e-mailScammers exploiting GetShared for phishing attacks
Scammers are exploiting GetShared to bypass email security.
915 articles
signs of phishingPhishing emails and Docusign electronic signature
Phishers have adopted another trick: they send emails pretending to be from Docusign with a fake link to a document that the recipient must sign.
Honest phishing: the alert is fake, the attack is real
An Office 365 security alert as bait in a phishing email.
phishingAutomated phishing
Telegram bot sells subscriptions to phishing tools to hack Microsoft 365 accounts, including 2FA bypass.
2FAHow the adversary-in-the-middle technique is used in spearphishing attacks
Cybercriminals are using AitM techniques to compromise accounts of company executives. How do they do this, and how to protect against it?
Kaspersky Premium crowned best anti-phishing solution
Independent cybersecurity lab AV-Comparatives put 15 anti-phishing solutions to the test — with only eight making the grade. We took home the gold, adding to our already extensive collection of accolades.
Turnkey phishing
A turnkey home? A turnkey website? How about turnkey phishing? Scammers now sell turnkey phishing services to other scammers. Read on to find out how it works.
Phishing on GitHub through job offers to… developers
Developers’ accounts are being hijacked using fake job offers sent from a legitimate GitHub address.
Progressive phishing: How PWAs can be used to steal passwords
A new phishing technique uses progressive web apps (PWAs) to mimic browser windows with convincing web addresses to steal passwords.
Phishing using FB infrastructure stealing business-account passwords
Cybercriminals are using genuine Facebook infrastructure to send phishing emails threatening to block accounts.
Two-stage Dropbox spear phishing
Cybercriminals prey on corporate credentials by sending phishing links through Dropbox after priming the victim.
Recursive credential phishing for ESPs
Cybercriminals prey on access to mailing tools by sending phishing emails through these same tools.
Self-evaluation questionnaire phishing scam
Attackers invite employees to complete fake self-evaluations to steal corporate credentials.
SharePoint as a phishing tool
Cybercriminals are using hijacked SharePoint servers to send dangerous notifications.
Phishing for Wise guys
Here’s how phishers extract phone numbers and credentials from users of Wise.
Bank phishing and identity theft
We explain how phishers are swindling Wells Fargo customers out of personal credentials, passwords, card details, and selfies with an ID card.
Browser-in-the-browser attack: a new phishing technique
We explain a new sneaky technique for stealing passwords, and how to avoid being tricked by a phishing site.
threat intelligenceHow to block a phishing site
Kaspersky have a new service that allows our threat intelligence customers to take down malicious and phishing sites.
Common spear-phishing tricks
To be ready for attacks targeting your company, information security officers need to know about received spear-phishing e-mails.