Security News

There are ways to protect your company and employees from this type of attack, according to a new report from Barracuda Networks. Through domain impersonation or spoofing, attackers send emails to employees with phony domain names that appear legitimate or create websites with altered names.

Social media messages have also effectively tricked users, notably when LinkedIn is the subject-55% were successful, with Facebook following at 28%. "Not surprisingly, LinkedIn email subjects top the social media list for Q4 in a pretty big way. Q4 is a time where people are setting resolutions for the following year, and this often involves a job search. Activity related to LinkedIn tends to spike in this quarter, meaning people are more likely to view and click these emails." Research for the report was gathered through an examination of thousands of email subject lines from simulated phishing tests. KnowBe4 also reviewed "In-the-wild" email subject lines, which added previously received email as an additional incentive to open, as well as company emails reported to IT departments as suspicious.

Social media messages have also effectively tricked users, notably when LinkedIn is the subject-55% were successful, with Facebook following at 28%. "Not surprisingly, LinkedIn email subjects top the social media list for Q4 in a pretty big way. Q4 is a time where people are setting resolutions for the following year, and this often involves a job search. Activity related to LinkedIn tends to spike in this quarter, meaning people are more likely to view and click these emails." Research for the report was gathered through an examination of thousands of email subject lines from simulated phishing tests. KnowBe4 also reviewed "In-the-wild" email subject lines, which added previously received email as an additional incentive to open, as well as company emails reported to IT departments as suspicious.

A phishing campaign apparently aimed at Burisma, the Ukrainian gas company that is at the center of President Donald Trump's impeachment, has been linked by cybersecurity researchers to a hacker group believed to be working on behalf of the Russian government. Area 1 Security, a California-based cybersecurity firm that specializes in anti-phishing solutions, on Monday published a report describing a phishing campaign apparently aimed at Burisma, its subsidiaries and its partners.

A miscreant managed to swipe $2.3m from a Texas school district after staff inadvertently wired large sums of public money to the crook's bank account. The school district did not say exactly how scumbags were able to extract so much money, though telly station CBS Austin reported the money was funneled out in three separate transactions in November.

Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple, whose brand by many measures remains among the most-targeted. "While maps-icloud[.]com is not a particularly convincing phishing domain, a review of the Russian server where that domain is hosted reveals a slew of far more persuasive links spoofing Apple's brand. Almost all of these include encryption certificates and begin with the subdomains"apple.

Last year, Microsoft did roll out phishing detection to Microsoft Forms, an online product that lets people create surveys, quizzes, and polls. "Contrary to Avanan's marketing claims, Microsoft does not automatically trust any domain, including the Office and Sway domains. All links are analyzed, assessed and compared to known attack vectors, including local domains. Additionally, Microsoft performs a complete assessment of Sway content, including the scanning of links on the pages."

The latest example of this involves Office 365 users being directed to phishing and malicious pages hosted on Office Sway, a web application for content creation that's part of Microsoft Office. "The Sway page will include trusted brand names. Most commonly, the spoofed brands are Microsoft-affiliated, just like the SharePoint logo shown in the example above," Avanan explained.

BitDam, provider of cybersecurity solutions that protect enterprise communications from advanced threats hidden in files and links, announced that its BitDam Advanced Threat Protection solution is now installed at LSH Auto UK Ltd, part of the world's largest Mercedes-Benz Dealer Group, in an effort to cost-effectively enhance the company's email security posture. PCM advised LSH to look at BitDam to help it to neutralize corporate risk as well as provide protection for customers who may be compromised as a result of phishing attacks.