Sipping from the Coronavirus Domain Firehose

Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. As...

Continue reading
0 Comments
Tags:
CAUCE Centers for Disease Control COVID-19 Cyber Threat Alliance Cyber Threat Coalition domaintools Hold Security John Conwell Latest Warnings Michael Daniel Neil Schwartzman PhishLabs Rich Harang Sen. Cory Booker Sen. Maggie Hassan Sen. Mazie K. Hirono sophos The Coming Storm Web Fraud 2.0

US Government Sites Give Bad Security Advice

Many U.S. government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding...

Continue reading
0 Comments
Tags:
A Little Sunshine John LaCour OMB phishing PhishLabs U.S. General Services Administration White House Office of Management and Budget

Tricky Phish Angles for Persistence, Not Passwords

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file ...

Continue reading
0 Comments
Tags:
Jeff Jones Latest Warnings login.microsoftonline.com Michael Tyler Microsoft Office 365 microsoftonline.com PhishLabs The Coming Storm Web Fraud 2.0

Should Failing Phish Tests Be a Fireable Offense?

Would your average Internet user would be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? Recently, I met someone at a conference who said his employer had in fact terminated employees for such repea...

Continue reading
0 Comments
Tags:
A Little Sunshine Cofense John LaCour PhishLabs phishme Rohyt Belani

Half of all Phishing Sites Now Have the Padlock

Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. Unfortunately, this has never been more useless advice. New research indicates that half of all phishing scams are now hosted on Web sites whose Interne...

Continue reading
0 Comments
Tags:
A Little Sunshine Bibox IDN internationalized domain names John LaCour Latest Warnings phishing PhishLabs punycode SSL

Phishers Are Upping Their Game. So Should You.

Not long ago, phishing attacks were fairly easy for the average Internet user to spot: Full of grammatical and spelling errors, and linking to phony bank or email logins at unencrypted (http:// vs. https://) Web pages. Increasingly, however, phishers are upping their game, polishing their copy and h...

Continue reading
0 Comments
Tags:
Crane Hassold Latest Warnings Let's Encrypt PhishLabs phishtank.com

Phishers Are Upping Their Game. So Should You.

Not long ago, phishing attacks were fairly easy for the average Internet user to spot: Full of grammatical and spelling errors, and linking to phony bank or email logins at unencrypted (http:// vs. https://) Web pages. Increasingly, however, phishers are upping their game, polishing their copy and h...

Continue reading
0 Comments
Tags:
Crane Hassold Latest Warnings Let's Encrypt PhishLabs phishtank.com

logo color

Quick Links

Resources