Security News
Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple, whose brand by many measures remains among the most-targeted. "While maps-icloud[.]com is not a particularly convincing phishing domain, a review of the Russian server where that domain is hosted reveals a slew of far more persuasive links spoofing Apple's brand. Almost all of these include encryption certificates and begin with the subdomains"apple.
Last year, Microsoft did roll out phishing detection to Microsoft Forms, an online product that lets people create surveys, quizzes, and polls. "Contrary to Avanan's marketing claims, Microsoft does not automatically trust any domain, including the Office and Sway domains. All links are analyzed, assessed and compared to known attack vectors, including local domains. Additionally, Microsoft performs a complete assessment of Sway content, including the scanning of links on the pages."
The latest example of this involves Office 365 users being directed to phishing and malicious pages hosted on Office Sway, a web application for content creation that's part of Microsoft Office. "The Sway page will include trusted brand names. Most commonly, the spoofed brands are Microsoft-affiliated, just like the SharePoint logo shown in the example above," Avanan explained.
BitDam, provider of cybersecurity solutions that protect enterprise communications from advanced threats hidden in files and links, announced that its BitDam Advanced Threat Protection solution is now installed at LSH Auto UK Ltd, part of the world's largest Mercedes-Benz Dealer Group, in an effort to cost-effectively enhance the company's email security posture. PCM advised LSH to look at BitDam to help it to neutralize corporate risk as well as provide protection for customers who may be compromised as a result of phishing attacks.
14 Bank Websites Spoofed as Part of Two-Year Campaign, Check Point ReportsFor two years, an attack group using Ukraine-based infrastructure has been creating hundreds of lookalike domains to...
It’s that time of year again. Everyone’s busy – at work and at home. That includes cybercriminals, too. In fact, the holiday season is when busy, distracted people tend to be especially vulnerable...
Version 79 of Chrome is out, and it promises to do a better job of protecting you against phishing sites and credential stuffing attacks.
Victim Tallies Climb as Breach Investigations ContinueInvestigations of two apparently unrelated phishing-related breaches that affected members of Presbyterian Health Plan have revealed the...
New episode available now!