Phishing

Report: Data breaches up 62 percent in 2013

Report: Data breaches up 62 percent in 2013

By

Targeted attacks grew by 91 percent and lasted three times longer, according to a recent threat report.

Fake Malaysia Airlines video on Facebook spreads malware

By

Scammers are using a phony video, claiming that Flight MH370 has been found, to redirect Facebook users to malicious websites.

Phishing scam aimed at Google Docs, Drive users

By

Symantec spotted a phishing campaign that sends users to a realistic-looking fake Google log-in page.

APT12 group latches to G20 Summit buzz to infiltrate organizations

By

APT12, the espionage group believed to be behind attacks on The New York Times, is piggy-backing on international interest in the G20 summit to penetrate victims' networks via malicious emails.

CTO of media company faked-out employees with "phishing" emails

CTO of media company faked-out employees with "phishing" emails

By

But the debate over the value of information security awareness programs and exercises in the workplace continues.

More users than ever experiencing phishing attack attempts

More users than ever experiencing phishing attack attempts

By

The Moscow-headquartered security firm Kaspersky Lab found that 37.3 million people faced the prospect of being phished in 2012 to present day, an 87 percent increase over the same period between 2011 and 2012.

Scammers on the hunt for Memorial Day deal watchers

Scammers on the hunt for Memorial Day deal watchers

By

Like they do with major news events and other holidays, online fraudsters are seeking to cash in on the upcoming Memorial Day weekend.

Twitter begins rollout of two-factor authentication to limit account takeovers

Twitter begins rollout of two-factor authentication to limit account takeovers

By

Following a series of high-profile Twitter account hijacks, the microblogging service finally has delivered two-factor authentication.

Online crime clearinghouse received nearly 290K complaints in 2012

By

The number of fraud complaints lodged with the Internet Crime Complaint Center actually fell in 2012, but the amount of alleged losses to victims rose.

Study finds hosting providers offer phishing paradise

By

The Anti-Phishing Working Group found that 47 percent of all phishing attacks involve shared web hosting, like one might find on WordPress or Joomla.

New BlackHole email campaign found

By

Spam campaigns are sending out spurious emails purported to be from Facebook, LinkedIn, American Airlines and financial institutions, McAfee researchers found.

Spear phishing campaign targeted energy sector

By

The unsuccessful attacks were the result of email addresses being publicly posted on an electric company's website.

Spear phishes used to infect South Korean corporate networks

By

Security researchers have found evidence that, not surprisingly, social engineering tactics were leveraged by the attackers, who set their malware to "go off" three days after reaching victims.

Small businesses in crosshairs of new malware-laden email ruse

By

The Federal Trade Commission and the Better Business Bureau are alerting businesses about the new threat.

Twitter embraces DMARC standard to stymie phishing attacks

By

Twitter announced Thursday that is adopting Domain-Based Message Authentication, Reporting and Conformance (DMARC), a new specification designed to authenticate emails so users don't fall for fraudulent emails.

Phishing emails use fake Mandiant China spy report bait to target victims

Phishing emails use fake Mandiant China spy report bait to target victims

By

Security firm Seculert is tracking two versions of the threat: one which is targeting Japanese organizations and the other directed, ironically, toward Chinese journalists.

Phishers hang a velvet rope to keep their attacks quiet

By

The concept of "bouncer list phishing" is designed to keep everyone, except a select few, on the outside of the campaign.

Google, Microsoft respond to fraudulent certificate

By

A Turkish certificate authority (CA) accidentally issued two intermediate, or chained, digital certificates, one of which was used by the holder to mimic legitimate websites and launch attacks.

Scammers pounce on Hurricane Sandy to spread spam

By

Phishing emails targeting victims of Sandy begin to make the rounds online.

LinkedIn users being targeted by fake photo email

By

Scammers use a click-the-pic ruse to redirect users to the Blackhole exploit kit

Hurricane Sandy could cause big mess in cyber space too

By

With Hurricane Sandy on a collision course with the Northeast, cyber crooks are likely to take advantage of the historic storm to make a quick buck or steal personal information from the unsuspecting.

"High roller" fraud campaign persists, origin revealed

By

Researchers have uncovered information about the origins of "Operation High Roller," a campaign targeting victims in the United States and the Netherlands with banking trojans to carry out ACH fraud.

Industry groups issue web, mobile messaging best practices

By

Best practices for mobile devices highlighted rising threats in a market where BYOD has become standard.

Redirect flaw on .gov sites leaves open door for phishers

By

An "open-redirect" vulnerability has allowed scammers to phish several thousand people using shortened links to legitimate government websites.

Presidential election spurs malware-laden CNN spam

By

With less than a month remaining until the presidential election, online fraudsters are smelling opportunity, and more similarly themed cons are expected in the upcoming weeks.

Ransomware and phish cons target Skype users

By

Over the course of a week, two trojan-spreading scams have emerged that aim for users of the internet phone service.

New phishing tactic: Infect sites and wait for catch

By

Researchers believe watering hole strategies, where attackers compromise sites visited by their targets, are used to steal personal information and set the stage for spear phishing attacks.

News briefs: Latest security news

By

Last month's featured news from Shamoon attacking oil companies to Wyndham Hotels challenging the FTC.

Time-sensitive keywords prominent in phishing attacks

By

Successful phishing attacks in 2012 include words that allude to shipping and urgency, according to a new report.

Kentucky health agency breached after worker falls for phish ploy

By

Thousands of individuals may have had their personal information exposed after hackers used a successful phishing attack to springboard to an email server belonging the Kentucky Department for Community Based Services.

Sign up to our newsletters

POLL