Spear Phishing Attacks are moving to LinkedIn
However, things might have become more dangerous because these job offers are now the target of cyber criminals. Early this week, security firm eSentire warned LinkedIn users of a new Spear Phishing attack.
Who Trains the Teacher on Phishing?
A new report by the K-12 Cybersecurity Resource Center found that publicly disclosed cybersecurity incidents affected 377 school networks in 40 states in 2020, with 36% percent of the incidents identified as data breaches or leaks.
New & Updated Phishing Email Templates
Over the past few weeks, we have been overhauling our phishing email template library.
Local Election Officials Targeted with Suspicious Email
A report in the Wall Street Journal on October 26th described incidences of election officials within the U.S. at the local level being sent suspicious emails which appear to be purposefully targeting them due to their position within their states.
CenturyLink Suffers Major Outage Affecting 3.5% of the Internet
On Sunday August 30th, 2020 CenturyLink suffered a major outage which affected numerous internet companies including Amazon, Twitter, Microsoft via Xbox Live, EA, Blizzard, Steam, Discord, Reddit, Hulu, NameCheap, OpenDNS, and many others.
New Experiment in Google Chrome to Fight Back Against Phishing Websites
The developers behind the Google Chrome browser have announced in a blog post that they will begin testing a new way to help defend against the increasing threat of phishing attacks.
New Research Finds That 7.42% Of Victims Who Visit Phishing Sites Supply Their Credentials
In a new report from the combined efforts of Arizona State University, PayPal. Google, and Samsung, researchers found that at least 7.42% of victims who visit phishing pages input their credentials and experience fraudulent transactions.
LastPass Customers Receive Phishing Email In Attempt to Steal Master Password
In an effort to inform and defend customers, LastPass warned that there had been reports of a Phishing email that was being sent to users using the LastPass platform.
Microsoft Warns About Consent Phishing Applications
A new post by the Microsoft security team warns about a new type of phishing attack vector targeting users. Consent Phishing, as they refer to it as, targets users by asking for an egregious amount of permissions from Single-Sign-On applications.
New Phishing Attempt on Instagram for Fake Copyright Violations
Instagram users should be on the lookout for fake copyright notices that have emerged as a new way to try and phish people into handing over the credentials of their accounts.
Office 365 Users Targeted with Hijacked Oxford Servers using Samsung and Adobe links
European users of Office 365 have been targeted with phishing emails sent from seemingly legitimate sources using hijacked Samsung's Adobe Campaign marketing redirect mechanism to send missed voicemail emails appearing to come from Oxford.
Phishing Email Impersonating Black Lives Matter Promotes TrickBot Malware
A new phishing campaign has been targeting people with a fake email claiming to vote anonymously about Black Lives Matter while it actually spreads the TrickBot information-stealing malware.
GitLab Employees Had a 59% Failure Rate in a Recent Phishing Test
59% of GitLab employees who were tested in a recent phishing campaign and clicked on a suspicious link failed by putting in credentials. Even highly tech focused companies such as GitLab have a severe failure rate that can have a significant impact.
User Credential Theft Prevention
Social engineering is the process of attacking the human, or employee, rather than the technology directly. Through social tactics, an employee is tricked into performing an action, such as installing malicious software or performing a transaction.
Anti-Phishing Security Control Checklist
This anti-phishing checklist outlines key controls that help to prevent phishing, improve phishing detection, and minimize the impact from phishing.
Verizon Data Breach Investigations Report (DBIR) - 2019
The Verizon Data Breach Investigations Report (DBIR) provides valuable information on the threats facing organizations today. The DBIR is produced by Verizon with a collaboration of many security entities.
Ten Steps to Creating a Phishing Awareness Campaign
The following slideshare, authors Christopher Hadnagy and Michele Fincher outline ten steps to creating a phishing awareness campaign for an organization. PhishingBox provides the tools needed to easily implement such a program.
Social Tactics Remain a Significant Threat
Social tactics includes phishing and other related social engineering activities. Basically, social tactics are methods used to penetrate an organizationâs cybersecurity defenses by attacking the human.
What is the phishing failure rate by industry?
Employee security awareness should include phishing prevention training. This training should include phishing simulation. However, what is an expected phishing failure rate? The following article outlines phishing failure rates by industry.
Internet Security Threat Report (ISRT) - 2019
The Symantec Internet Security Threat Report (ISRT) for 2019 is continues to provide valuable information for the security professional. This annual security report provides key statistics that outline cybersecurity risks experienced by various orga