Manipulation tactics that you fall for in phishing attacks
It’s 6 p.m. on a Friday. Just as you finish packing up for the day, an email from your boss pops up on your phone asking why an urgent payment didn’t go out earlier in the …
Tech support scammers leverage “evil cursor” technique to “lock” Chrome
Tech scammers are constantly coming up with new techniques to make users panic and seek their bogus services. The latest one, documented by Malwarebytes researchers, has been …
Attackers playing into users’ commitment to security continue to sail through defenses
KnowBe4 shared its Top 10 Global Phishing Email Subject Lines for Q2 2018. The messages in the report are based on simulated phishing tests users received or real-world emails …
The evolution of email fraud: Risks and protection tips
Marc Chouinard is Email Security Operations Lead at Vircom, an email security vendor based in Montreal, Canada. He has established a reputation as a no-nonsense leader in …
BEC scams and real estate deals: How to protect yourself?
Despite constant warnings by law enforcement and industry organizations, BEC scammers continue to fleece companies. They target small, medium, and large business and personal …
Microsoft tops list of brands impersonated by phishers
The number one brand spoofed by phishers in Q2 2018 in North America was Microsoft, says email security company Vade Secure. The company credits the surging of adoption of …
Magecart presents an unprecedented threat: Here’s what you can do
Recently we learned that the previously disclosed Ticketmaster UK breach from a few weeks ago was not a one-off event but instead part of a widespread website digital credit …
Ticketmaster breach part of massive credit card skimming campaign
RiskIQ researchers have discovered that the recent breach of Ticketmaster was not a one-off event as initially reported, but part of a massive digital credit card-skimming …
Office 365 users targeted by phishers employing simple HTML tricks
Phishers are using a simple but effective trick to fool Microsoft’s NLP-based anti-phishing protections and Office 365 users into entering their login credentials into …
BackSwap Trojan exploits standard browser features to empty bank accounts
Creating effective and stealthy banking malware is becoming increasingly difficult, forcing malware authors to come up with innovative methods. The latest creative burst in …
How a URL shortener allows malicious actors to hijack visitors’ CPU power
URL shorteners are often used by malware peddlers and attackers to trick users into following a link they otherwise wouldn’t. But Coinhive’s URL shortener carries …
The operations and economics of organized criminal email groups
Nine of the 10 captured organized criminal email groups operate out of Nigeria, they all leverage a multitude of attack methods, and business email compromise (BEC) is far …