Security News

As if the exponential rise in phishing scams and malware attacks in the last five years wasn't enough, the COVID-19 crisis has worsened it further. Many scammers have rolled out campaigns offering COVID-19 vaccines, free medical tests and testing kits, tax rebates for donation to pandemic relief funds, information on COVID-19 cases, and new job opportunities due to the economic downturn.

The US Department of Justice has seized two domain names used to impersonate the official websites of biotechnology companies Moderna and Regeneron involved in the development of COVID-19 vaccines. While almost perfectly cloning the contents of the real sites, the website seized by the federal government were instead used for various malicious purposes including running scams, infecting visitors with malware, and collecting sensitive info in phishing attacks.

Count the Subway sandwich faithful among the latest victims of cybercriminals. Researchers at Sophos discovered a phishing campaign aimed at Subway loyalty-card members in the U.K. and Ireland, in an attempt to trick them into downloading malware.

Understanding the attackers' approach helps you spot a phishing email when it hits your inbox. In general, there are four main steps phishers go through when creating convincing phishing emails, and understanding these steps helps you to spot and stop them.

A massive phishing campaign pretending to be a Subway order confirmation is underway distributing the notorious TrickBot malware. TrickBot is a trojan malware infection commonly distributed through phishing campaigns or installed by other malware.

Security company GreatHorn shared some of the latest ways cybercriminals are trying to take your money. Here's how to avoid them.

These phishing emails promise compensation, test results, and other lures about the coronavirus to trick unsuspecting users, says Armorblox. With 2020 almost over, such email attacks continue merrily on.

A new global report on phishing attempts shows how the workforce has responded to security threats since COVID-19, and the new vulnerabilities that have resulted from the remote work landscape. Terranova Security's new "2020 Gone Phishing Tournament," part of its Phishing Benchmark Global Report, looks at the impact of phishing attacks on the remote workforce, citing an increase in phishing simulation clicks, as well as compromised data.

Over the past week, users of the MetaMask cryptocurrency wallet have been losing funds to a phishing scam that lured potential victims through Google search ads. Although it is unclear how many MetaMask users fell for the scam, some say they ended up with empty wallets after clicking on a fraudulent search ad being promoted as the MetaMask site.

The emails impersonate a member company of the COVID-19 vaccine supply chain to harvest account credentials, says IBM Security X-Force. A calculated cybercriminal operation is targeting companies in the coronavirus vaccine supply chain with phishing emails that appear to be designed to steal sensitive user credentials, IBM Security X-Force said in a report released Thursday.