Security News

Sadly, cybercrooks love a crisis, because it gives them a believable reason to contact you with a phishing scam. Of course, if you put in your email address or your password and click through, you'll be submitting the filled-in web form to the crooks.

The Gone Phishing Tournament tested how susceptible people are to opening fraudulent emails and entering their login information. To prepare organizations for an attack, TerraNova Security held the Gone Phishing Tournament over five days in October, testing people at companies in 76 countries and 27 languages on how likely they were to open a malicious email and enter their information into a dangerous website.

The Wuhan coronavirus continues to spread and create anxiety across the globe, allowing malicious individuals and groups to exploit the situation to spread fake news, malware and phishing emails. IBM X-Force says that Japanese users have been receiving fake notifications about the coronavirus spreading in several prefectures, purportedly sent by a disability welfare service provider and a public health center.

A spear-phishing campaign targeted a U.S. government agency for several months last year using emails with content about North Korea geopolitics as a lure, according to an analysis from Palo Alto Networks' Unit 42. It targeted five employees at a U.S. government agency - which the report did not identify - as well as two foreign nationals who had professional ties to North Korea, according to the Unit 42 report.

The campaign was using the heightened tension in the region following the killing of Iranian general Qasem Suleimani at a Baghdad airport, and used emails purporting to come from the Ministry of Foreign Affairs of the Kingdom of Bahrain, Saudi Arabia, and the United Arab Emirates. The use of legitimate public services in malware attacks is a growing trend among attackers.

Beyond automated security tools, there are more people-centric strategies that businesses should adopt to protect themselves against phishing attacks, as described in the 2020 State of the Phish report released Wednesday by the security firm Proofpoint. About 60% of the respondents said their organization faced fewer or about the same number of phishing attacks last year compared with 2018.

According to researchers at the ZeroFOX Alpha Team, the latest version of the group's phishing kit is designed with a number of features that are aimed to steal as much personally identifiable information as possible from users of the popular money-transfer service, including login credentials, geolocation, email address, credit-card information, phone number and more. The researchers were able to intercept traffic between the kit and the C2 server, and gain access to the server panel that 16Shop rents to users.

One of the most advanced phishing kits, known as 16Shop and probably developed by a group known as the Indonesian Cyber Army, has expanded its phish targets from Apple account holders and Amazon to now include PayPal. "In early January 2020," they say, "ZeroFOX Alpha Team obtained a phishing kit from 16Shop that now targets PayPal customers, indicating they are actively adding brands to their phishing kit portfolio."

As you can imagine, the way the hackers got in is supposed to have been by means of phishing attacks. The good news is that most of us have learned to spot obvious phishing attacks these days.

There are ways to protect your company and employees from this type of attack, according to a new report from Barracuda Networks. Through domain impersonation or spoofing, attackers send emails to employees with phony domain names that appear legitimate or create websites with altered names.