Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Email Security

Best SPF Flattening Tools in 2025

SPF (Sender Policy Framework) refers to a type of email authentication protocol through which business owners can prevent various forms of cyberattacks (e.g. phishing, spoofing, etc.). With SPF, you can easily determine the sending mail servers to which you give permission to send emails on behalf of your organization.

First Ever Magic Quadrant for Email Security Platforms by Gartner

In cybersecurity, email has always been a critical concern. However, we feel the new 2024 Gartner Magic Quadrant for Email Security Platforms has signaled a shift in how we approach email protection. We believe this new Magic Quadrant encompasses a broader spectrum of email security providers to reflect the evolving threat landscape and the need for more integrated products.

Why GenAI Should Be a Deciding Factor With Email Security Investments

The good news is that advanced email protection methods do not necessarily call for a trade-off. Generative AI (GenAI) is both a way to embrace innovation and an enabler of robust defense mechanisms to take action against dangers that are increasingly difficult to counter. Investing in this technology at any stage of your email security program can make your organization adaptive, future-focused, and fully prepared to mitigate the risks posed by cybercriminals leveraging AI tools for malicious purposes.

Malicious WordPress Plugin Assists in Phishing Attacks

Researchers at SlashNext warn that cybercriminals are using a WordPress plugin called “PhishWP” to spoof payment pages and steal financial information. The spoofed pages are designed to steal payment card numbers, expiration dates, CVVs, and billing addresses. The plugin can also intercept one-time passwords generated to secure the transactions. The stolen data is immediately sent to the crooks via Telegram as soon as the victim hits “enter” on the phishing page.

Phishing Campaign Abuses Legitimate Services to Send PayPal Requests

A phishing campaign is abusing Microsoft 365 test domains to send legitimate payment requests from PayPal, according to Fortinet’s CISO Dr. Carl Windsor. Windsor found that the threat actor registered a free MS365 test domain and used it to create a distribution list containing targets’ email addresses. The scammer then used this distribution list to send payment requests via PayPal’s web portal.

What To Do If You Click on a Phishing Link

If you click on a phishing link you should immediately disconnect your device from the internet, scan your device using antivirus software and keep a lookout for suspicious activity and transactions on your online accounts. Learn more about what a phishing link is and what to do if you click on a phishing link.

Recruitment Phishing Scam Imitates CrowdStrike Hiring Process

On January 7, 2025, CrowdStrike identified a phishing campaign exploiting its recruitment branding to deliver malware disguised as an "employee CRM application." The attack begins with a phishing email impersonating CrowdStrike recruitment, directing recipients to a malicious website. Victims are prompted to download and run a fake application, which serves as a downloader for the cryptominer XMRig.

Phishing for Gamers: Fake Offers Invite Gamers to Test New Gaming Titles

A phishing campaign is targeting users with phony offers to beta test new video games, according to researchers at Malwarebytes. The phishing messages are sent via Discord, email, or text message. The messages purport to come from a game developer, and include a link to download an archive supposedly containing the game’s installer.

What Are Spam Risk Calls and How to Avoid Them?

Spam isn’t just an annoyance to your email inbox; it's also becoming a problem for our phones. Last year, the average American received 9 monthly spam calls, totaling 3 billion spam and unwanted calls nationwide, costing $25.4 billion. Spam risk encounters people will likely receive are through: Out of people who fell for these kinds of scams, the most common amount people lost was between $100 - $249, and a smaller group said they lost over $1,000.