Phishing | SC Media

Phishing

Using the zero trust model to prevent phishing

By Philip James, director of architecture and integration, Alagen Currently, the majority of all cyber attacks can be traced back to phishing. It’s become THE most common way for breaches to happen — both to businesses and individuals. In fact, nearly 60 percent of email today is spam, and three-quarters of organizations say they’ve experienced…

Phishing emails imitate North American banks to infect recipients with TrickBot

By

An spam-based phishing campaign recently targeted North American banking customers with malicious Excel documents designed to infect victims with a new variant of the information-stealing TrickBot banking trojan, researchers reported earlier this week. The scam dates back to at least Jan. 27 and peaked in volume on Jan. 30, according a new blog post from…

Unauthorized intruder preys on Bayside Covenant Church

By

The Bayside Covenant Church of Roseville, Calif. reported that for three months last year unauthorized personnel accessed some employee information. In a statement, the church said access was gained to certain email accounts through a still unknown means, from Aug. 3, 2018 to Oct. 20, 2018. The information exposed included names, addresses, Social Security Numbers,…

Phishing campaign targeted subscribers to Tibetan Government-in-Exile’s mailing list

By

Subscribers to a Tibetan Government-in-Exile mailing list were targeted in a recent email-based phishing campaign designed to infect them with a remote access trojan. Dubbed ExileRAT, the trojan is capable of gathering system information, retrieving and pushing files, and executing and ending various processes, according to a blog post from Cisco Systems’ Talos division, whose…

Hundreds of Delaware residents among the victims of BenefitMall breach

By

Delaware’s Department of Insurance announced yesterday that 650 residents and five companies located within the state were impacted by a 2018 data breach of BenefitMall, a third-party HR services administrator for health insurance companies. It was originally back on Jan. 4, 2019, that BenefitMall, aka Centerstone Insurance and Financial Services, publicly disclosed a “data security…

Phishing campaign throws Shade ransomware at Russians

By

Attackers this month have revived an email phishing operation that targets Russian speakers with Shade ransomware served via malicious JavaScript attachments. The scam first emerged in a campaign that began in mid-October of last year, before dying down over the holiday period. But January ushered in a more intense second phase that doubled the previous…

12th annual Data Privacy Day advice: complicated passwords, VPNs and fines

By

Considering the hundreds of millions of records exposed in data breaches just last year, the 12th annual Data Privacy Day could not arrive quickly enough. On the plus side for privacy, at least for EU residents, GDPR went into effect last May and will soon be joined by the California Consumer Privacy Act and other…

Russians targeted in Redaman banking malware operation

By

An ongoing email phishing campaign designed to spread Redaman banking malware aggressively targeted Russian-speakers, especially those with .ru addresses, over the last four months of 2018. Researchers at Palo Alto Networks’ Unit 42 division reported this week in a company blog post that from September through December, its threat intelligence service detected 3,845 email sessions…

Phishing attacks posing as missed voicemails nab credentials

By

Threat actors are sending out a wave of phishing emails disguised as missed voicemail notifications in an attempt to bypass both email scanners and user suspicions. The attack is sent in the form of an email purporting to be a notification about a voice message using subject lines such as “PBX Message,” “Voice:Message” or “Voice…

Next post in Security News