Report Finds One Third Of Suspicious Emails Are Threats

Employee cyber security training is paying off according to a report recently released by IT security company F-Secure. Researchers from F-Secure analyzed more than 200,000 emails that had been flagged as suspicious by employees working for organizations around the world. They discovered that more than one third of those emails could be classified as phishing. Phishing is an extremely common …

Microsoft 365 Getting Button To Easily Report Phishing Emails

We’re beginning to see increasing collaboration between giant tech companies and government agencies around the world. In the UK the National Cyber Security Centre (NCSC) launched its Suspicious Email Reporting Service (SERS) back in April of 2020. The agency has received nearly 7 million reports since its launch. These include more than 50,500 reported scams and in excess of 97,500 …

Hackers Are Pretending To be Chipotle In Poisoned Emails

Hackers Are Pretending To be Chipotle In Poisoned Emails Chipotle recently reported that an account used by their company’s marketing department had been hacked. A currently active campaign is underway leveraging this account. The hackers are sending out phishing emails containing poisoned links. A recipient clicking on these links will be directed to a malicious website designed to prompt users …

Notification Of New Subscription Billing Could Be A Phishing Attack

There’s a dangerous new phishing scam you should be aware of and alert your employees to right away. A growing trend in the hacking world is to use mixed media, including phone calls with live actors at the other end, posing as “customer support” representatives, and even recorded messages including instructions and attached to emails. This is all done in …

Beware Of Voice Message Phishing Attacks Called Vishing

Hackers and scammers have been experimenting with “vishing” in recent months, as a subset of phishing. Conventional phishing tactics rely on sending emails that employ a variety of social engineering tricks to convince unsuspecting recipients to hand over sensitive information up to and including login credentials. However, “vishing” adds a new angle: Voice, either via pre-recorded message or employing an …

New RevengeRAT Trojan Gives Hackers Access To Your Data

Recently, Microsoft issued an alert, warning users about a remote access tool called RevengeRAT, also known as AsyncRAT. It is being used to target travel and aerospace companies with spear-phishing emails. The emails use social engineering tricks to prompt employees at these types of firms to open a poisoned Adobe PDF attachment which downloads a malicious Visual Basic file on …

Global Scale Phishing Attack Brings New Malware

There’s an ongoing, global scale phishing attack you should be aware of, even if your firm isn’t currently being targeted by it. The attack is being tracked by Mandiant, who recently published a report about it. According to that report, the attack was planned in waves, hitting more than 50 different organizations spanning a broad range of industries. These attacks …

Watch Out For Vaccine Survey Phishing Emails

Scammers have found a new way to take advantage of people, so be on your guard. The U.S. Department of Justice has recently issued an alert warning people of fake emails sent out asking recipients to take advantage of a post vaccination survey. Naturally, as part of taking the survey, each participant will be asked a number of questions designed …

What Businesses Can Do To Minimize Phishing Emails

If you had to guess, worldwide, how many phishing emails would you estimate are sent out every day, what would you say? If you guessed anything less than three billion, you’d be incorrect. Three billion a day, on average. That’s both terrifying and depressing. On hearing that grim statistic, it’s natural to assume that there’s just not much you can …

Hacker Uses Zoom Invites To Steal Credentials Through Sendgrid

There’s a mix of bad news and good in the ongoing war against the hackers of the world. For the bad news, security professionals have recently detected a sophisticated phishing campaign that makes use of SendGrid and convincing replicas of Outlook on the Web and Office 365 logins to harvest credentials. The attack works like this: SendGrid is a trusted …