For quite some time now, phishing has been a preferred method for malicious hackers to gather from users the information that allowed them to penetrate systems. The surge in use of social networks is now making their job even easier; scores of personal details, photos, videos, ideas and posts of any kind are available often even publicly. Phishing atta

Have you ever unknowingly opened and responded to a phishing email or fallen victim to a phishing attack? A recent report by Frost & Sullivan titled “You’ve Been Phished, Again! Solution: Eliminate the Click-It Temptation,” discussed just how susceptible we all are to these fraudulent attacks and what can be done to avoid them. How Do P

After the Hurricane Harvey hit Texas causing deaths and destructions, authorities are warning of potential Phishing Scams. The US CERT is warning of Potential Hurricane Harvey phishing scams, the experts fear crooks may start using malicious emails purportedly tied to the storm.  “US-CERT warns users to remain vigilant for malicious cyber activity

The Ropemaker attack allows hackers to turn an apparently harmless email into a malicious one after it has already been delivered to the victim’s inbox? What about a technique that could allow an attacker to turn an apparently harmless email into a malicious one after it has already been delivered to the victim’s email inbox? The technique exist

Gone are the days of the Nigerian prince promising fortune to unsuspecting email recipients. Attackers have stepped up their phishing game and evolved their tactics to entice employees to click links or open attachments, preying on the opportunity to spread persistent malware or compromise credentials. These threat actors relentlessly target employees — both

Spam: quarterly highlights Delivery service Trojans At the start of Q2 2017, we registered a wave of malicious mailings imitating notifications from well-known delivery services. Trojan downloaders were sent out in ZIP archives, and after being launched they downloaded other malware – Backdoor.Win32.Androm and Trojan.Win32.Kovter. The usual trick of present

Just a quick post about an interesting file found in a phishing kit. Bad guys use common techniques to prevent crawlers, scanners or security companies from accessing their pages. Usually, they deploy a .htaccess file to achieve this. Today, I found a phishing kit related to a bank (ANZ) with such protection. But, in this case, the attackers took the time to

IBM X-Force Kassel is a research team that operates massive spam honeypots and monitoring, gleaning data from billions of unsolicited emails every year. With such large amounts of spam coming in, we can more easily map trends. We looked at one recently when analyzing the spammer’s workweek. Our goal in this analysis was to delve into six months of data

Developer accounts of popular chrome extensions being hijacked by cyber criminals, over 4.7 million users are at a risk of cyber attack. Over 4.7 million users could be at risk after being exposed to malicious adverts and credentials theft due to developer accounts of popular chrome extensions being hijacked by cyber criminals. A phishing campaign run by Cyb

Layered schemes are used in most information security strategies, and it is essential to establish a similar approach to protecting the organization from unwanted email. In fact, spam and phishing are some of the biggest problems IT security managers face today. According to LinkedIn’s “2017 Cybersecurity Trends Report,” phishing attacks ar

To fight phishing attacks, Google has introduced a security measure for its Gmail app for iOS that will help users identify and delete phishing emails. Phishing continues to be one of the most dangerous threats, crooks continue to devise new techniques to trick victims into providing sensitive information. The technique is still the privileged attack vector

George is in his office responding to his morning emails when he notices an unusual message. The subject is concise: “Security Alert”. Obviously, he wants to know what’s going on. He opens it, reads the first paragraph to see what the problem is, then clicks the link ostensibly taking him to the company page where he will have to confirm his data

This week’s SecurityIQ feature release includes several exciting new capabilities for improved functionality. Updates include data-housing capabilities for European clients, improved reporting tools and simplified language preference management. Read on for complete release details. Download the complete SecurityIQ features overview.Increased Learner-P

Traditionally, BEC attacks have used keyloggers to steal saved account information from target machines. However, using an executable file for the attachment usually flags a user not to click them as there is a high chance that the file is malicious. As a result, we’ve seen a trend wherein the attached files are no longer executable files but HTML pages: Fi

How can you protect yourself against phishing? Email is one of the most popular ways people stay in touch, for both at work and at home. One report found that there were 205 billion emails sent every day in 2015 – and this is expected to rise to 246 billion by 2019. Much of our day-to-day business is conducted online now – take banking for instance. Many ban