Attackers are using cloud-based collaboration services as social engineering tools to trick users into clicking on malicious links, often for the purpose of wire fraud or supply chain fraud.
Devised by email security company GreatHorn and security awareness firm Inspired eLearning, a new quiz taken by 1,123 U.S. users showed how individuals actually respond to phishing scams. The results weren’t great.
Researchers have recently warned of two massive phishing operations, collectively targeting hundreds of thousands of users – one seeking credentials for business services such as Office 365 and the other abusing Facebook Messenger to go after roughly 450,000 of the social media giant’s account holders.
Skepticism about COVID-19 communications exemplifies a hidden cost of the fight against phishing and vishing scams: lost time and business inefficiencies caused by paranoid employees.
Businesses should remind their employees to resist interacting with emails sent from unknown sources, especially when their subject lines and content promise inside information on current events.
Cyberattackers targeting the hospitality industry were recently observed using a phishing page that featured CAPTCHA technology as a way to elude detection, as well as to give potential victims a false sense of security that the malicious site was legit. The scam was revealed yesterday in a blog post from Menlo Security – the latest in a…
On one hand, simulations should mimic real-life phishing campaigns as closely as possible. On the other hand, an insensitive training exercise can place your company in bad standing with employees.
That anti-phishing training email your employees just received may, ironically, actually be a phishing email, according to cyber threat analysts who recently uncovered a security awareness-themed online social engineering campaign. In a blog post on Wednesday, experts at Cofense reported on a phishing campaign that sends emails purporting to be a notification urging employees to…
A malicious server compromise recently confirmed by DNA investigation services provider GEDmatch serves as a reminder of the incident response challenges and privacy ramifications that companies face when they trade in sensitive data – in this case, DNA, the most personal of data – especially when such incidents create unique opportunities for targeted phishing campaigns. Owned by…
Working professionals are blaming stress, time pressure, fatigue and distractions for lapses in safe cyber practices – and current conditions caused by the Covid-19 pandemic may only be exacerbating the problem. According to a newly published research report from Tessian, a survey of 2,000 working professionals in the U.S. and UK found that 43 percent…
