Security News

Microsoft sues coronavirus phishing spammers to seize their domains amid web app attacks against Office 354.5
2020-07-08 22:07

Microsoft has taken legal action to seize web domains being used to launch coronavirus-themed phishing attacks. "Microsoft's Digital Crimes Unit first observed these criminals in December 2019, when they deployed a sophisticated, new phishing scheme designed to compromise Microsoft customer accounts," said the mega-corp in a blog post this week.

Phishing attack spoofs Twitter to steal account credentials
2020-07-06 16:32

A new phishing campaign spotted by Abnormal Security attempts to trick people with a phony Twitter security notification. A new phishing campaign analyzed by the security provider Abnormal Security shows how the attackers are taking advantage of Twitter users to steal account credentials.

Email Sender Identity is Key to Solving the Phishing Crisis
2020-07-06 14:07

The proof is in the results: Phishing attacks of just one type - the business email compromise - have caused at least $26 billion in losses in the past five years alone, according to the FBI. The Heart of the Problem. Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.

How to protect your organization from coronavirus-related phishing attacks
2020-07-01 13:46

A report released on Tuesday by security company GreatHorn illustrates the ebb and flow of these attacks and offers advice on how organizations can fight them. For its report, GreatHorn tracked the volume of COVID-19-related email phishing attacks from January, when the virus began to surface, until June, when many countries and companies slowly started to resume operations.

Email Sender Identity is Key to Solving the Phishing Crisis
2020-07-01 13:00

The proof is in the results: Phishing attacks of just one type - the business email compromise - have caused at least $26 billion in losses in the past five years alone, according to the FBI. The Heart of the Problem. Almost 90% of email attacks manipulate sender identity to fool recipients and initiate social engineering attacks.

Pre-Emptive Anti-Phishing Firm Area 1 Security Raises $25 Million
2020-06-29 19:59

Redwood, California-based anti-phishing firm Area 1 Security has raised $25 million in a Series D funding round led by ForgePoint Capital and supported by existing investors Kleiner Perkins, Icon Ventures and Top Tier Capital. Area 1 Security claims to have stopped 42 million phish in 2019, and has thwarted $273 million in BEC fraud in the first five months of 2020.

Phishing attacks target workers returning to the office
2020-06-25 14:57

Now that organizations in some parts of the world are trying to reopen, recent phishing attacks observed by the cyber threat intelligence provider Check Point Research are targeting employees returning to the office. In phishing campaigns observed by Check Point, attackers are deploying emails and malicious files masquerading as COVID-19 training materials.

How to protect remote workers from phishing and other attacks
2020-06-24 04:00

Working from home is a new 'norm' for many organizations, but the shift toward remote work has been steadily increasing for the past decade. Whether mandatory or not, remote work can pose unwanted security concerns for an organization, so it's important to know how to be equipped to mitigate risk appropriately.

COVID-19 Fuels Phishing and Scams While BEC Attacks Evolve and Increase
2020-06-23 15:30

Between the second and third weeks of March 2020, email scams and phishing attacks spiked by an unprecedented 436%. Such was the effect of the COVID-19 pandemic. BEC attacks represent a low percentage of email attacks by volume, but a disproportionally high percentage of overall loss to business.

Phishing attacks impersonate QuickBooks invoices ahead of July 15 tax deadline
2020-06-22 16:26

Targeting the CEO and others in an organization, the attacks spotted by cybersecurity firm Darktrace were detected due to artificial intelligence. A recent phishing attack observed by Darktrace used all of those methods in an attempt to deploy malware.