromise as a result of a phishing attack in...

Read More
Fake Google Update Installer Used to Install AZORult Trojan
Jan28

Fake Google Update Installer Used to Install AZORult Trojan

Researchers at Minerva Labs have identified a new AZORult Trojan campaign that installs the malware through a fake Google update installer. The AZORult Trojan is an information stealer that can obtain system information, cookies, passwords stored in browsers, browser histories, information from saved files, banking credentials, and cryptocurrency wallets. The malware is also used as a downloader of other malware variants and is...

Read More
Cofense Launches New Managed Security Service Provider Anti-Phishing Program
Jan19

Cofense Launches New Managed Security Service Provider Anti-Phishing Program

A new Managed Security Service Provider (MSSP) program has been launched by Cofense to help MSSPs deliver advanced anti-phishing solutions to their SMB clients to improve protection against sophisticated phishing attacks. Phishing is now the number one cybersecurity threat faced by SMBs. Phishing serves as an easy attack vector for cybercriminals and is one that is often used to gain access to business networks. Phishing is used to...

Read More
773 Million Email Addresses and 21 Million Unique Passwords Listed for Sale
Jan18

773 Million Email Addresses and 21 Million Unique Passwords Listed for Sale

A massive collection of login credentials that includes approximately 773 million email addresses has been uncovered by security researcher Troy Hunt. Hunt is an Australian Microsoft Regional Director and maintains the Have I Been Pwned (HIBP) website, where people can check to see whether their login credentials have been stolen in a data breach. Hunt discovered the 87GB database on a popular hacking forum. The data was spread across...

Read More
BenefitMall Phishing Attack Impacts 111,589 Plan Members
Jan16

BenefitMall Phishing Attack Impacts 111,589 Plan Members

A recently discovered BenefitMall phishing attack has resulted in the exposure of 111,589 plan members’ protected health information.   BenefitMall, a division of Centerstone Insurance and Financial Services, discovered on October 11, 2018, that hackers had gained access to several employee email accounts as a result of their responses to phishing emails. Third party computer forensics experts were called in to assist with the...

Read More
Highly Sophisticated Apple Vishing Scam Detected
Jan10

Highly Sophisticated Apple Vishing Scam Detected

A sophisticated Apple vishing scam has been uncovered. In contrast to most phishing attempts that use email, this scam used voice calls (vishing) with the calls appearing to have come from Apple. The scam starts with an automated voice call to an iPhone that spoofs Apple Inc. The caller display shows that the call is from Apple Inc., increasing the likelihood that the call will be answered. The user is advised that there has been a...

Read More
Phishing Website Uses Custom Web Fonts to Evade Detection
Jan08

Phishing Website Uses Custom Web Fonts to Evade Detection

Phishers are constantly developing new ways to prevent their websites from being detected. One threat actor is now using custom web fonts to disguise malicious code on phishing websites. The phishing scam spoofs a major U.S. bank in an attempt to get users to disclose their banking credentials. The website used in the scam is well crafted, and like many similar scams, uses stolen branded content to make the website appear legitimate....

Read More
Tribune Publishing Cyberattack Cripples Several U.S. Newspapers
Jan02

Tribune Publishing Cyberattack Cripples Several U.S. Newspapers

A recent malware attack on Tribune Publishing has caused disruption to several newspaper print runs including those of the Los Angeles Times, San Diego Tribune, and the west coast editions of the New York Times and Wall Street Journal, amongst others. The Tribune Publishing cyberattack occurred on Thursday December 28, 2018, and spread throughout the Tribune Publishing network on Friday, affecting the Saturday editions of several...

Read More
FTC Issues Warning About New Netflix Phishing Scam
Jan01

FTC Issues Warning About New Netflix Phishing Scam

The U.S. Federal Trade Commission has issued a warning about a new global Netflix phishing scam that attempts to fool Netflix subscribers into disclosing their account credentials and payment information. The scam uses a tried and tested tactic to obtain that information: The threat of account closure due to payment information being out of date. Users are sent a message asking them to update their payment details because Netflix has...

Read More
More Than 50 Accounts Compromised in San Diego School District Data Breach
Dec27

More Than 50 Accounts Compromised in San Diego School District Data Breach

A major data breach has been reported by the San Diego School District that has potentially resulted in the theft of the personal information of more than half a million current and former staff and students. The data exposed as a result of the breach date back to the 2008/2009 school year. The breach was detected following reports from district staff of a spate of phishing emails. The emails were highly believable and fooled users...

Read More
90% of Malware Delivered Via Spam Email
Dec19

90% of Malware Delivered Via Spam Email

Cybercriminals use a variety of methods to gain access to business networks to install malware, although by far the most common method of spreading malware is spam email. According to a recent study by F-Secure, in 2018, 90% of malware was delivered through spam email. The most common types of malware delivered via spam email are downloaders, bots, and backdoors, which collectively account for 52% of all infections. Banking Trojans...

Read More
New Office 365 Phishing Attack Detected
Dec18

New Office 365 Phishing Attack Detected

A new Office 365 phishing attack has been identified that uses alerts about message delivery failures to lure unsuspecting users to a website where they are asked to provide their Office 365 account details. The new scam was detected by security researcher Xavier Mertens during an analysis of email honeypot data. The emails closely resemble official messages sent by Microsoft to alert Office 365 users to message delivery failures. The...

Read More
New Survey Highlights Importance of Security Awareness Training for Employees
Dec17

New Survey Highlights Importance of Security Awareness Training for Employees

A recent phishing survey of 500 office workers in Ireland has revealed the risks business leaders are taking by failing to provide security awareness training for employees. Phishing is one of the easiest methods of gaining access to sensitive information and gaining a foothold in a network. Phishing is the act of deceiving users into disclosing sensitive information, usually via email. An email is sent with a lure to get the user to...

Read More
Microsoft and Adobe December 2018 Patch Tuesday Updates
Dec12

Microsoft and Adobe December 2018 Patch Tuesday Updates

December 2018 Patch Tuesday has seen Microsoft issue patches for 39 vulnerabilities, 10 of which have been rated critical, and two are being actively exploited in the wild. There are 9 critical vulnerabilities in Microsoft products and one critical vulnerability in Adobe Flash Player. The patches cover the following products and services: Microsoft Windows, Microsoft Office, Internet Explorer, Microsoft Edge, Microsoft Office...

Read More
2018 Security Awareness Training Statistics
Dec12

2018 Security Awareness Training Statistics

A recent survey conducted by Mimecast has produced some interesting security awareness training statistics for 2018. The survey shows many businesses are taking considerable risks by not providing adequate training to their employees on cybersecurity. Ask the IT department what is the greatest risk cybersecurity risk and many will say end users. IT teams put a considerable amount of effort into implementing and maintaining...

Read More
Webinar: Cost-Effective DNS-Based Web Filtering
Dec04

Webinar: Cost-Effective DNS-Based Web Filtering

In order to protect against web-based threats such as malware, ransomware, viruses, exploit kits, malvertising, and phishing, businesses need to implement a web filtering solution. A web filter allows businesses to carefully control the websites and webpages that employees can access while connected to the wired and wireless networks. All Internet traffic is routed through the filter where controls are applied to block malware...

Read More
Spotify Phishing Scam Detected: User Accounts Breached
Nov30

Spotify Phishing Scam Detected: User Accounts Breached

Researchers at AppRiver have detected a Spotify phishing scam that attempts to get users to reveal their Spotify credentials. The emails use brand imaging that make the emails appear to have been sent by the music streaming service. The messages are realistic, although there are signs that the messages are not genuine. The email template used in the Spotify phishing scam claims the user needs to confirm their account details to remove...

Read More
Marriott Announces 500 Million-Record Breach of Starwood Hotel Guests’ Data
Nov30

Marriott Announces 500 Million-Record Breach of Starwood Hotel Guests’ Data

The Marriott hotel chain has announced it has suffered a massive data breach that has resulted in the theft of the personal information of up to 500 million guests of the Starwood Hotels and Resorts group. Marriott discovered the data breach on September 8, 2018 after an alert was generated by its internal security system following an attempt by an unauthorized individual to access the Starwood guest reservation database. Third-party...

Read More
49% of All Phishing Sites Have SSL Certificates and Display Green Padlock
Nov29

49% of All Phishing Sites Have SSL Certificates and Display Green Padlock

Almost half of phishing sites now have SSL certificates, start with HTTPS, and display the green padlock to show the sites are secure, according to new research by PhishLabs. The number of phishing websites that have SSL certificates has been increasing steadily since Q3, 2016, when around 5% of phishing websites were displaying the green padlock to indicate a secure connection. The percentage increased to approximately 25% of all...

Read More
Major Malvertising Campaign Detected: 300 Million Browser Sessions Hijacked in 48 Hours
Nov28

Major Malvertising Campaign Detected: 300 Million Browser Sessions Hijacked in 48 Hours

A major malvertising campaign is being conducted that is redirecting web users to phishing and scam websites. While malvertising campaigns are nothing new, this one stands out due to the scale of the campaign. In 48 hours, more than 300 million users have had their browsers redirected to malicious web pages. The campaign was uncovered by researchers at cybersecurity firm Confiant on November 12. The researchers note that the actor...

Read More
California Wildfire-Themed BEC Attack Identified
Nov27

California Wildfire-Themed BEC Attack Identified

It is common for phishers to use natural disasters as a lure to obtain ‘donations’ to line their pockets rather than help the victims and the California wildfires are no exception. Many people have lost their lives in the fires and the death toll is likely to rise further as hundreds of people are still unaccounted for. Whole towns such as Paradise have been totally destroyed by the wildfires and hundreds of people have lost their...

Read More
APT28 Group Uses New Cannon Trojan in Spear Phishing Campaign Targeting US and EU Government Agencies
Nov22

APT28 Group Uses New Cannon Trojan in Spear Phishing Campaign Targeting US and EU Government Agencies

A new spear phishing campaign is being conducted by the AP28 (Sofacy Group/Fancy Bear/Sednit) on government organizations in the United States, Europe, and a former USSR state using the previously unknown Cannon Trojan. The campaign was detected by Palo Alto Networks’ Unit 42 team and was first identified in late October. The campaign is being conducted via spam email and uses weaponized Word document to deliver two malware variants....

Read More
Rise in Phishing Emails Using .Com File Extensions
Nov21

Rise in Phishing Emails Using .Com File Extensions

The anti-phishing solution provider Cofense, formerly PhishMe, has reported a marked increase in phishing campaigns using files with the .com extension. The .com extension is used for text files with executable byte code. The code can be executed on Microsoft NT-kernel-based and DOS operating systems. The campaigns identified through Cofense Intelligence are primarily being sent to financial service departments and are used to...

Read More
Gmail Flaw Allows Phishing Emails to Be Sent Anonymously
Nov21

Gmail Flaw Allows Phishing Emails to Be Sent Anonymously

A Gmail flaw has been discovered that allows emails to be sent anonymously with no information included in the sender field. The flaw could easily be exploited by cybercriminals for use in phishing attacks. Phishers often mask the sender of an email in phishing campaigns to fool the recipient into believing the email is genuine. The sender’s email address can be spoofed so the displayed name appears to be a known contact or well-known...

Read More
Phishing Accounts for 50% of All Fraud Attacks
Nov15

Phishing Accounts for 50% of All Fraud Attacks

An analysis of current cyber fraud threats by network security firm RSA shows that phishing attacks have increased by 70% since Q2 and now account for 50% of all fraud attacks suffered by organizations. Phishing attacks are popular because they are easy to conduct and have a high success rate. An attacker can set up a webpage that mimics a well-known brand such as Microsoft or Google that requests login details. Emails are then sent...

Read More
U.S. Treasury Investigating $700,000 Loss to Phishing Scam
Oct30

U.S. Treasury Investigating $700,000 Loss to Phishing Scam

In July 2018, the Washington D.C. government fell for an email scam that resulted in wire transfers totaling nearly $700,000 being sent to a scammer’s account. The scammer impersonated a vendor used by the city and requested outstanding invoices for construction work be paid. The vendor had been contracted to work on a design and build project on a permanent supportive housing facility. The emails requested the payment method be...

Read More
Cofense Expands 24/7 Global Phishing Defense Services
Oct30

Cofense Expands 24/7 Global Phishing Defense Services

Cofense has announced that it has expanded its 24/7 Phishing Defense Service to provide even greater support to customers outside business hours and ensure that phishing threats are identified in the shortest possible time. The Cofense Phishing Defense Center (PDC) was launched to ease the burden on IT security teams by allowing them to offload some of the burden of searching through emails reported by their end users and analysing...

Read More
United States Leads the World as Main Host of Malware C2 Infrastructure
Oct26

United States Leads the World as Main Host of Malware C2 Infrastructure

The United States is home to the highest percentage of malware command and control (C2) infrastructure – 35% of the global total, according to new research published by phishing defense and threat intelligence firm Cofense.  27% of network Indicators of Compromise (IoCs) from phishing-borne malware are also either located in or proxied through the United States. Cofense data show that Russia is in second place with 11%, followed by...

Read More
75% of Employees Lack Security Awareness
Oct26

75% of Employees Lack Security Awareness

MediaPro has published its 2018 State of Privacy and Security Awareness Report which assesses the level of security awareness of employees across different industry sectors. The report is based on the responses to questionnaires sent to 1,024 employees across the United States that probed their understanding of real-world threats and security best practices. This is the third year that MediaPro has conducted the study, which...

Read More
Brands Most Commonly Spoofed by Phishers Revealed
Oct25

Brands Most Commonly Spoofed by Phishers Revealed

Vade Secure has released a new report detailing the brands most commonly targeted by phishers in North America. The Phishers’ Favorites Top 25 list reveals the most commonly spoofed brands in phishing emails detected in Q3, 2018. For the latest report, Vade Security tracked 86 brands and ranked them based on the quantity of phishing attacks in which they were impersonated. Those 86 brands account for 95% of all brand spoofing attacks...

Read More
Stealthy sLoad Downloader Performs Extensive Reconnaissance to Improve Quality of Infected Hosts
Oct25

Stealthy sLoad Downloader Performs Extensive Reconnaissance to Improve Quality of Infected Hosts

A new PowerShell downloader has been discovered – the sLoad downloader – which is being used in stealthy, highly targeted attacks in the United Kingdom and Italy. The sLoad downloader performs a wide range of checks to find out a great deal of information about the system on which it resides, before choosing the most appropriate malicious payload to deploy – if a payload is deployed at all. The sLoad downloader was first identified in...

Read More
Anti-Phishing Working Group Publishes Q2, 2018 Phishing Trends Report
Oct19

Anti-Phishing Working Group Publishes Q2, 2018 Phishing Trends Report

The Anti-Phishing Working Group has released its Phishing Activity Trends Report for Q2, 2018. The report contains a summary and analysis of phishing attacks that were reported to APWG by its member companies and partners between April and June 2018. The APWG quarterly reports provide insights into the latest phishing trends and show the extent of phishing attacks on businesses – Attacks aimed at getting employees to reveal their...

Read More
Cofense Explores the State of Phishing Defenses in 2018
Oct18

Cofense Explores the State of Phishing Defenses in 2018

The anti-phishing solution provider Cofense has released its 2018 State of Phishing Defense report. The report provides insights into the most common phishing emails being used by cybercriminals and the message subjects that are most effective at fooling employees into clicking and revealing sensitive information. The report also breaks down phishing attacks by industry sector and shows which industries are most susceptible to...

Read More
Anthem Data Breach Settlement of $16 Million Agreed with OCR
Oct16

Anthem Data Breach Settlement of $16 Million Agreed with OCR

The largest ever healthcare data breach in the United States has attracted the largest ever fine for noncompliance with HIPAA Rules. The Anthem data breach settlement of $16 million eclipses the previous highest HIPAA fine of $5.55 million and reflects not only the severity of the Anthem Inc data breach, which saw the protected health information of 78.8 million plan members stolen, but also the extent of noncompliance with HIPAA...

Read More
Sophisticated Phishing Attack Inserts Malware into Existing Email Conversation Threads
Oct11

Sophisticated Phishing Attack Inserts Malware into Existing Email Conversation Threads

A new sophisticated phishing tactic has been identified that involves a malicious actor gaining access to an email account, monitoring a conversation thread, and then inserting malware in a reply to an ongoing discussion. The scam is a variation of a Business Email Compromise (BEC) attack. BEC attacks typically involve using a compromised email account to send messages to accounts or payroll employees to get them to make fraudulent...

Read More
Phishers Using Azure Blog Storage to Host Phishing Forms with Valid Microsoft SSL Certificate
Oct08

Phishers Using Azure Blog Storage to Host Phishing Forms with Valid Microsoft SSL Certificate

Cybercriminals are using Microsoft Azure Blog storage to host phishing forms. The site hosting the malicious files has a genuine Microsoft SSL certificate which adds authenticity to the campaign. Similar tactics have been used in the past for Dropbox phishing scams and attacks that impersonate other cloud storage platforms. A typical phishing scenario involves an email being sent with a button or hyperlink that the user is requested...

Read More
Persistent New LoJax Rootkit Survives Hard Disk Replacement
Oct04

Persistent New LoJax Rootkit Survives Hard Disk Replacement

Security researchers at ESET have identified a new rootkit that takes persistence to a whole new level. Once infected, the LoJax rootkit will remain active on a device even if the operating system is reinstalled or the hard drive is reformatted or replaced. Rootkits are malicious code that are used to provide an attacker with constant administrator access to an infected device. They are difficult to detect and consequently they can...

Read More
Danabot Banking Trojan Used in U.S. Campaign
Oct03

Danabot Banking Trojan Used in U.S. Campaign

The DanaBot banking Trojan was first detected by security researchers at Proofpoint in May 2018. It was being used in a single campaign targeting customers of Australian Banks. Further campaigns were later detected targeting customers of European banks, and now the attacks have moved across the Atlantic and U.S. banks are being targeted. Banking Trojans are a major threat. Proofpoint notes that they now account for 60% of all malware...

Read More
KnowBe4 Launches ‘Domain Doppelgänger’ Fake Domain Identification Tool
Oct01

KnowBe4 Launches ‘Domain Doppelgänger’ Fake Domain Identification Tool

A new tool has been released by the security awareness training and phishing simulation platform provider KnowBe4 that can help companies to identify ‘evil twin domains’ – lookalike spoofed domains that are typically used by cybercriminals for phishing and spreading malware. An evil twin domain is very similar to a genuine website that is used by a company. It could include an extra letter such as faceboook.com, have missing letters...

Read More
2018 Has Seen a Marked Increase in Email Impersonation Attacks
Sep27

2018 Has Seen a Marked Increase in Email Impersonation Attacks

The September Email Threat Report published by cybersecurity company FireEye has cast light on the latest tactics being used by cybercriminals to fool end users into disclosing sensitive information such as login credentials to online bank accounts and email services. Phishing attacks continue to dominate the threat landscape and cybercriminals have been refining their techniques to achieve a higher success rate. Standard phishing...

Read More
Cofense Takes a Closer Look at Healthcare Phishing Attacks
Sep24

Cofense Takes a Closer Look at Healthcare Phishing Attacks

Cofense, the leading provider of human-based phishing threat management solutions, has published new research that shows the healthcare industry lags behind other industry sectors for phishing defenses and is routinely attacked by cybercriminals who often succeed in gaining access to sensitive patient health data. The Department of Health and Human Services’ Office for Civil Rights publishes a summary of data breaches reported by...

Read More
Proofpoint Launches Closed-Loop Email Analysis and Response (CLEAR) Solution
Sep12

Proofpoint Launches Closed-Loop Email Analysis and Response (CLEAR) Solution

The Sunnyvale, CA-based cybersecurity firm Proofpoint has announced it has launched a new Closed-Loop Email Analysis and Response (CLEAR) solution that can significantly reduce the time it takes to triage email-based threats. The solution uses a complete closed-loop approach to automatically analyze suspicious emails reported by end users to security teams, identify real threats from false positives, and help security teams remediate...

Read More
New Brazilian Banking Trojan Hides in Plain Sight
Sep10

New Brazilian Banking Trojan Hides in Plain Sight

An innovative new Brazilian banking Trojan has been detected by security researchers at IBM X-Force. The Trojan has been named CamuBot due to its use of camouflage to fool employees into running the installer for the malware. As with other banking Trojans, its purpose is to obtain bank account credentials, although its method of doing so is different from most of the banking Trojans currently used by threat actors in Brazil. Most...

Read More
Respiratory Care Provider Victim of Phishing Attack
Sep05

Respiratory Care Provider Victim of Phishing Attack

Norwood, MA-based Reliable Respiratory has discovered a hacker has gained access to the email account of one of its employees, and through that account, potentially accessed the protected health information of some of its patients. The respiratory care provider was alerted to a possible email account breach on July 3 when suspicious activity was detected in the email account. An investigation was immediately launched which confirmed...

Read More
Massive URL Spoofing Campaign Discovered Targeting 76 Universities
Sep04

Massive URL Spoofing Campaign Discovered Targeting 76 Universities

A massive URL spoofing campaign targeting 76 universities in 14 countries has been detected by security researchers at SecureWorks. The threat group known as Cobalt Dickens is believed to be behind the attack. The group is believed to operate out of Iran and is well known for conducting these types of attacks. The latest campaign has seen the hacking group create more than 300 spoofed websites on sixteen domains. Hosted on those...

Read More
Wombat Security Technologies Releases 2018 State of the Phish Report
Aug31

Wombat Security Technologies Releases 2018 State of the Phish Report

Wombat Security Technologies has released its 2018 State of the Phish Report – an analysis of data from tens of millions of simulated phishing attacks conducted through its Security Education Platform over the past 12 months. The report also provides insights on the current state of phishing from quarterly surveys sent to its customers, highlighting the frequency of phishing attacks on organizations, the impact those attacks are...

Read More
KnowBe4 Boosts Security Awareness Training Library with Twist & Shout Partnership
Aug26

KnowBe4 Boosts Security Awareness Training Library with Twist & Shout Partnership

The Tampa Bay, FL-based security awareness training and anti-phishing solution provider KnowBe4 has announced that it has formed a new strategic partnership with the content provider Twist & Shout. Twist & Shout Media has created security awareness campaigns for a wide range of companies, including Estee Lauder, Warner Bros, Barclays, Symantec and Verizon, as well as developing training content on covering business ethics and...

Read More
Cofense PhishMe Update Adds Further Opportunities for Automation of Phishing Simulation Campaigns
Aug24

Cofense PhishMe Update Adds Further Opportunities for Automation of Phishing Simulation Campaigns

Cofense has released another update to its product line, providing even more opportunities for automation of phishing simulation exercises. The benefits to be gained from conducting phishing simulation exercises are clear – They allow organizations assess the effectiveness of their security awareness and anti-phishing training programs and condition employees to report phishing threats in a safe environment. They also help security...

Read More
U.S. Companies Not Doing Enough to Prevent Phishing and Email Impersonation Attacks
Aug21

U.S. Companies Not Doing Enough to Prevent Phishing and Email Impersonation Attacks

IT professionals are well aware of the threat from phishing and email impersonation attacks, yet even though the risk of an attack is high, U.S. companies are not doing enough to prevent phishing and email impersonation attacks according to a recent survey of U.S. IT professionals. The survey was conducted by the Ponemon Institute on behalf of Valimail on 650 IT and IT security practitioners in the United States who play a role in...

Read More
38,000 Patient Health Records Exposed in Legacy Health Phishing Attack
Aug20

38,000 Patient Health Records Exposed in Legacy Health Phishing Attack

A phishing attack on the Portland, Oregon-based healthcare provider, Legacy Health, has resulted in the exposure and possible theft of 38,000 patients’ protected health information. The phishing attack was detected on June 21, although an investigation into the security breach revealed that access had first been gained to some employees’ email accounts several weeks earlier in May. An analysis of the compromised email accounts...

Read More
SharePoint Files Used to Harvest Office 365 Credentials
Aug19

SharePoint Files Used to Harvest Office 365 Credentials

A phishing campaign termed PhishPoint uses SharePoint files to steal users’ Office 365 credentials. Huge numbers of phishing emails are being sent to businesses that appear to be invitations to collaborate. Users are required to click the URL embedded in the email, which ultimately directs them to a malicious site where they are required to enter their Office 365 credentials. Those credentials are then captured by the attackers. The...

Read More
Major Phishing Attack Reported by Augusta University Health
Aug17

Major Phishing Attack Reported by Augusta University Health

Augusta University Health has experienced a phishing attack that has resulted in the unauthorized accessing of several employees’ email accounts. The substitute breach notice uploaded to the University of Augusta website indicates investigators determined on July 31, 2018 that email accounts containing the protected health information (PHI) of patients and personally identifiable information (PII) of employees had been compromised....

Read More
Industry First Security Awareness Practitioner Certification Offered by InfoSec Institute
Aug12

Industry First Security Awareness Practitioner Certification Offered by InfoSec Institute

Security awareness training for employees is now a vital part of any cybersecurity strategy, yet until recently there was no certification program available to confirmed proficiency in the creation and management of these vital training programs. The InfoSec Institute has addressed this problem with the launch of a boot camp. The boot camp provides essential training in this area and certifies that IT professionals have the necessary...

Read More
Scammers Claim to Have Webcam Footage of Users Watching Pornography
Aug09

Scammers Claim to Have Webcam Footage of Users Watching Pornography

A new variant of an old scam is currently gaining traction and is fooling many people into paying scammers money to avoid having sensitive information exposed. The scammers claim to have added malware to adult sites which has been downloaded onto a user’s computer. The malware is allegedly capable of taking full control of the webcam, which has been used to record a video of the user while they were visiting pornographic websites. The...

Read More
Cofense Named Finalist in Best SaaS Product for SMBs Category of SaaS Awards
Aug04

Cofense Named Finalist in Best SaaS Product for SMBs Category of SaaS Awards

The Software-as-a-Service Awards Program was launched in 2016 and is now in its third year. The SaaS Awards program is part of the Cloud Awards program which has been running since 2011. The purpose of the SaaS awards is to recognize innovative software solutions providers that have developed important products and services that help companies across a broad range of disciplines including accounting and finance, e-commerce, web...

Read More
Businesses Turn Employee Safety Solution into Phishing Alert System
Aug03

Businesses Turn Employee Safety Solution into Phishing Alert System

Fast action is required when cybersecurity threats are detected to limit the harm caused. When phishing emails are received, or ransomware or malware threats are detected in the email system, fast action can prevent a costly data breach. Many businesses are now turning to their employee safety solutions as an additional protection against phishing and to instantly notify staff of a cyberattack in progress. Mass Notification Systems...

Read More
AI-Assisted Virtual Security Analyst Added to Ironscales’ Advanced Threat Protection Platform
Aug02

AI-Assisted Virtual Security Analyst Added to Ironscales’ Advanced Threat Protection Platform

Ironscales, the Tel Aviv-based anti-phishing solution provider, has announced it has incorporated a new module into its advanced threat protection platform that helps security teams assess suspicious incoming emails more quickly to determine whether they are benign or malicious. When email threats are reported to security teams they must manually analyze the emails to find the real threats hidden among the false positives. That...

Read More
Spam Email Remains the Primary Attack Vector and Click Rates are Increasing
Aug01

Spam Email Remains the Primary Attack Vector and Click Rates are Increasing

Spam email is still the leading method of malware delivery according to a new report by cybersecurity company F-Secure. The reason is simple. It is relatively easy to bypass security defenses and deliver malicious messages to inboxes and end users are not particularly good at identifying malicious emails. Finding exploitable vulnerabilities is much harder by comparison. According to F-Secure’s figures, in the second half of 2017,...

Read More
Cofense Develops New SOAR Platform That Allows IRs to Block Phishing Attacks Even Faster
Jul31

Cofense Develops New SOAR Platform That Allows IRs to Block Phishing Attacks Even Faster

The leading anti-phishing solution provider Cofense has developed a new platform that detects and stops phishing attacks in progress even faster. The Cofense Phishing-Specific Security Orchestration, Automation and Response (SOAR) platform is the first such platform to come to market that has been specifically developed to identify and disrupt phishing attacks in progress. Cofense had already developed its innovative, multi-award...

Read More
UnityPoint Health Phishing Attack Exposed PHI of 1.4 Million Patients
Jul31

UnityPoint Health Phishing Attack Exposed PHI of 1.4 Million Patients

Another UnityPoint Health phishing attack has been discovered, and this time it is huge. Hackers have gained access to multiple email accounts which contained the protected health information of approximately 1.4 million patients. This incident is the largest healthcare data breach to be reported since August 2016 and the largest healthcare phishing incident reported since the HHS’ Office for Civil Rights started publishing summaries...

Read More
Most Clicked Phishing Emails in Q2, 2018
Jul24

Most Clicked Phishing Emails in Q2, 2018

Security training and phishing email simulation platform provider KnowBe4 has released a report on the most clicked phishing emails in Q2, 2018. If businesses provide security awareness training to their employees and train them how to recognize phishing and other malicious emails, click rates fall dramatically. Since a single response to a phishing email can result in a costly data breach, security awareness training is essential....

Read More
Convincing Phishing Campaign Targets Australian Businesses and Spreads DanaBot Trojan
Jul17

Convincing Phishing Campaign Targets Australian Businesses and Spreads DanaBot Trojan

A new phishing campaign has been detected that is spreading the DanaBot Trojan. The campaign involves phishing emails which appear to contain invoices from the Australian multinational corporation MYOB – a provider of tax and accounting services for small and medium sized businesses. The phishing campaign was detected by Trustwave researchers. The phishing emails are succinct and well written and advise the recipient of the invoice...

Read More
New AZORult Phishing Campaign Detected by Cofense
Jul09

New AZORult Phishing Campaign Detected by Cofense

Leading anti-phishing solution provider Cofense has detected a new AZORult phishing campaign. AZORult is an information stealer capable of stealing cookies, stored passwords, payment card information, autocomplete data stored in web browsers, Bitcoin wallet information, and email, FTP, and XMPP client credentials. The latest campaign uses malicious email attachments to spread a new variant of the malware. Version 3 of AZORult...

Read More
Cryptocurrency Investors Targeted with MacOs Malware on Slack and Discord
Jul03

Cryptocurrency Investors Targeted with MacOs Malware on Slack and Discord

Several MacOs malware attacks have been identified in the past few days with victims targeted via the Slack and Discord chat platforms. The attackers are targeting cryptocurrency investors and are posting messages on Slack and Discord groups linked to cryptocurrencies. This is an impersonation attack in which admins and key personnel are being impersonated, with users advised to run a script that downloads a malware variant named...

Read More
Phishing Incident Reported by Trezor Wallet
Jul03

Phishing Incident Reported by Trezor Wallet

Trezor, the multi-cryptocurrency wallet service, has announced it has been targeted in a phishing campaign that has seen some users of its service redirected to a malicious website in an attempt to obtain their credentials. Trezor became aware of the phishing campaign when the company started to receive complaints from its users about an invalid Secure Sockets Layer (SSL) certificate on the site. Users who were directed to the fake...

Read More
ZeroFont Phishing Attack Bypasses Microsoft Office Security Feature
Jun21

ZeroFont Phishing Attack Bypasses Microsoft Office Security Feature

The ZeroFont phishing attack allows phishers to bypass anti-spam controls and ensure their emails are delivered to end users inboxes. ZeroFont Phishing Cybercriminals are constantly developing new ways to bypass anti-spam technologies, one of which has been uncovered by security researchers at the cloud security company Avanan. The technique, termed ZeroFont phishing, allows phishers to get their messages past Microsoft Office 365...

Read More
World Cup Wallchart Phishing Scam Detected
Jun19

World Cup Wallchart Phishing Scam Detected

Security researchers at Check Point have uncovered a World Cup wallchart phishing scam that is being used to deliver malware to soccer fans’ devices. The campaign involves specially crafted email messages with the subject line: World_Cup_2018_Schedule_and_Scoresheet_V1.86_CB-DL-Manager. Email recipients are encouraged to open and install a malicious FIFA World Cup schedule and results checker that is attached to the email. The email...

Read More
RansomCloud Attack Encrypts Cloud-Based Emails
Jun14

RansomCloud Attack Encrypts Cloud-Based Emails

Ransomware may be more commonly used to encrypt files on business networks, although that does not mean consumers are in the clear. Cybercriminals may target businesses due to the higher potential rewards for a successful attack, although a new ransomware strain has been developed that highlights how vulnerable consumers are to ransomware attacks. In this case, the ransomware strain was developed by a white hat hacker as a proof of...

Read More
Department of Justice Announces Arrest of 74 Business Email Compromise Scammers
Jun12

Department of Justice Announces Arrest of 74 Business Email Compromise Scammers

A coordinated law enforcement effort involving the FBI, U.S Departments of Justice, Homeland Security, Treasury, the US Postal Inspection Service, and law enforcement agencies in Canada, Mauritius, Poland, Indonesia, Malaysia, and Nigeria has resulted in 74 business email compromise (BEC) scammers and associated criminals being arrested. The joint law enforcement effort – called Operation Wire Wire – was conducted over a period of 6...

Read More
Spammers Use iqy Files to Deliver Remote Access Trojan
Jun11

Spammers Use iqy Files to Deliver Remote Access Trojan

Macros have long been favored by cybercriminals as a method of installing malware. The macros launch VB, JavaScript and PowerShell scripts that download malware. Due to potential threat, security teams often disable macros or at least configure end points to require macros to be manually enabled by end users. The risk of running macros is also usually covered in security awareness programs. It is now harder for cybercriminals to...

Read More
InfoSec Institute Now Has Largest Library of Security Awareness Training Content
Jun06

InfoSec Institute Now Has Largest Library of Security Awareness Training Content

At the recent Gartner Security & Risk Management Summit 2018, the InfoSec Institute announced that its library of security awareness training content is now the largest collection of content provided by any security awareness training company. The SecurityIQ AwareEd library consists of standard CBT training modules covering the full range of email-based and web-based threats. CBT training is accompanies by video training content,...

Read More
May Saw Massive Increase in TSB Phishing Scams
Jun05

May Saw Massive Increase in TSB Phishing Scams

There has been a massive increase in TSB phishing scams over the past month. In April, TSB bank transitioned to a new core banking system. Previously, TSB data had been on a system provided by Lloyds, although following the takeover by Spanish bank Banco Sabadell, data needed to be moved to its banking system. When customer accounts were transferred to the new system, many customers were locked out of their accounts. The outage lasted...

Read More
Hackers Potentially Had Access to 42,000 Patients Health Data for a Month After Phishing Attack
May28

Hackers Potentially Had Access to 42,000 Patients Health Data for a Month After Phishing Attack

The Ohio Healthcare Provider Aultman Health Foundation has discovered some of its employees have been duped by a phishing attack that resulted in the threat actors behind the campaign gaining access to several email accounts. A phishing attack was detected on March 28, prompting a full investigation of the breach. The investigation revealed some employees had fallen for the phishing scam in mid-February. Further accounts were then...

Read More
Agari: Business Email Compromise the Most Lucrative Form of Email Attack
May23

Agari: Business Email Compromise the Most Lucrative Form of Email Attack

A report from the email security vendor Agari provides new insights into the tactics used by cybercriminal groups to conduct email attacks and the extent of global email fraud. While many email-based attack methods are used, business email compromise (BEC) is the most lucrative for criminals and BEC attacks are the costliest for companies. The Agari report was released days after the FBI published figures on the cost of Internet crime...

Read More
$875,000 Settlement Agreed in W-2 Phishing Scam Lawsuit
May18

$875,000 Settlement Agreed in W-2 Phishing Scam Lawsuit

A class-action lawsuit stemming from a W-2 phishing scam that saw an employee of the respiratory therapy supplier Lincare Inc., send the W-2 Forms of employees to a scammer has been settled for $875,000. As is typical with these types of Business Email Compromise (BEC) attacks, the scammer pretended to be a senior executive and sent an email to an employee of the HR department requesting W-2 information for the company’s employees....

Read More
InfoSec Institute Named in 2018 Gartner Peer Insights Customers’ Choice for Security Awareness CBT
May17

InfoSec Institute Named in 2018 Gartner Peer Insights Customers’ Choice for Security Awareness CBT

The InfoSec Institute has developed an extensive library of training material on cybersecurity and helps security professionals attain qualifications to improve their career prospects. The company has also developed a platform for businesses to use to improve their defenses against phishing attacks and other threats that target employees. The firm’s SecurityIQ training platform combines an extensive library of training material and a...

Read More
ADT Now Offering Cofense Phishing Detection and Response Capabilities to Customers
May17

ADT Now Offering Cofense Phishing Detection and Response Capabilities to Customers

Cofense has announced a new partnership with the security monitoring and interactive home and business automation solution provider ADT. Boca Raton, FL-based ADT is a leading provider of automation and security solutions to enterprises and medium-sized businesses throughout the United States and Canada. The firm helps businesses to detect and respond to cyberthreats in real-time, speeding up the mitigation of attacks to minimize...

Read More
GDPR Phishing Scam Targets Airbnb Customers
May16

GDPR Phishing Scam Targets Airbnb Customers

A GDPR phishing scam has been detected targeting Airbnb customers. The GDPR-themed scam requests customers of the home-sharing website must re-enter their contact information and credit card details in order to comply with the EU’s General Data Protection Regulation that comes into force on May 25, 2018. The scammers are taking advantage of the high volume of emails currently being sent by companies as part of their GDPR compliance...

Read More
Vega Stealer Malware Harvesting Credentials from Web Browsers
May14

Vega Stealer Malware Harvesting Credentials from Web Browsers

A new variant of August Stealer – named Vega Stealer – is being distributed in small phishing campaigns targeting marketing, advertising, and PR firms and the retail and manufacturing industries. While the campaigns are highly targeted, the malware could potentially be used in much more widespread campaigns and become a major threat. Vega Stealer does not have the same range of capabilities as its predecessor, although it does include...

Read More
Cofense Announces Major Expansion of its Technology Alliance Program
May10

Cofense Announces Major Expansion of its Technology Alliance Program

Cofense (Formerly PhishMe) has announced it has made major enhancements to its phishing incident response platform – Cofense Triage – to help its customers reduce dwell time and respond more quickly to phishing attacks. The updates are in addition to more than 10 new technical integrations into its phishing defense platform, which have helped cement its position as the leading provider of human-driven phishing defense solutions. The...

Read More
Does Two-Factor Authentication Protect Businesses from Phishing Attacks?
May08

Does Two-Factor Authentication Protect Businesses from Phishing Attacks?

Two-factor – or multi-factor – authentication is a simple control that makes it harder for unauthorized individuals to gain access to accounts and sensitive data. Rather than just use a single factor for authentication such as a password, an additional factor is required, usually something an individual has. This could be a card reader, which is often used by banks for verifying the identify of an individual who wants to make a...

Read More
2018 Phishing Trends & Intelligence Report
May06

2018 Phishing Trends & Intelligence Report

Security awareness and anti-phishing vendor PhishLabs has released its 2018 Phishing Trends & Intelligence Report. The report shows there has been a marked change in attacks, with enterprises now being targeted rather than individuals. This comes as no surprise as the potential rewards for a successful attack on an enterprise are considerably higher than attacks on individuals. Enterprises are more likely to pay ransom demands and...

Read More
Ironscales Announces Introduction of Non-Blocking Cloud-Native API Deployment
May05

Ironscales Announces Introduction of Non-Blocking Cloud-Native API Deployment

Ironscales has announced its automated phishing defense platform can now be used to protect organizations without the need for any physical plugins, thanks to its new non-blocking cloud-native API deployment, which has been made available for all of its anti-phishing modules. The new option is ideally suited to businesses that have moved their email services to the cloud and are looking for an easy-to-implement solution that offers...

Read More
TitanHQ Integrates WebTitan Web Filter into Kaseya IT Complete Suite
May04

TitanHQ Integrates WebTitan Web Filter into Kaseya IT Complete Suite

TitanHQ has announced its powerful web filtering solution – WebTitan – is now fully integrated into the Kaseya IT Complete Suite, making it easier for MSPs to start offering content filtering to their clients. WebTitan is a 100% cloud-based web filtering solution that allows businesses to carefully control the web content their employees can access. In addition to restricting access to productivity-draining and NSFW...

Read More
Wombat Security Releases 2018 Beyond the Phish Report
May03

Wombat Security Releases 2018 Beyond the Phish Report

The Beyond the Phish Report from Wombat Security provides valuable insights into the state of security awareness across different industry sectors. For the report, Wombat Security analyzed the responses to almost 85 million questions and answers collected from employees of its customers across 16 industry sectors. The questions covered 12 different categories including protecting confidential information, safe use of passwords,...

Read More
What are the Most Clicked Phishing Emails?
May02

What are the Most Clicked Phishing Emails?

KnowBe4 has released a quarterly report that reveals the most clicked phishing emails in Q1, 2018 – The emails that are proving to be the most effective at fooling employees into clicking hyperlinks and opening potentially malicious email attachments. The data from the report came from responses to phishing simulation emails delivered through its training platform. The simulated phishing emails mirror messages observed in real world...

Read More