The FBI is warning that hackers are increasingly using voice phishing, or vishing, to target remote and at-home workers as a way of harvesting VPN and other credentials to gain initial access to corporate networks.
Researchers at the security firm Proofpoint are tracking several fraud schemes leveraging COVID-19 vaccine-themed emails. The schemes include business email compromise scams, messages with malicious attachments and phishing emails designed to harvest credentials.
A Russian-speaking "scam-as-a-service" operation dubbed "Classiscam" is expanding globally, with 40 interconnected gangs in about a dozen countries using fake product advertisements to launch phishing schemes, the security firm Group-IB reports.
The "remote workforce" of 2020 is gone. Now we're talking about the new, permanent "branch office" - and it comes with its own unique set of cybersecurity concerns, says Derek Manky of FortiGuard Labs. He discusses new social engineering trends and how to respond.
A recently spotted phishing campaign used the offer of a President Donald Trump video as a lure to spread the QRat Trojan that can steal passwords, take screenshots and enable attackers to take over a compromised Windows devices, according to Trustwave SpiderLabs.
A recently uncovered phishing campaign is spoofing messages from the New York State Department of Labor, claiming to offer $600 as part of a COVID-19 relief program, according to Abnormal Security. The goal is to harvest personally identifiable information.
Federal investigators have seized two domains impersonating the pharmaceutical firms Moderna, which has begun shipping a COVID-19 vaccine, and Regeneron, which developed a treatment for COVID-19, according to the U.S. Justice Department. Fraudsters were using the websites for identity theft.
Fraud in the interactive voice response channel was growing before the pandemic. Since? IVR fraud has become “a fraudsters’ playground,” says Mark Horne, CMO of Pindrop. He shares a new account-centric defensive solution.
In this eBook, Horne discusses:
The growth of IVR fraud;
New research findings about...
Email is still the #1 attack vector the bad guys use. A whopping 91% of cyberattacks start with a phishing email, but email hacking is much more than phishing and launching malware!
Join us as we explore 10 ways hackers use social engineering to trick your users into revealing sensitive data or enabling malicious...
An ongoing phishing campaign designed to harvest Office 365 credentials is using a Microsoft Outlook migration message, according to researchers at Abnormal Security. These fake messages have landed in about 80,000 inboxes so far.