Security News

The Register has read it and can report that while it reveals that Coil seeks permission to share users' details with service providers, partners, and "Related entities". We cannot find a clause that resembles: "We reserve the right to expose your email address to countless other Coil users in the 'To:' field of an email."

LexisNexis Risk Solutions announced the availability of LexisNexis Emailage, a powerful fraud risk scoring solution fueled by email intelligence to help companies balance a seamless user experience with robust fraud detection and prevention capabilities. LexisNexis Emailage reimagines fraud detection by using email intelligence as a core risk identifier.

A new email tool advertised on a cybercriminal forum provides a stealthier method for carrying out fraud or malware attacks by allowing messages to be injected directly into the victim's inbox. Called "Email Appender," the tool can enable more sophisticated phishing and business email compromise attacks as well as help the less technical actors in the ransomware business.

Japanese e-commerce giant Rakuten had sent email notifications yesterday to many of its customers congratulating them on newly earned cashback. Periodic cashback emails from Rakuten Rewards, formerly Ebates, are frequently sent to customers of Rakuten apps, Chrome browser extension, and credit card.

Microsoft is investigating a recently discovered issue that causes deleted emails to reappear in the mail inbox of Outlook.com accounts. The exact cause behind these Outlook.com undeletable emails but the company says that it's working on a fix to be deployed when a resolution is available.

Abstract: Phishing scam emails are emails that pretend to be something they are not in order to get the recipient of the email to undertake some action they normally would not. While technical protections against phishing reduce the number of phishing emails received, they are not perfect and phishing remains one of the largest sources of security risk in technology and communication systems.

A database linked to GrowDiaries, an online community of cannabis growers, has exposed more than a million users' email addresses, passwords, IP address records and posts. GrowDiaries is a robust online community of cannabis growing enthusiasts from around the world, where they can share tips, tricks and pictures of their progress.

The Qbot botnet is now spewing U.S. election-themed phishing emails used to infect victims with malicious payloads designed to harvest user data and emails for use in future campaigns. "In addition to stealing and exfiltrating data from its victims, QBot will also start grabbing emails that will later be used as part of the next malspam campaigns," Malwarebytes' Jérôme Segura and Hossein Jazi explain.

The notion of the traditional email attack campaign is dying. Phishing is one of the most common email attack techniques.

The Federal Bureau of Investigation shared indicators of compromise associated with the Iranian state-sponsored threat group behind last week's Proud Boys voter intimidation emails that targeted Democratic voters. The threatening spoofed emails used the "Vote for Trump or Else" subject and warned voters registered as Democrats that they must vote for President Trump and change their party to Republican unless they want the Proud Boys far-right group to come after them.