Manipulation tactics that you fall for in phishing attacks
It’s 6 p.m. on a Friday. Just as you finish packing up for the day, an email from your boss pops up on your phone asking why an urgent payment didn’t go out earlier in the week. He’s tied up in a business dinner, so he needs you to wire payment to a specific vendor…
The dangers of vacation planning
So, you’ve been working all year long and finally decided to go on a nice vacation, taking a couple of weeks away from home, office, and everything else? That’s great! Of course, you don’t want anything at all to go wrong with your hard-earned break. To avoid disappointments — or worse — down the road,…
How cybercriminals abuse the travel and hospitality industry
The travel and hospitality industry suffers billions of losses each year due to fraud. “With the right combination of other underground services (compromised accounts, credit cards, etc.) it is possible to cover almost every aspect of the holidays, including food and restaurants, shopping, entertainment, guided tours and more – way beyond flights and hotels,” Vladimir…
46,000 new phishing sites are created every day
An average of 1.385 million new, unique phishing sites are created each month, with a high of 2.3 million sites created in May. The data collected by Webroot shows today’s phishing attacks are highly targeted, sophisticated, hard to detect, and difficult for users to avoid. The latest phishing sites employ realistic web pages that are…
How to spot malicious mobile apps
The pervasiveness of smartphones has resulted in an onslaught of mobile apps, and it’s pretty safe to say that, by now, there is an app for every imaginable purpose. Unfortunately, among the many helpful ones are also many malicious apps – no app market is safe from them. Fortunately, there are ways to spot such…
Obscuring malicious Facebook links using the Open Graph Protocol
Most users click on links popping up in their Facebook News Feed without thinking twice about it, but it’s good to keep in mind that they can lead to malicious sites. Here’s an example of one flagged by the SANS ISC (Internet Storm Center):
Man stole bitcoin by phishing individuals on the dark web
Michael Richo, a 35-year-old from Connecticut, had the brilliant idea of stealing bitcoin from people involved in illegal deals through dark web marketplaces. Perhaps he thought that he would be safe from law enforcement if he stuck to robbing potential criminals but, as it turns out, he was wrong. Richo’s modus operandi was as follows:…
Viral phishing scams and vulnerabilities: What to watch out for this Patch Tuesday
I am about to head to Las Vegas for Ivanti’s Interchange 2017 at The Mirage hotel and feeling a bit in a gambling mood, so I am going to take a shot at this month’s forecast and see if luck is on my side. This month we will also explore the dangers of phishing scams…
Brands increasingly targeted by false websites and phishing
DomainTools released the names of the top U.S.-based retail companies whose brands are frequently abused by criminals creating look-alike domains for phishing. The research surfaced multiple malicious domains each day spoofing Amazon, Apple, Gap, Nike, and Walmart. Cybercriminals have become adept at creating websites and emails that closely resemble the actual brand, tricking consumers into…
Know your enemy: Defining the new taxonomy of malicious emails
Just as it is the default tool for most businesses, email’s capacity for rapid, mass communication has made it a favourite instrument of criminals. As a result, malicious emails have become a common occurrence in most consumer and business inboxes. Although chances are that most people will correctly identify the most common malicious emails as…