Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. A screenshot of the phishing domain privatemessage dot net.

Phishing 303

Phishing Cryptocurrency DDOS Internet 303

Troy Hunt

MARCH 30, 2025

On that note, stay tuned for the promised "Passkeys for Normal People" blog post, I hope to be talking about that in next week's video (travel schedule permitting).

Phishing 243

Phishing Data breaches Scams 243

eSecurity Planet

OCTOBER 28, 2024

We’ll also look at increased phishing attacks, a couple of different Cisco flaws, and a Fortinet vulnerability that took some time to get its own CVE. Netskope Reports Increase in Webflow Phishing Pages Type of attack: Phishing and subsequent credential theft. webflow.io, which indicates a phishing site.

Phishing 102

Phishing Authentication Software VPN 102

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 243

Phishing Passwords Hacking Insurance 243

The Last Watchdog

JULY 14, 2022

Phishing itself is not a new or a particularly complicated threat. But the emergence of advanced phishing techniques – “DeepSea Phishing” – poses an entirely new challenge for enterprises. The financial impact of phishing attacks quadrupled over the past six years, with the average cost for U.S. companies rising to $14.8

Phishing 277

Phishing Education Cybersecurity Threat Detection 277

Duo's Security Blog

JUNE 25, 2025

Rolling out phishing resistant authentication is critical, but many organizations struggle with the complexity and cost of deploying hardware-based solutions like security keys at scale, all while trying to stay ahead of modern phishing attacks. Head to our phishing prevention page or check out our editions data sheet.

Phishing 64

Phishing Authentication Mobile Engineering 64

Digital Shadows

JANUARY 22, 2025

In this blog, well preview the reports highlights and give insights into social engineering campaigns leveraging impersonating domains and our predictions for the threats shaping 2025. Use early detection tools like honeypots or CanaryTokens to counter attackers using tools like Nmap and Angry IP Scanner.

Insurance 65

Insurance Phishing Social Engineering Engineering 65

Duo's Security Blog

JUNE 19, 2025

Phishing-resistant MFA is the answer, but—it’s been notoriously difficult to implement at scale for all workers and all use cases. At Duo, we’re working to make phishing-resistant authentication not only the strongest defense against identity-based attacks, but also easy to deploy and manage. In fact, they’ve come to expect it.

Phishing 64

Phishing Social Engineering Authentication Engineering 64

Krebs on Security

FEBRUARY 3, 2022

This search via Urlscan reveals dozens of recent phishing attacks that have leveraged the Slinks feature. A recent phishing site that abused LinkedIn’s marketing redirect. A recent phishing site that abused LinkedIn’s marketing redirect. Urlscan also found this phishing scam from Jan. Image: Urlscan.io.

Phishing 361

Phishing Marketing Scams Accountability 361

Duo's Security Blog

OCTOBER 18, 2023

Once delivered, a phish typically wants to invoke emotion and prey on our natural desires to act and help fix a problem, such as “you have to do X, or else X will happen”. Phishing requires you to act with a specific set of instructions Don’t engage and trust nothing. Look beyond the email sender and website URLs used.

Phishing 145

Phishing Security Awareness Software Media 145

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. Image: Cloudflare.com. 2, and Aug.

Phishing 347

Phishing Mobile Authentication Accountability 347

Security Boulevard

FEBRUARY 2, 2025

Attackers are capitalizing on public interest in these historical documents to launch potential malware campaigns, phishing schemes, and exploit attempts. Our research indicates that cybercriminals are quick to react to major public events, and [] The post Hackers Hijack JFK File Release: Malware & Phishing Surge appeared first on VERITI.

Phishing 72

Phishing Malware Cyber threats 72

Thales Cloud Protection & Licensing

JANUARY 31, 2025

Level Up Your Security: Embrace Passkeys and Phishing-Resistant 2FA andrew.gertz@t Fri, 01/31/2025 - 15:17 Celebrate Change Your Password Day and 2FA Day by embracing passkeys and phishing-resistant 2FA. of automated attacks and dramatically reduces the success of phishing attempts. Why Use Passkeys?

Phishing 62

Phishing Passwords Password Management Authentication 62

Malwarebytes

JANUARY 15, 2025

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? Figure 12: The actual phishing page that follows Finally, all the data is combined with the username and password and sent to the remote server via a POST request.

Advertising 129

Advertising Accountability Phishing Scams 129

ZoneAlarm

NOVEMBER 18, 2024

This sophisticated phishing campaign used professional designs and search engine manipulation to target unsuspecting shoppers worldwide. These fraudulent websites … The post Fraud Network Operates 4,700 Fake Shopping Sites to Steal Credit Card Data appeared first on ZoneAlarm Security Blog.

Phishing 93

Phishing Engineering Cybersecurity Data privacy 93

Graham Cluley

AUGUST 28, 2024

A phishing exercise conducted by the IT department of the University of California Santa Cruz (UCSC) has backfired, after causing unnecessary panic amongst students and staff. Read more in my article on the Hot for Security blog.

Phishing 130

Phishing 130

Webroot

MAY 5, 2025

Phishing attacks are a significant threat to consumers, with cybercriminals constantly evolving their tactics to deceive unsuspecting individuals. The integration of artificial intelligence (AI) into phishing schemes has made these attacks even more sophisticated and challenging to detect. How AI enhances phishing attacks 1.

Phishing 62

Phishing Antivirus Education Artificial Intelligence 62

Troy Hunt

OCTOBER 28, 2020

Everything becomes clear(er) if I manually change the font in the browser dev tools to a serif version: The victim I was referring to in the opening of this blog post? Obviously, the image is resized to the width of paragraphs on this blog, give it a click if you want to check it out at 1:1 size. Poor Googie! More on that soon.

Phishing 364

Phishing Password Management Passwords Internet 364

The Last Watchdog

NOVEMBER 29, 2022

A new development in phishing is the “nag attack.” Nag attacks add to the litany of phishing techniques. Over the years, endless phishing variants have emerged, including: •Bulk phishing. Spear phishing. One must admire the ingenuity of cybercriminals. Related: Thwarting email attacks. Human nature.

Phishing 214

Phishing Social Engineering Scams Software 214

Heimadal Security

FEBRUARY 28, 2025

Phishing scams are no longer just poorly written emails full of typos. Todays sophisticated back-end technologies take phishing and social engineering to the next level. The era of messages from long-lost, wealthy relatives leaving fortunes to unknown heirs has passed its peak.

Scams 59

Scams Phishing Social Engineering Engineering 59

The Last Watchdog

SEPTEMBER 21, 2022

Phishing is one of the most common social engineering tactics cybercriminals use to target their victims. Cybersecurity experts are discussing a new trend in the cybercrime community called phishing-as-a-service. Phishing-as-a-Service (PhaaS). Ready-to-use phishing kits with all necessary attack items are available on the web.

Phishing 198

Phishing Artificial Intelligence Cybercrime Social Engineering 198

Graham Cluley

DECEMBER 14, 2023

Security researchers have discovered the latest evolution in call-back phishing campaigns. Read more in my article on the Tripwire State of Security blog.

Phishing 141

Phishing Malware 141

Krebs on Security

APRIL 10, 2024

But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com The domain mentioned at the beginning of this story — fedetwitter.com — redirects users to the blog of a Japanese technology enthusiast.

Phishing 361

Phishing Media Engineering Technology 361

Digital Shadows

NOVEMBER 12, 2024

Top MITRE Technique: Spearphishing The construction sector is no stranger to phishing attacks, which topped the list of initial access techniques between October 1, 2023, and September 30, 2024. Phishing is favored by threat actors for its simplicity and effectiveness.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

Troy Hunt

FEBRUARY 23, 2024

Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite LockBit got seriously taken down by a coalition of law enforcement agencies this week (that's a link through to vxunderground's Twitter profile which has had exellcent commentary) FedEx or Phish? (I've

Phishing 324

Phishing 324

Troy Hunt

APRIL 6, 2020

That email would have been a reply to one you originally sent to me that would have sounded something like this: Hi, I came across your blog on [thing] and I must admit, it was really nicely written. I also have an article on [thing] and I think it would be a great addition to your blog. On a popular blog. Just the title.

Advertising 348

Advertising Internet Internet VPN 348

Krebs on Security

DECEMBER 1, 2022

ConnectWise , which offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. Pyle’s blog were coincidental.

Phishing 322

Phishing Architecture Passwords Accountability 322

The Last Watchdog

NOVEMBER 6, 2023

QR code phishing attacks started landing in inboxes around the world about six months ago. Best practices So how do you defend your enterprise against QR code phishing attacks? In June, we started seeing these types of attacks amongst our customer base. Make sure to always check the waters before you swim (or in this case, scan).

Phishing 202

Phishing Scams Malware Education 202

Security Boulevard

NOVEMBER 11, 2024

The post The Urgent Call: How a Phishing Email Pushed Buckeye Elementary to Strengthen Cyber Defenses appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12. The post The Urgent Call: How a Phishing Email Pushed Buckeye Elementary to Strengthen Cyber Defenses appeared first on Security Boulevard.

Phishing 64

Phishing Technology Ransomware Cybersecurity 64

Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today!

Scams 247

Scams Cybercrime Cryptocurrency Social Engineering 247

Malwarebytes

MAY 8, 2025

We discovered a new phishing kit targeting payroll and payment platforms that aims to not only steal victims’ credentials but also to commit wire fraud. Clicking on the ad sent employees and employers to a phishing website impersonating Deel. Phishing portal and 2FA The first phishing domain we saw was login-deel[.]app

Phishing 104

Phishing Authentication Engineering Banking 104

Heimadal Security

JUNE 19, 2025

In this week’s Snapshot, cybersecurity advisor Adam Pilton breaks down the latest news on dodgy VPNs, sneaky phishing, a worrying shift from Scattered Spider, and more. Use his insights […] The post The MSP Cyber Snapshot – Weekly News with Adam Pilton – June 19th 2025 appeared first on Heimdal Security Blog.

Phishing 71

Phishing Cybersecurity 71

Duo's Security Blog

JANUARY 14, 2025

In recent webinar Preventing Helpdesk Phishing with Duo and Traceless , Duo PMM Katherine Yang sat down with Gene Reich, Co-founder of Traceless to discuss why stronger identity verification is critical for MSPs and helpdesk teamsespecially with the increased accessibility of AI technologies driving identity fraud.

Phishing 111

Phishing Technology Scams Cybercrime 111

Adam Levin

NOVEMBER 26, 2019

“Our team was able to access this server because it was completely unsecured and unencrypted,” announced VPN review website vpnMentor in a blog article describing their findings. . The contents of the database could also help hackers and cybercriminals target the same companies in other ways.

B2B 295

B2B Spyware VPN Phishing 295

Security Boulevard

NOVEMBER 22, 2024

Discover key phishing trends, tactics, and their impact on industries worldwide. The post Email Phishing and DMARC Statistics appeared first on Security Boulevard. Learn about the power of DMARC and how it can save your business.

Phishing 109

Phishing Security Awareness 109

Malwarebytes

APRIL 28, 2025

Ive lost count of how many blogs Ive written about stalkerware -type apps that not only exposed the people they spied on but also ended up exposing the spies themselves. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device cant be phished.

Passwords 91

Passwords Phishing Spyware Password Management 91

Troy Hunt

MARCH 2, 2024

The FedEx phish post went up just after last week's video (still kinda nuts that's even a thing.)

Phishing 295

Phishing 295