Cybercriminals ‘manage’ phishing emails using techniques similar to those used by marketing agencies, including the use of ‘test audiences’ to see how effective a particular email is, according to an email security specialist.
Phishing is unique among cyber attacks – it doesn’t rely on weaknesses in computer software, or new vulnerabilities – it relies, initially at least, on human gullibility. Our guide offers advice on how to avoid the latest scams – and why tablet and smartphone users need to stay alert.
Independent security research has revealed that several 3G and 4G USB modems have security flaws which allow hackers access for phishing scams.
Hackers have stolen documents relating to law enforcement inquiries, through phishing attacks on employee emails, Microsoft has announced.
There are plenty of scams effective enough to rate a warning or three, in the hope of alerting potential victims to the kind of gambit they use. And so, even though much of ESET’s business is focused on the bits and bytes of malicious software, I’ve spent a lot of time writing on WeLiveSecurity and
[A much shorter version of this article appeared in the October 2013 Threat Radar Report as 'The Thoughtful Phisher'. As these particular scam/spam campaigns don’t seem to be diminishing, however – indeed, some of the phishing techniques seem to be getting more sophisticated – I thought perhaps it was worth updating and expanding for a
Spear-phishing is creating a new era of cybercrime, according to Chris Dixon, a partner at venture capital firm Andreesen Horowitz – and in terms of its threat to enterprise, it’s comparable to a “super strain of bacteria.”
A new paper aims to profile the victims most likely to fall for a phishing attack. But what is less clear is how you develop a profile while avoiding the pitfalls of stereotyping.
I was recently contacted by a journalist researching a story about ‘hackers’ quitting the dark side (and virus writing in particular) for the bright(-er) side. He cited this set of examples – 7 Hackers Who Got Legit Jobs From Their Exploits – and also mentioned Mike Ellison (formerly known as Stormbringer and Black Wolf, among
Many of us have got wiser to email spams and scams – but cybercriminals are in the perfect position to “fine tune” their attacks. Our tips might help you avoid the “click of death”…
A new study aims to identify the sort of people who are most likely to fall for phishing scams – and has found that women, introverts and the overconfident are more likely to confuse “real” email with phishing scams.
Many industries are now being targeted by well-tailored spear-phishing scams, the FBI has warned, with emails containing accurate information about victims, harvested from social networks or from previous intrusions into the same network.
Atlantic Media CTO Tom Cochran emailed employees a fake phishing email supposedly from “Google Apps”, and found that 58% clicked the link.
ESET researchers explain the difficulties in attribution of targeted attacks; evidence is often circumstantial and the source never positively identified.
Yahoo defended its plan to recycle inactive user IDs this week, saying that it had put in place safeguards to prevent the recycled usernames being used for identity theft.
Google claims to have spotted and disrupted several phishing campaigns in Iran – attempts to compromise tens of thousands of email accounts in the run-up to the country’s presidential elections this Friday.
Government regulation of IT security poses challenges for bank security teams, a leading Australian bank IT security expert has claimed.