28 Aug 2019

New Threat Group Targets Middle East

Hackers belonging to a threat group dubbed LYCEUM (aka HEXANE) have been launching attacks on organizations in the oil and gas sector since May of this year, new research by SecureWorks shows. This campaign primarily targets firms located in the Middle East, but LYCEUM has been active since April of

Read More
27 Aug 2019

IRS Warns of New Imposter Scam That Spreads Malware

The IRS is warning taxpayers about a phishing campaign in which threat actors are masquerading as IRS agents. The scammers are distributing emails made to look like official IRS messages. Recipients are urged to click on a malicious link in order to download documents with information about their tax refunds.

Read More
26 Aug 2019

Instagram Phishing Emails Use Fake Login Warning Baits

Threat actors are targeting Instagram users with a relatively believable phishing scam that warns people about login attempts for their account and urges them to confirm their identity by entering what looks like a two-factor authentication (2FA) code on a sign-in page for which the URL has been provided. If

Read More
23 Aug 2019

Microsoft Tops Phishers’ Favorite Brands as Facebook Spikes

Microsoft remains the most impersonated brand in phishing attacks despite a 6.8% decline in unique Microsoft phishing URLs in the second quarter of this year, a new report by Vade Secure shows. PayPal clinched second place and Facebook completed the top three thanks to a 155% surge in campaigns spoofing

Read More
23 Aug 2019

Alaska Had the Most Cybercrime Victims Per Capita in 2018

New data by CenturyLinkQuote shows that residents of Alaska are more likely to fall for Internet scams than people in other parts of the country. With 22  cybercrime victims per 10,000 residents, The Last Frontier tops the ranking for the second year in a row. The numbers are based on

Read More
15 Aug 2019

Financial Phishing Grows in Volume and Sophistication in First Half of 2019

In the first half of this year, the number of potential phishing domains increased by 14%, while phishing domains with valid certificates doubled to 1,900, a new study[pdf] by Normshield found. Last year, 8.5% of phishing domains used a valid certificate and this number is expected to grow to 15% this

Read More
15 Aug 2019

Lateral Phishing Attacks: A Growing Threat to the Enterprise

A new study by Barracuda sheds light on the rise of lateral phishing campaigns in which one or more compromised employee accounts in an organization are used to target other employees in the same organization. Lateral phishing is similar to business email compromise (BEC), but while the latter is usually

Read More
13 Aug 2019

Security warning for software developers: You are now prime targets for phishing attacks

A new report by Glasswall shows that nearly half of all phishing attacks target the technology sector, with software developers being the most likely targets. The main of phishing campaigns that target tech firms is usually theft of intellectual property. These attacks can be carried out on behalf of companies,

Read More
12 Aug 2019

Why remote workers are an underrated security risk for small businesses

A mere 4% of small businesses in the United States have fully adopted the cybersecurity best practices outlined by the US Small Business Administration (SBA), a new report by Nationwide found. Around 20% of small businesses in the survey did not train employees about cybersecurity at all. Most small business

Read More
12 Aug 2019

Phishing emails: Here’s why we are still getting caught out after all these years

New figures from Google help to explain why phishing attacks, which have been around for decades, are still a massive threat. Every day Google blocks over 100 millions phishing emails, about two-thirds (68%) of which are new campaigns. Phishing campaigns target users in certain sectors far more often than regular

Read More