Security News

Tech support scams work because they try to trick people into believing there's a serious security crisis with their computers, says Norton Labs. The tech support ruse was the number one scam described by Norton Labs in its new October Consumer Cyber Safety Pulse Report.

Phishing actors are following a new trend of targeting non-executive employees but who still have access to valuable areas within an organization. As reported by Avanan researchers, half of all phishing emails they analyzed in recent months impersonated non-executives, and 77% of them targeted employees on the same level.

Phishing actors are now using mathematical symbols on impersonated company logos to evade detection from anti-phishing systems. All three spoofing types masquerade as voicemail notifications containing an embedded 'Play' button, that when clicked, take the user to a phishing portal that was crafted to look like a Verizon website.

Intuit has warned QuickBooks customers that they are targeted by an ongoing phishing campaign impersonating the company and trying to lure potential victims with fake renewal charges. Intuit also provides information on how customers can protect themselves from phishing attempts on its support website.

Blackberry's Research and Intelligence Team has uncovered three phishing schemes targeting Indian nationals, and says a Chinese state-sponsored malware gang is the culprit. Blackberry identified the responsible party as APT41 - a prolific Chinese state-sponsored cyberthreat group that has carried out what Fireye called "Espionage activity in parallel with financially motivated operations" since at least 2012.

That lesson was hammered home through a recent phishing attack that stole money from Coinbase customers. The attackers were able to move funds from Coinbase to their own accounts, thus stealing a vast amount of money in the form of cryptocurrency.

One brand that's been getting a lot of exposure among phishing campaigns is Chase Bank as cybercriminals are increasingly targeting people who use the company's financial services. The American subsidiary of JP Morgan Chase, Chase Bank is now ranked as the sixth most spoofed brand seen in phishing URLs, according to Cyren.

A new phishing campaign spotted by Armorblox tried to steal user credentials by spoofing a message notification from a company that provides email encryption. A successful phishing email that obtains the right username and password can gain access to an entire network.

Armorblox researchers have spotted an ongoing credential-phishing attack that spoofs an encrypted Zix email - one coming, weirdly enough, from what looks like a legitimate domain associated with the Baptist religion. God isn't sending encrypted Zix messages: If hapless users click on the spoofed email's link, it will try to download a presumably unholy HTML file onto their system.

DMARC is a global standard for email authentication. Recipients can detect phishing emails sent from a spoofed company domain by examining the email header information, such as the "From:" address and "Return-path" address, and verifying that they match.