10 Jun 2022

Phishing Hits All-Time High in Q1 2022

Researchers report that the first quarter of 2022 saw an unprecedented number of phishing attacks. The Anti Phishing Working Group (APWG) reported that the number of phishing attacks during the first quarter reached one million for the first time. The APWG, law enforcement, and government coalition collaborated in the new

Read More
07 Apr 2022

Attackers Spoof WhatsApp Voice-Message Alerts to Steal Info

Threat actors have targeted both Microsoft Office 365 and Google Workspace in a new campaign that leverages a legitimate domain associated with a road-safety organization in Moscow to distribute messages. The attackers are spoofing voice message notifications from WhatsApp in the malicious phishing campaign. Their ultimate goal is to trick

Read More
08 Mar 2021

US Warns of Fake Unemployment Benefit Websites

On March 5, the US Justice Department issued a warning informing the public that cyber-criminals have launched a campaign impersonating state workforce agencies in an attempt to lure in unemployed Americans and steal personal data. The Justice Department published the advisory after several reports that threat actors had been creating

Read More
25 Feb 2021

Microsoft Lures Populate Half of Credential-Swiping Phishing Emails

According to a Tuesday report by Cofense, cybercriminals are increasingly using Microsoft services such as Outlook, Teams, and Office to launch themed phishing attacks and steal credentials from their targets. According to Cofense, almost half of phishing attacks in 2020 aimed to steal Microsoft credentials using lures related to the

Read More
29 Dec 2020

Phishers Spoof New York Department of Labor

Scammers were able to spoof the New York Department of Labor, sending out emails to thousands of residents from the domain “noreply@labor.ny .gov,” claiming to be sending Covid-19 relief money. The emails bear the NY state logo and capitalize on struggling Americans seeking to claim Covid-19 stimulus checks. The email

Read More
04 Feb 2020

British Charity Loses Over $1m in Domain Spoofing Scam

A UK based community housing charity lost over $1million in a domain spoofing and contractor impersonation scam, announcing its loss on Tuesday of this week. The charity, Red Kite Community Housing, stated that it had been a victim to a scam in which cybercriminals posed as service providers to steal

Read More
16 Dec 2019

Over 100 Phishing Sites Spotted in Global Government Campaign

According to the security vendor Anomali, sources of domains and over 120 phishing sites have been detected as involved with a major global campaign that is targeting government procurement services. Anomali stated that the credential harvesting campaign consisted of spoofed sites for international government departments as well as spoofed email

Read More
01 Apr 2019

90% of large tech companies vulnerable to email spoofing

A new Valimail survey shows that the vast majority of organizations have not properly implemented open standards for email authentication, leaving 90% of firms vulnerable to spam and phishing attacks involving email spoofing. According to the survey, only 49% of companies keep Domain-based Message Reporting, Authentication & Conformance (DMARC) records,

Read More