CSO Magazine

APRIL 28, 2022

Phishing continues to be one of the primary attack mechanisms for bad actors with a variety of endgames in mind, in large part because phishing attacks are trivial to launch and difficult to fully protect against. Why phishing is successful. Most phishing attacks are less about the technology and more about social engineering.

Phishing

CSO Magazine

AUGUST 23, 2021

These include SMS/text-based phishing, SIM swapping and unauthorized number porting. Related: The T-Mobile data breach: A timeline | Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Mobile

CSO Magazine

APRIL 1, 2021

Editor's note: This article, originally published on August 7, 2018, has been updated to include new information on phishing kit features. Phishing is a social attack, directly related to social engineering. Commonly centered around email, criminals use phishing to obtain access or information.

Phishing

CSO Magazine

OCTOBER 7, 2021

This historic increase in cybercrime resulted in everything from financial fraud involving CARES Act stimulus funds and Paycheck Protection Program (PPP) loans to a spike in phishing schemes and bot traffic. Get the latest from CSO by signing up for our newsletters. ] Learn the The 5 types of cyberattack you're most likely to face. |

CSO

CSO Magazine

APRIL 30, 2021

Sign up for CSO newsletters. ]. Spear-phishing attack targets Russian defense contractor. In this instance, the target of the spear-phishing attack was a general director working at the Rubin Design Bureau, a Russia-based defense contractor that designs nuclear submarines for the Russian Federation’s Navy.

CSO

CSO Magazine

OCTOBER 4, 2021

Learn 8 types of phishing attacks and how to identify them and how BEC attacks take phishing to the next level. Sign up for CSO newsletters. ].

CSO

CSO Magazine

MARCH 20, 2023

The natural language generation capabilities of large language models (LLMs) are a natural fit for one of cybercrime’s most important attack vectors: phishing. Phishing relies on fooling people and the ability to generate effective language and other content at scale is a major tool in the hacker’s kit.

Phishing

CSO Magazine

OCTOBER 19, 2021

Whether it’s advanced phishing techniques, credential stuffing, or even credentials compromised through social engineering or breaches of a third-party service, credentials are easily the most vulnerable point in defending corporate systems. Get the latest from CSO by signing up for our newsletters. ]

Authentication

CSO Magazine

MAY 26, 2021

Phishing simulations—or phishing tests—have become a popular feature of cybersecurity training programs in organizations of all sizes.

Phishing

CSO Magazine

APRIL 12, 2022

Phishing definition. Phishing is a type of cyberattack that uses disguised email as a weapon. Phish" is pronounced just like it's spelled, which is to say like the word "fish"—the analogy is of an angler throwing a baited hook out there (the phishing email) and hoping you bite.

Phishing

CSO Magazine

APRIL 6, 2021

Check out these 11 phishing prevention tips for best technology practices, employee education and social media smarts. | Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Cybercrime

CSO Magazine

APRIL 21, 2023

That’s a lot of ground to cover, so CSO has sifted through the upcoming announcements and gathered the products and services that caught our eye here. More announcements will be made throughout the event, and CSO will update this article as their embargoes break. We’ve organized the listings by day of announcement.

CSO

CSO Magazine

MAY 27, 2021

These credentials fuel the underground economy and are used for everything from spam to phishing and account takeovers. Get the latest from CSO by signing up for our newsletters. ] Credential stuffing attacks are one of the most common ways cybercriminals abuse stolen usernames and passwords.

CSO

Malwarebytes

NOVEMBER 8, 2021

Google patches zero-day vulnerability , and others, in Android Zuckerberg’s Metaverse , and the possible privacy and security concerns This Steam phish baits you with a free Discord Nitro BlackMatter ransomware group announces shutdown. New “Frankenstein” phishing kits are becoming increasingly popular.

CSO

CSO Magazine

MAY 25, 2022

Computer vision cybersecurity startup PIXM has expanded its line of antiphishing products with the launch of PIXM Mobile, a solution to protect individuals and enterprises from targeted and unknown phishing attacks on mobile devices. To read this article in full, please click here

Mobile

CSO Magazine

MARCH 13, 2023

Phishing attempts are typically like fishing in a barrel — given enough time, a bad actor is 100% likely to reel in a victim. Once they recognize organizations as habitually vulnerable, they will continue to target them and the barrel-fishing cycle goes on and on.

Phishing

CSO Magazine

SEPTEMBER 28, 2021

Studies show that CSO readers are most likely to know that endpoint protection is the modern iteration of the antivirus tools of previous generations. Threat vectors for end-user devices include browser-based attacks, phishing attempts, malicious software, or spyware.

Antivirus

CSO Magazine

OCTOBER 28, 2022

Email security and threat detection company Vade has found that phishing emails in the third quarter this year increased by more than 31% quarter on quarter, with the number of emails containing malware in the first three quarters surpassing the 2021 level by 55.8

Phishing

CSO Magazine

JANUARY 11, 2023

Security researchers have used the GPT-3 natural language generation model and the ChatGPT chatbot based on it to show how such deep learning models can be used to make social engineering attacks such as phishing or business email compromise scams harder to detect and easier to pull off.

Scams

CSO Magazine

JULY 1, 2021

Despite advancements in anti-phishing techniques and employee training, phishing attacks are increasingly popular. After all, employees need to click on links to do their jobs, and social engineering makes phishing links difficult to identify. That’s because they work so well.

Phishing

CSO Magazine

DECEMBER 8, 2021

When it comes to cybersecurity, phishing is one of the oldest tricks in the book. Phishing has evolved,” says Chester Wisniewski, principal research scientist at Sophos. These days phishing emails often lead to ransomware, crypto jacking, or data theft. But it is still incredibly hard to defend against. The reason?

Phishing

CSO Magazine

JANUARY 4, 2023

In a case that highlights how attackers can leverage information from data breaches to enhance their attacks, a group of attackers is using customer information stolen from a Colombian bank in phishing attacks with malicious documents, researchers report. Stolen data used to add credibility to future attacks.

Banking

CSO Magazine

APRIL 7, 2022

Spear phishing definition. Spear phishing is a targeted email attack purporting to be from a trusted sender. In spear phishing attacks, attackers often use information gleaned from research to put the recipient at ease. To read this article in full, please click here

Phishing

CSO Magazine

JANUARY 20, 2021

Rather than attack us through our operating systems, attackers have targeted remote control tools, our consultants, and most importantly our users via phishing attacks. As a result, attackers have pivoted to different methods. To read this article in full, please click here (Insider Story)

Phishing

The Last Watchdog

MAY 5, 2022

Fun fact: 80% of these breaches occur at the endpoint , often via phishing or social engineering. About the essayist: Den Jones, CSO at Banyan Security , which supplies s imple, least-privilege, multi-cloud application access technologies. So as investments go, checking device posture as part of your zero trust program is a huge win.

Ransomware

CSO Magazine

MARCH 4, 2022

Facebook jumped to the top spot in the 20 most impersonated brands by phishers in 2021, representing 14% of phishing pages, according to Vade's annual Phishers' Favorites report. To read this article in full, please click here

Phishing

CSO Magazine

APRIL 26, 2023

Iranian state-sponsored threat actor, Educated Manticore, has been observed deploying an updated version of Windows backdoor PowerLess to target Israel for phishing attacks, according to a new report by Check Point. To read this article in full, please click here

Phishing

CSO Magazine

JUNE 16, 2021

It seems like not a day goes by without another ransomware attack making headlines. And where do many of these attacks start? In your users' email inboxes. To read this article in full, please click here (Insider Story)

Phishing

CSO Magazine

MAY 29, 2023

A new phishing technique can leverage the “file archiver in browser” exploit to emulate an archiving software in the web browser when a victim visits a.zip domain, according to a security researcher identifying as mr.d0x. Performing this attack first requires you to emulate a file archive software using HTML/CSS,” said mr.d0x in a blog post.

Phishing

CyberSecurity Insiders

MARCH 14, 2022

And unless these devices are secure enough, their usage can invite more troubles,” said Alistair MacGibbon, the CSO of CyberCX. Rachael Falk, the Chief Executive of Cyber Security Cooperative Research Center, issued an alert about phishing emails to companies operating in the power generation and distribution sector.

Cyber Attacks

CSO Magazine

APRIL 13, 2022

In his career, he has seen people pick up and use dropped thumb drives, give up passwords over the phone and, yes, even click on simulated phishing links. Sign up for CSO newsletters. ]. He has also seen the real-world consequences of such actions.

Penetration Testing

CSO Magazine

MAY 31, 2023

Phishing was the most common type of identity-related incident in 2022, according to a study by Identity Defined Security Alliance (IDSA), a non-profit, identity and security intelligence firm.

Phishing

CSO Magazine

JULY 28, 2022

Microsoft toppled Facebook for the top spot in the 25 most impersonated brands by phishers in the first half of 2022, with a total of 11,041 unique phishing URLs, according to Vade's latest Phishers' Favorites report. To read this article in full, please click here

Phishing

CSO Magazine

SEPTEMBER 14, 2022

Cybersecurity startup novoShield has launched an enterprise-grade mobile security application , designed to protect users from mobile phishing threats. Released this week for iPhones via the US and Israeli Apple app stores, novoShield’s namesake app detects malicious websites in real time and blocks users from accessing them.

Mobile

CSO Magazine

MAY 24, 2023

Emails containing the unique SuperMailer string barely registered in January and February, but in the first half of May they accounted for over 5% of credential phishing emails.” To read this article in full, please click here

Phishing

CSO Magazine

JULY 12, 2022

Security researchers from Microsoft have uncovered a large-scale phishing campaign that uses HTTPS proxying techniques to hijack Office 365 accounts. The attack is capable of bypassing multi-factor authentication (MFA) and has targeted over 10,000 organizations since September 2021.

Phishing

CSO Magazine

JUNE 14, 2023

Researchers investigating an Office 365 account compromise resulting from an adversary-in-the-middle (AitM) phishing attack found evidence of a much larger global attack campaign that spans the past year and is possibly tied to an infostealer malware called FormBook. "In

Phishing