Security News

SailPoint survey finds that younger workers also are more likely to use company email addresses for online shopping and subscriptions. This SailPoint survey asked 500 U.S. workers about how they use email and deal with phishing attacks.

A surge in spearphishing emails designed to steal Office 365 credentials were rigged to look like they came from a Kaspersky email address. Office 365 credentials are a common target for phishing attacks.

Kaspersky said today that a legitimate Amazon Simple Email Service token issued to a third-party contractor was recently used by threat actors behind a spear-phishing campaign targeting Office 365 users. Amazon SES is a scalable email service designed to allow developers to send emails from any app for various use cases, including marketing and mass email communications.

Phishers readily deploy attacks, with the average phishing campaign lasting only 12 minutes, according to Google, which reports blocking 100 million phishing emails per day. Implementing DMARC eliminates the most common attack vector - phishing emails - and adds another layer of protection.

During the early days of the pandemic, while the rest of the world was stress streaming and working on sourdough starter, an ambitious teen stuck in his bedroom decided to set up a fake "Love2Shop" gift card site to harvest people's payment information, invest the stolen money in cryptocurrency and become a millionaire. His age certainly didn't prohibit the scammer from being allowed to purchase Google ads to help lure people to his phishing scam site, according to prosecutors, ultimately ranking the scam phishing site over the legitimate one.

That's true of a new phishing campaign that uses both Craigslist and OneDrive to trick people into installing malware. Clicking on a button in the email was supposed to take people to a form document that had been uploaded to an actual Microsoft OneDrive site.

Microsoft on Thursday disclosed an "Extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. Phishing kits, often sold as one time payments in underground forums, are packaged archive files containing images, scripts, and HTML pages that enable a threat actor to set up phishing emails and pages, using them as lures to harvest and transmit credentials to an attacker-controlled server.

The latest findings show tech support scams, which often arrive as a pop-up alert convincingly disguised using the names and branding of major tech companies, have become the top phishing threat to consumers. Tech support scams are expected to proliferate in the upcoming holiday season, as well as shopping and charity-related phishing attacks.

A prolific email phishing threat actor - TA505 - is back from the dead, according to enterprise security software slinger Proofpoint. TA505, which was last active in 2020, restarted its mass emailing campaigns in September - armed with new malware loaders and a RAT. "Many of the campaigns, especially the large volume ones, strongly resemble the historic TA505 activity from 2019 and 2020," said Proofpoint in a statement today.

Tech support scams work because they try to trick people into believing there's a serious security crisis with their computers, says Norton Labs. The tech support ruse was the number one scam described by Norton Labs in its new October Consumer Cyber Safety Pulse Report.