The separate attacks were carried out by at least two foreign entities, who might have been able to access sensitive documents and details on U.S. critical infrastructure.
Phishing campaigns are being leveraged by attackers to reach victims and collect email logins, as well as infect their machines with malware.
A phishing scam asks World Cup fans to sign a fake petition in support of a soccer play disqualified from playing after biting another player.
More than a million of Orange users' telephone numbers, birth dates and email addresses were stolen last month in a phishing attack.
Targeted attacks grew by 91 percent and lasted three times longer, according to a recent threat report.
Scammers are using a phony video, claiming that Flight MH370 has been found, to redirect Facebook users to malicious websites.
Symantec spotted a phishing campaign that sends users to a realistic-looking fake Google log-in page.
APT12, the espionage group believed to be behind attacks on The New York Times, is piggy-backing on international interest in the G20 summit to penetrate victims' networks via malicious emails.
But the debate over the value of information security awareness programs and exercises in the workplace continues.
The Moscow-headquartered security firm Kaspersky Lab found that 37.3 million people faced the prospect of being phished in 2012 to present day, an 87 percent increase over the same period between 2011 and 2012.
Like they do with major news events and other holidays, online fraudsters are seeking to cash in on the upcoming Memorial Day weekend.
Following a series of high-profile Twitter account hijacks, the microblogging service finally has delivered two-factor authentication.
The number of fraud complaints lodged with the Internet Crime Complaint Center actually fell in 2012, but the amount of alleged losses to victims rose.
The Anti-Phishing Working Group found that 47 percent of all phishing attacks involve shared web hosting, like one might find on WordPress or Joomla.
Spam campaigns are sending out spurious emails purported to be from Facebook, LinkedIn, American Airlines and financial institutions, McAfee researchers found.
The unsuccessful attacks were the result of email addresses being publicly posted on an electric company's website.
Security researchers have found evidence that, not surprisingly, social engineering tactics were leveraged by the attackers, who set their malware to "go off" three days after reaching victims.
The Federal Trade Commission and the Better Business Bureau are alerting businesses about the new threat.
Twitter announced Thursday that is adopting Domain-Based Message Authentication, Reporting and Conformance (DMARC), a new specification designed to authenticate emails so users don't fall for fraudulent emails.
Security firm Seculert is tracking two versions of the threat: one which is targeting Japanese organizations and the other directed, ironically, toward Chinese journalists.
The concept of "bouncer list phishing" is designed to keep everyone, except a select few, on the outside of the campaign.
A Turkish certificate authority (CA) accidentally issued two intermediate, or chained, digital certificates, one of which was used by the holder to mimic legitimate websites and launch attacks.
Scammers use a click-the-pic ruse to redirect users to the Blackhole exploit kit
With Hurricane Sandy on a collision course with the Northeast, cyber crooks are likely to take advantage of the historic storm to make a quick buck or steal personal information from the unsuspecting.
Researchers have uncovered information about the origins of "Operation High Roller," a campaign targeting victims in the United States and the Netherlands with banking trojans to carry out ACH fraud.
An "open-redirect" vulnerability has allowed scammers to phish several thousand people using shortened links to legitimate government websites.
Researchers believe watering hole strategies, where attackers compromise sites visited by their targets, are used to steal personal information and set the stage for spear phishing attacks.
Last month's featured news from Shamoon attacking oil companies to Wyndham Hotels challenging the FTC.
Successful phishing attacks in 2012 include words that allude to shipping and urgency, according to a new report.
The personally identifiable information found on social networks are a gateway for hackers to get access to the heart of the information they truly desire.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes