Monthly Archives: October 2023

Cyber threats can be scary, and for good reason.

The most often recommended piece of anti-phishing advice is for all users to “hover” over a URL link before clicking on it. It is great advice.

Menlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial services, insurance, property management and real estate, and manufacturing.

They are out there, watching and waiting for an opportunity to strike; the bad actors who have carefully researched your organization in order to set the perfect trap using easily found public resources. Open-Source Intelligence (OSINT) can provide cybercriminals everything … Read More

Like a ghost, most business email compromise (BEC) scams are able to sneak through most technical defenses and end up in end-user inboxes.

Threat actors continue to use generative AI tools to craft convincing social engineering attacks, according to Glory Kaburu at Cryptopolitan.

If you didn’t trust contactless payment processors before, you really won’t after hearing about this recent scam.

A recent attack on an undisclosed Spanish aerospace company all started with messages to the company’s employees that appeared to be coming from Meta recruiters, via LinkedIn Messaging. ESET researchers uncovered the attack and attributed it to the Lazarus group, … Read More

DomainTools is tracking an increase in SMS phishing (or “smishing”) campaigns impersonating the US Postal Service (USPS). The text messages inform recipients that there’s a problem with their delivery address and they need to click on a link to resolve … Read More