Email Security News, Articles and Updates

Google rolling out Gmail anti-phishing feature to iOS devices

Three months after introducing anti-phishing security checks in Gmail for Android products, Google has extended this feature to iOS devices as well.

Almost 900 Bloomberg terminal chat room users doxxed

More than 800 Wall Street workers using an anonymous Bloomberg business terminal chat room were doxxed when an email containing their names and email addresses was sent to the chat room participants.

IRS: Phishing scam aims to deceive accountants with fake tax software updates

The Internal Revenue Service is warning of an email-based phishing scam that impersonates tax software providers, in order to trick professional accountants into giving away their log-in credentials for these services.

Hackers steal Copyfish app from developer's Google Play account

The Chrome version the app Copyfish was compromised to push out ads and spam after an employee for its developer At9t fell for a phishing scam and gave access to the company's Play Store account to an unauthorized individual.

House Judiciary Republicans ask Sessions to appoint special counsel to probe Clinton, Comey

As Special Counsel Robert Mueller's probe of Russian interference in the campaign and possible collusion with members of the Trump team, rumblings that a double standard was being applied.

Researchers deliberately get phished, learn that account exploitation often takes more than 24 hours

Researchers at Imperva recently set up fake online accounts and intentionally allowed themselves to be phished by scammers in order to observe how behavior cybercriminals act after they come into possession of a victim's credentials.

Scotland's government council heavily targeted by cyberattacks

Cybercriminals have been targeting Scottish government, universities and health organizations at a high rate with more than half of their local councils being hit since 2014

UPDATE: Wyden pushes DHS to adopt DMARC

The standard, which is not yet widely adopted by the federal government, including DHS, "would make it significantly harder for fraudsters and foreign governments to impersonate" agencies, Wyden wrote in a letter.

Oracle Access Manager servers open to session hijacking

Two Belgian security researchers have found a flaw with Oracle Access Manager (OAM) version 10g that 99 percent of the companies they checked on did not have properly configured thus leaving those organizations open to a specially crafted phishing attack.

Pentagon to encrypt soldiers' email

Keeping soldiers' email out of the hands of enemies has long been a concern, but the Pentagon has been slow to use the readily available encryption tool for its internal mail service which serves 4.5 million users.

GOP operative on hunt for Clinton emails, indicated link to Flynn

The late Peter W. Smith, who put together an investigative team that included researchers, attorneys and investigators, claimed to have uncovered five hacking groups who allegedly had Clinton's emails.

NotPetya: Researchers find 'kill switch', then clash over naming

Researchers claim to have found a 'killswitch' for NotPetya, but there seems to be disagreement over what to call it.

NotPetya: Snowden takes shots at NSA, Shadowbrokers lick lips

Both Edward Snowden and the Shadowbrokers have used the NotPetya attacks, to provide their unique perspective on the situation.

Google to stop using Gmails content for targeted adverstising

Google plans to stop using consumer-level Gmail content as a data source for ads personalization.

Email compromise scams rack up greatest financial losses in new IC3 report

Among all incidents reported to the Internet Crime Complaint Center in 2016, email compromise scams targeting businesses and individuals were responsible for the greatest financial loss totals.

One quarter of Australian companies hit by phishing attack this week: Mailguard

The phishing attacks against Australian energy customers grew yesterday with Mailguard reporting an enormous number of phishing attempts made centered on fake Origin Energy bills.

Phishing scam hitting EnergyAustralia customers

Mailguard is reporting that a large number of malicious emails posing as a bill from EnergyAustralia is swarming across that nation.

Cybercriminals using phishing scams to steal cryptocurrencies

With the value of cryptocurrencies like bitcoin continuing to climb, cybercriminals are looking to expand the tricks they use to steal these virtual dollars.

GlobalLeaks hacking group reveals some UAE ambassador emails

A hacking group called GlobalLeaks has purportedly stolen emails from the United Arab Emirates U.S. ambassador that indicate that nation is manipulating American Persian Gulf policy.

Google pumps up Gmail security with early phishing detection

Google has rolled out new security strategies for its emailing system, Gmail, that incorporates early phishing detection.

High volumes of Trump, Macron-themed spam emails may have forecast their victories

A Proofpoint study that tracked spam emails that used candidate names in recent U.S., French and the on-going U.K. parliamentary elections showed the campaigns could be an indicator of who might win.

Tainted leaks technique tied, sort of, to Russia

A recent investigative study by the Citizen Lab connects Russian actors to the practice of stealing, negatively altering and then releasing documents in an effort to damage the personal reputation of government officials, candidates and journalists in dozens of countries.

Bank of France customers targeted in phishing campaign

Cyber-criminals are attempting to steal credentials from French companies and consumers, yet the campaign is falsely attributed to the Bank of France.

Cast of Game of Thrones, now with 2FA

The cast of the popular HBO series Game of Thrones is now required to use two-factor authentication to receive scripts by email.