email phishing scams

5 ways businesses can avoid phishing scams online

The concept of phishing is gaining immense popularity during the Covid-19 pandemic. People, by and large, are becoming victims of such fraudulent activities. Therefore, we have come up with 5 ways businesses can avoid getting trapped with emails that are meant to deteriorate their online identity. Based on recent Phishing records, almost 90 percent of companies have encountered spear phishing attacks...

...

Free Phishing-Protection Solution Amid The COVID-19 Outbreak

Free Phishing-Protection Solution Amid The COVID-19 Outbreak

OhPhish Helps Remote Workers and Businesses Fight Phishing Attacks – From the Editors at Cybercrime Magazine ALBUQUERQUE, N.M., March 23, 2020 /ECCouncil.org/ As the novel coronavirus (COVID-19) pandemic progresses across the world, cybercriminals are taking advantage of the situation resulting in a spike of phishing scams on remote workforce and corporate systems. While working from home helps the cause of social distancing, it introduces additional risks to the organization. With less protection on home networks, employees are vulnerable to phishing attacks more than ever before. It is imperative that these employees remain vigilant and capable of protecting themselves from such attacks. Cybercrime damage costs could potentially double due to the Coronavirus (COVID-19) outbreak, according to Cybersecurity Ventures. “Businesses have...

prevent malware

A Discussion on How to Prevent Ransomware Attacks

Is your PC shielded against ransomware assaults? Ransomware is a kind of malware (vindictive programming) which crooks use to extract money. It holds info to payoff with encoding or by keeping clients locked from their gadgets. This article shows you everything to know on how to prevent ransomware attacks. We investigate the various approaches to shield your PC and your information from ransomware assaults. Pernicious programming that utilizes encoding to hold information for delivery has gotten fiercely effective in the most recent couple of years. The reason for this product is to blackmail cash from the casualties with guarantees of re-establishing encoded information. Like other PC infections, it finds its way onto a gadget by exploiting a security opening...

phishbait-surveys-rule-changes-boss

A Can of Phish Bait: from Surveys to Rule Changes to Your Boss’s Boss

Employees need to continue being wary of phishing scams as they begin to return to the office, according to Roger Kay at INKY. Kay describes several phishing templates that INKY has intercepted in recent months, including one that informed recipients that they needed to fill out a compliance form related to COVID-19 risks. “Reasonably well written, this email, apparently from the human resources department at the target company, actually came from phishers located in the United Kingdom,” Kay writes. “There are elements that might strike the recipient as strange. For example, the phrase ‘recuperating favorably’ is a bit off. Noncompliance is spelled ‘non-compliance.’ And ‘these guide and policies’ has an agreement-of-number problem. But otherwise, it’s a pretty good fake,...

Cyber Insurance is might not Cover that $6 Million in Cyber Fraud

Think Your Cyber Insurance is Going to Cover that $6 Million attack in Cyber Fraud? Think Again.

The latest tale of an organization falling victim to a business email compromise cyber attack on their credit card processor highlights how very specific the scenario needs to be to see a payout.  In 2018, RealPage, a Texas-based service provider for property owners and property management companies was the victim of a cyber attack that took the company for $6 million. RealPage processed their credit card transactions through a third-party processor, Stripe. Stripe fell victim to an impersonation attack where cybercriminals gained control over a RealPage user’s credentials and convinced Stripe to modify the disbursement instructions to point to a bad guy-controlled bank account. In total, $10 million was sent to the fraudulent account, with $4 million recovered. In...

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

Phishing Attacks Continue to Impersonate Trusted Brands to Deceive Potential Victims

The use of impersonation in phishing attacks helps to establish credibility and a sense of ease. New data shows exactly how the bad guys are using this tactic to their advantage. We’ve covered impersonation scams before where cybercriminals pretend to be your CEO, hospital personnel, or even the government. New data from cybersecurity vendor Agari highlights the impersonation trends they found by looking at email throughout the second half of 2020. 63% percent of phishing emails impersonate trusted brands (with Microsoft continuing to top the list). This breaks down in the following manner: Brand display impersonation (62.6%)– where the display name looks to be UPS, Microsoft, Amazon, etc. Individual display name impersonation (22.1%) – where the display name represents...

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

Phishing Scammers Send a Fake “Private Shared Document” as the Initial Attack Vector for Stealing LinkedIn Credentials

A new social engineering scam demonstrates how cybercriminals are both evolving their tactics while still using tried and true methods that just work to attain their goals. I’ve covered scams impersonating Office 365 I don’t know how many times. But it’s not very often you hear about a scam that uses LinkedIn as both its distribution medium and its’ credential target. Last month, victim LinkedIn users received a message from one of their connections (which proved to have been compromised) that contained a link to a third-party website containing a “LinkedInSecureMessage” (which there is no such thing). Victims are taken to a page displaying the following very official-looking page: After pressing the “view document” button, they are presented with...

Phishing Emails Are After Credentials

Most Phishing Emails Are After Credentials

Most Phishing Emails Are After Credentials 57% of phishing emails in 2020 were designed for stealing credentials, according to Cofense’s most recent Annual State of Phishing Report. Meanwhile, just 12% of phishing attacks last year were used for delivering malware. Cofense believes this is because credential phishing emails are better at bypassing email security filters than emails with malicious attachments or download links. Likewise, conversational phishing attacks, like business email compromise (BEC), have grown more popular. “The vast majority of phishing campaigns are credential theft or conversational,” Cofense says. “While malicious attachments still play a role in phishing, the frequency of this has dramatically declined over the years. In fact, most phish attachments these days are not even malware, but...

Scroll to top