Researchers at Cyfirma outline trends in phishing campaigns around the world, finding that Singapore is disproportionately targeted by phishing attacks. Singapore’s position at 5th place “Between 1st January and 1st August, CYFIRMA’s telemetry recorded 410,793 phishing campaigns,” the researchers write.
The Evolution of Email Security: A Look into the Future with Spambrella The Changing Face of Email Threats Email threats have come a long way from the early days of spam and basic phishing attempts. Today, cybercriminals employ increasingly sophisticated tactics to compromise email systems, including: The Role of Spambrella Spambrella has been at the forefront of email security for years, constantly evolving to counteract these threats.
The Evolving Landscape of Email Security: How Spambrella Stays Ahead The Constant Threat of Email Attacks Email-based attacks have become increasingly sophisticated over the years. From phishing and spear-phishing to ransomware and business email compromise (BEC) scams, cybercriminals are constantly inventing new tactics to infiltrate your inbox and compromise your data.
In the movie, "Willy Wonka and the Chocolate Factory," kids unwrap chocolate bars in hopes of winning a golden ticket, giving the holder an inside tour of the sugar factory. The W3LL store is selling advanced phishing kits – a golden ticket for hacking Microsoft 365 accounts -- that can bypass multi-factor authentication (MFA) no less.
Phishing attacks have always been detected through broken English, but now generative artificial intelligence (AI) tools are eliminating all those red flags. OpenAI ChatGPT, for instance, can fix spelling mistakes, odd grammar, and other errors that are common in phishing emails. This advancement in AI technology has made it easier for even amateur hackers to analyze vast amounts of publicly available data about their targets and create highly personalized and convincing emails within seconds.
The Associated Press (AP) has disclosed a data breach affecting the legacy AP Stylebook website that led to phishing attacks against impacted customers, BleepingComputer reports. “On July 20, 2023, Stylebooks.com notified us that AP Stylebook customers had received phishing emails directing them to a fake website that imitated AP Stylebook to provide updated credit card information,” the AP said. “APS immediately engaged a cyber forensics firm to investigate the incident.
Researchers at Truesec are tracking a phishing campaign that’s distributing the DarkGate Loader malware via external Microsoft Teams messages. “On August 29, in the timespan from 11:25 to 12:25 UTC, Microsoft Teams chat messages were sent from two external Office 365 accounts compromised prior to the campaign,” the researchers write.
The Telekopye toolkit allows scammers to create phishing websites, send fraudulent SMS messages and emails, and target popular Russian and non-Russian online marketplaces. While toolkits are nothing new, the frequency, speed of time-to-market, and the functionality available to the “every-scammer” is becoming truly frightening.
The Interisle Consulting Group has published a paper looking at the phishing landscape in 2023, KrebsOnSecurity reports. Notably, Interisle found that the.us top-level domain is being widely abused in phishing attacks. “.US is the ccTLD of the United States and had a very large number of its domains used for phishing -- almost 30,000 domains, more than 20,000 of which were registered maliciously by phishers,” Interisle said.
