Researchers have recently warned of two massive phishing operations, collectively targeting hundreds of thousands of users – one seeking credentials for business services such as Office 365 and the other abusing Facebook Messenger to go after roughly 450,000 of the social media giant’s account holders.
Alleged leaks connecting Democratic presidential candidate Joe Biden to his son’s correspondences in Ukraine immediately raised alarm bells to forensic analysts, and offer an interesting case study for why security teams struggle to validate company files as legitimate.
Skepticism about COVID-19 communications exemplifies a hidden cost of the fight against phishing and vishing scams: lost time and business inefficiencies caused by paranoid employees.
Businesses should remind their employees to resist interacting with emails sent from unknown sources, especially when their subject lines and content promise inside information on current events.
That anti-phishing training email your employees just received may, ironically, actually be a phishing email, according to cyber threat analysts who recently uncovered a security awareness-themed online social engineering campaign. In a blog post on Wednesday, experts at Cofense reported on a phishing campaign that sends emails purporting to be a notification urging employees to…
The Justice Department’s extradition of Deborah Mensah from Ghana for her alleged participation in a multimillion-dollar business email compromise (BEC) scheme marks the latest move in a flurry of global activity to stop increasingly prevalent email scams. Since 2018, the department has participated in two massive international operations netting nearly 370 arrests, and the FBI…
The validation vulnerability in Google Drive could result in users downloading malware.
Orchestrated by the Russian-speaking RedCurl group, the attack stole information on a variety of businesses – mostly in construction, finance, consulting, retail, insurance, law and travel.
Even though the adoption of DMARC has grown over the past year, only 21 percent) of Fortune 500 companies are protected from being spoofed with only 13.9 percent of all domains enforcing the standard. Industry sectors lag substantially behind U.S. government entities where three-fourths of U.S. federal domains are safeguarded by DMARC enforcement, according to…
The top 20 universities based in the U.S. are failing to implement proper DMARC protections and policies, opening the door for fraudsters to spoof their email domains and convincingly impersonate them at a time when students are likely expecting to receive a wealth digital communications related to back-to-school instructions, researchers warn. In particular, students and…
