Recently, attackers have formulated fake sexual harassment complaints that appear to come from the U.S. Equal Employment Opportunity Commission to disperse TrickBot malware, which targets financial data and acts to deploy other malware. This spearphishing campaign utilizes social engineering tactics to convince targets into exposing sensitive information. The customized phishing

A new report by Vade Secure indicates that PayPal was the most impersonated brand in phishing attacks last quarter, which is rather surprising since Microsoft usually dominates these campaigns. PayPal-themed phishing URLs have been on the rise in the past year and in Q3 they surged by 69.6%. By contrast,

In the third quarter of this year, phishing campaigns were more prevalent than in any other quarter since Q4 of 2016, according to a new report by APWG. The number of phishing domains surged by 46% compared to last quarter. Threat actors not only launched more phishing campaigns, but they also

Threat actors are increasingly leveraging Google Analytics and other web analytics tools in order to optimize their phishing campaigns, a recent Akamai study reveals. Attackers use these tools in order to keep track of “technical markers, like browser identification, geo-location, and operating system,” that “can help adjust the phishing website’s

A new report[pdf] by Europol identifies spear phishing, i.e. targeted phishing, as the top threat to organizations in European Union (EU) member states. According to the study, spear phishing is the most common attack vector used by cybercriminals to compromise organizations. Steven Wilson of Europol’s European Cybercrime Centre added that

A new survey by Avertium shows that as many as 39% of organizations are under-prepared to respond to a data breach, and about three in four are having difficulty dealing with the rising number of increasingly sophisticated cyber threats, as well as the growing complexity of the cyber tech stack.

A new report by Akamai shows that the most popular companies targeted in phishing campaigns are Microsoft, PayPal, DHL, and Dropbox, which together accounted for 42.63% of all observed phishing domains. Microsoft, which accounted for 21.88% of domains alone, is highly popular among cybercriminals selling Phishing as a service (PaaS)

McAfee researchers have uncovered a phishing campaign that targets major enterprises with fake voicemail messages. Since the targeted individuals include company executives, the researchers suggest that the the attack could be considered “whaling.” The phishing emails impersonate Microsoft and inform users about a missed call. The message includes an HTML

A recent study by Check Point predicts some of the major cybersecurity trends that will shape 2020. In terms of threats, the firm projects that 5G will play a major role in increasing the attack surface because it is bound to lead to a surge in Internet-of-things devices as well

A recent report by Cofense shows that in the third quarter of this year, the most common technique for distributing malware via phishing campaigns is the exploitation of CVE-2017-11882, a critical flaw in Microsoft Office that was patched in 2017, but has been around for almost two decades. Attackers embed