Threat trends, product updates, and security insights from the PhishingBox team.
In a new report from the combined efforts of Arizona State University, PayPal, Google, and Samsung, researchers found that at least 7.42% of victims who visit phishing pages input their credentials resulting in compromised accounts and experience fraudulent transactions as a result.
In an effort to inform and defend customers, LastPass warned that there had been reports of a Phishing email that was being sent to users using the LastPass platform.
A new post by the Microsoft security team warns about a new type of phishing attack vector targeting users. Consent Phishing, as they refer to it as, targets users by asking for an egregious amount of permissions from Single-Sign-On allowing the bad actors to abuse the accounts they have been granted access to.
Instagram users should be on the lookout for fake copyright notices that have emerged as a new way to try and phish people into handing over the credentials of their accounts. As reported by
As reported by Checkpoint Research, European users of Office 365 have been targeted with phishing emails sent from seemingly legitimate sources after bad actors hijacked Samsung's
As is common with real phishing campaigns, bad actors are using current events to take advantage of people and trick them into opening malicious emails.
GitLab.com recently performed a spear phishing campaign where they targeted 50 of their employees in an attempt to see how vulnerable their team members were to phishing attacks. Using the domain "gitlab.company" and GSuite to deliver emails, those targeted were asked to click on a link to accept an upgraded Laptop from their IT department.
Social engineering is the process of attacking the human, or employee, rather than the technology directly. Through social tactics, an employee is tricked into performing an action,