CONTENT MARKETING SPECIALIST

Have you ever considered that you could be a target for phishing attacks?

It’s not a new issue, but it’s a rising threat. Phishing attackers have been constantly growing and improving their techniques. Their strategies became so convincing that you can barely distinguish them from harmless communications. And all it takes to fall into their trap is a fraction of a second.

Perhaps the most dangerous approach I’ve seen regarding this concern was: “Ehhh, so what? It don’t think it can happen to me. And I don’t have important stuff anywayz”.

Actually, they can harm you a lot if you’re not paying attention.

They can: withdraw money, make purchases, steal your identity and open credit card accounts in your name, or further trade those information about you and much more.

The latest Verizon Data Breach Investigation Report shows that 23% of email recipients open phishing messages, and 11% click on attachments. That means they are three times more effective than email campaigns conducted nowadays.

Kaspersky reports show that, in Q3 of 2015, their anti-phishing system was triggered 36 million times – that is 6 million times more than in the previous quarter.

A recent report from the City of London’s Police National Fraud Intelligence Bureau reveals that phishing scams in 2015 accounted for a quarter of online crime, with victims losing up to £38,000 each.

And the context is ripe for phishing attacks to happen. According to McAfee:
– 15-20% of a workers’ web sessions (opening a browser) are initiated by clicking a link in an email;
– 92% of employees trust the security of the company’s email system and feel that their email is safe.

Phishing

Keep reading if you want to avoid getting caught in their net, as we’ll cover the ABCs of phishing: what it is, what you can do to detect and prevent any attacks and what measures to take if you think you got caught in the phishing net.


 


WHAT IS PHISHING?

Phishing is the name given to cybercriminals’ attempts to lure you into giving them sensitive information or money.

The word “phishing” is similar to “fishing” because of the analogy of using bait to attempt to trap victims.

By sensitive information we mean anything that ranges from your social security number to passwords, bank account number, credit card details, PIN number, home address, social media account, birthday, mother’s maiden name and so on.

This information can be used for financial damages, identity theft, to gain unlawful access to different accounts, for blackmail etc.

No phishing


HOW DOES PHISHING WORK?

Attackers use different methods of deception as phishing strategies.

They will create fake messages and websites, that imitate the original ones. With their help, they will try to lure you into handing over your personal information. They will either ask you to reply to them, follow a link included in the message or download an attachment.

The communication appears to be initiated by a legitimate person or company. Famous phishing attacks imitate messages from financial institutions, government agencies (ex: IRS), online retailers and services (ex: Amazon, eBay, PayPal), social networks (ex: Facebook), or even from a friend or colleague.

In order to make phishing look genuine, attackers include photos and information from the original website.

They may even redirect you to the company’s website and collect the data through a false pop-up window. Or it can happen the other way around: they first request your personal data, then redirect you to the real website.

Other times, they tell you that you have been targeted by a scam and that you urgently need to update your information in order to keep your account safe. That’s how millions of Walmart consumers were tricked in 2013.

All these gimmicks will minimize the chances for you to realise what happened.

Here’s an example of Standard Bank phishing from 2010, via McAfee:

Standard Bank phishing example

Phishing has become a way to spread malware. The attackers will deliver malicious content through the attachments or links they trick you into clicking on. The malicious code will take over a person’s computer in order to spread the infection.

Although phishing is mostly transmitted via email, it can also work through other mediums. In the past years, cyber attackers moved their focus on phishing attacks done through instant messaging services, SMS, social media networks, direct messages in games and many others.


WHY DOES IT WORK?

Phishing is popular among cyber attackers because it is easier to trick someone into clicking on links or downloading attachments than trying to break into their system defenses.

It works because they appeal to emotions. It promises great deals or alerts you that there may be a problem with an account.

It’s also so effective because more than 50% of users use the same passwords for different accounts. This makes it easy for the cyber criminals to gain access to them.


PHISHING EFFECTS

Phishing damages can range from loss of access to different accountsbanking, email, social media profiles, online retailers, to identity theft, blackmail and many more.

Just to name a few of them:

  • financial loss
  • data loss
  • accounts loss
  • ransom asked in exchange for regaining access to your data
  • blacklisting from institutions
  • malware or viruses infections into a PC or network
  • illegal use of personal data
  • illegal use of social security number
  • creation of fake accounts in your name
  • ruining your credit score
  • losing your job, if you happen to be phished via your work email address and give out essential company details as a consequence


A LITTLE BIT OF HISTORY

The first phishing records date back to the beginning of 1996, when cyber scammers were trying to lure AOL (America Online) customers into a trap and get access to their accounts and billing information.

Cyber scammers would contact users through the AOL instant messaging and email system and pose as AOL employees. Needless to say that it was pretty effective, especially since phishing was virtually unknown at the time.

You can find out more about the first records of phishing here.


TYPES OF PHISHING


1. SPEAR PHISHING

Spear phishing is an email directed at specific individuals or companies. It is highly effective and very well planned.

The attackers will take their time and gather all the available information about their target before the attack: personal history, interests, activities, details about colleagues and any other details they can find. These are used in order to create a highly personalized and believable email.

It’s a technique that works because the phishing email appears to be from someone you know and requires urgent action. Maybe it will even make reference to a mutual friend or a recent purchase you’ve made. The attacker takes advantage of the fact that people are inclined to act before they double-check it. They also leverage your trust in companies, organizations and people.

Spear phishing requires higher efforts, but its success rates are also higher. It’s currently the most successful phishing technique, accounting for 95% of attacks.

And all this just by gathering publicly available information that we freely share on our social media accounts and blogs. It’s one of the main reasons why we should think twice before divulging any more personal information online. Even if all your privacy measures are in check, you can never know whose friend account may have been compromised.


2. WHALING

Whaling phishing is the term used for attacks directed at high profile targets within companies, such as upper management or senior executives.

These are tailored to appear as critical business email, sent from a legitimate business authority, that concern the whole company.

Here are a few examples: legal subpoenas, managerial issues, consumer complaints.

Needless to say that return on investment for attackers is very high in this case. And, contrary to what you’d think, these types of targets are not always as security savvy or protected as they should be.


3. CLONE PHISHING

Clone phishing uses legitimate, previously delivered emails.

The cyber attackers will use original emails to create a cloned or almost identical version. Clone phishing emails may claim to be a resend of the original or an updated version of it. Only this time, the attachment or link is replaced with a malicious version. It appears to come from the original sender and uses a fake reply-to address.

This phishing strategy works because it exploits the trust created from the original mail.


HOTTEST PHISHING TRENDS:


1. CLOUD PHISHING

Cloud phishing attacks also had a boost in the past year, because of the increasing usage of cloud storage technology.

This is usually distributed via email or social media, as a message sent by compromised friends accounts or on behalf of a cloud service provider. It will invite users to download a document uploaded to a popular cloud service. When the victim clicks on the link, malicious software will be downloaded.

The stolen information can be used for extortion, sold to third parties or used in targeted attacks.

Here’s an example of cloud phishing using Dropbox brand, via Kaspersky:

Dropbox phishing


2. GOVERNMENT PHISHING

Be vigilant when it comes to communications that claim to be from law enforcement agencies, such as the IRS, FBI or any other entity.

The most fraudulent attempts in the past years were created to mimic IRS communication, in an attempt to steal your financial information.

You should know that government agencies don’t initiate contact with taxpayers via email, especially to request personal or financial information.

You should read these actionable advices provided by the IRS.

Also keep an eye out for insurance offers, as this was one of the hottest topics for spamming and phishing in 2015.


3. SOCIAL MEDIA PHISHING

Phishing on social media networks isn’t novelty, but it will probably never get old. Phishers create websites that look identical to Facebook or LinkedIn or any other social media websites, using similar URLs and emails, in an attempt to steal login information.

Phishers will ask you to reset your password. If you click on the link, you’ll be redirected to a page that looks identical to Facebook and asks you to enter your login information.

The attackers can then use this to access your account and send messages to friends, to further spread the illegitimate sites.

Other times, they can make money by exploiting the personal information they’ve obtained, either by selling them to third parties or by blackmailing.

Read this warning note from Facebook to see how this phishing category may look like.

Facebook phishing


HOW TO AVOID GETTING CAUGHT IN THE PHISH NET


1. SENDER DETAILS

First thing to check: the sender’s email address.

Look at the email header. Does the sender’s email address match the name and the domain?

Spoofing the display name of an email, in order to appear to be from a brand, is one of the most basics phishing tactics.

Here’s an example: an email from Amazon that comes from “noreply@amazon.com” is legitimate. But an email that appears to be from someone at Amazon but was sent from a different domain, like the email in the picture below, is most certainly not from Amazon.

Phishing example - Amazon Prime (22-12-2015)

Compare the headers from a known valid message from a given source with those on a suspect message.

If they don’t match, don’t click on anything, don’t download any attachment.

For experts: You can also analyze the email header and track IP using this tool.

If you are using Gmail, you can turn on the authentication icon for verified senders. This way, you will see a key icon next to authenticated messages from trusted senders, such as Google Wallet, eBay or PayPal. Unfortunately, only few domains are currently supported by this program, but hopefully it will extend in the future.

Another verification method available for Gmail users:

Check whether the email was authenticated by the sending domain. Open the message and click on the drop-down arrow below the sender’s name. Make sure the domain you see next to the ‘mailed-by’ or ‘signed-by’ lines matches the sender’s email address.

Find out more about it here. It will look like this:

Sent by & Signed by - Amazon & Gmail authentication example (22-12-2015)

The second thing to check: the address the email was sent to.

Look at TO and CC fields. If the email was sent to old or wrong addresses, it may indicate it was sent to old lists or randomly generated emails.


2. MESSAGE CONTENT

Clue number one: They ask you to send them or verify personal information via email.

Or they are asking for information which the supposed sender should already have.

Here is a recent example of phishing using the brand DHL (screenshot via Comodo):

DHL Shipment phishing 2015

Clue number two: They are likely to play on your emotions or urgency.

As a general rule, be suspicious of any mail that has urgent requests (e.g. “respond in two days otherwise you will lose this deal”), exciting or upsetting news, offers, gift deals or coupons (especially around major holidays or events, such as Black Friday or Christmas).

Clue number three: They claim there was some sort of problem with your recent purchase or delivery and ask you to resend personal information or just click on a link to resolve it.

Banks or legitimate e-Commerce representatives will never ask you to do that, as it’s not a secure method to transmit such information.

Here’s an example of PayPal phishing:

PayPal Phishing Example 2015

Clue number four: They claim to be from a law enforcement agency.

They never use email as a form of contact.

Clue number five: They ask you to call a number and give your personal details over the phone.

If this is the case, search for the official correspondence from the company and use the phone number provided them to verify if this is true.


3. MESSAGE FORM

First rule: Beware of bogus or misleading links.

Hover your mouse over the links in the email message in order to check them BEFORE clicking on them.

The URLs may look valid at a first glance, but use a variation in spelling or a different domain ( .net instead of .com, for example). Thanks to the new generic topic-level domains that were introduced in 2014, spammers and phishers gained new tools for their campaigns.

Other phishing scams use JavaScript to place a picture of a legit URL over a browser’s address bar. The URL revealed when hovering with your mouse over a link can also be changed using Java.

Second rule: Look out for IP addresses links or URL shorteners.

They can take a long URL, shorten it using services such as bit.ly, and redirect it to the intended destination. It’s hard to find out what’s on the other end of that link, so you might be falling into a trap. Better be safe than sorry.

It’s not unusual for the domain to be deliberately distorted in the email, by adding extra spaces or characters, together with instructions on how to use it (“Remove all the extra characters / spaces and copy to the address bar”).

Useful tools:
Check a redirect with this Redirect Checker from Internet Officer, to see where it’s leading to.

Or screenshot the page remotely using Browser Shots.

Third rule: Beware of typos or spelling mistakes.

This used to be the norm, but it’s no longer an imperative.

Fourth rule: Beware of amateurish looking designs.

This means: images that don’t match the background or look formatted to fit the style of the email. Stock photos. Photos or logos uploaded at low resolution or bad quality.

Fifth rule: Beware of missing signatures.

Lack of details about the sender or how to contact the company points into phishing direction. A legitimate company will always provide such information.


4. ATTACHMENTS

Look out for attachments.

They can attach other types of files, such as PDF or DOC, that contain links. Or they can hide malware. Other times, they can cause your browser to crash while installing malware.

The latest Kaspersky Labs reports show that in Q3 of 2015 there’s been an increase in phishing using attachments:

“A particular feature was a new trick used in phishing emails – in order to bypass spam filters they placed the text of the email and fraudulent link in an attached PDF document rather than in the message body.


5. EXTERNAL LINKS / WEBSITES

Let’s assume that you already clicked on a link from a suspicious email.

Is the domain correct? Don’t forget that the link may look identical, but use a variation in spelling or domain.

Before submitting any information on that website, make sure that you are on a secure website connection. You can easily check that by looking at the link: does it start with “https” or “http”? The extra “s” will mean that the website has SSL. SSL is short for Secure Sockets Layer and is a method to ensure that the data sent and received is encrypted. More legit and safe websites will have a valid SSL certificate installed.

Another way to check that is to look on the left of the web address: is there an icon of a closed padlock? Or is the address highlighted in green? This will indicate that you are visiting an encrypted site and the transferred data is safe.


HELPFUL TOOLS

Use browsers that offer built-in phishing protection.

In general, there are two ways to detect phishing websites: heuristics and blacklists.

A heuristic method analyzes patterns in URL, words in web pages and servers in order to classify the site and warn the user.

Google and Microsoft operate blacklists. Google integrated them with Firefox and Chrome, so a warning message will appear before entering a phishing website. Microsoft is integrated with Internet Explorer and Edge.

You can also install browser add-ons and extensions designed to block phishing attempts. Read more tips on this subject on Tech Support Alert.

Other useful tools:

Check and Secure browser & plugin

Browser & Plugin-Check by Check & Secure. This scans your browser and all the installed plugins, to see if they are up to date.

“83% of all malware infections could have been avoided, if the browser plugins had been updated in the first place.”

Cyscon PhishKiller


BASIC ONLINE SECURITY


IN ORDER TO KEEP YOUR PC SAFE:

Be aware that cyber attackers are one step ahead of the defenders. That means that you cannot always be 100% protected against them, not even with all the email filtering systems or anti-virus software.

Of course, this doesn’t mean that you want to make their jobs easier, so make sure you keep your computer updated at all times.

Keep your software updated as well. If you use a free tool that offers automatic and silent software updates, you can eliminate up to 85% of security holes in your system.

Install a reliable antivirus. It should include real-time scanning and automatic update of virus database.

Choose an antivirus that scores high on phishing protection tests. More tips on this you can read in our guide.

You should also create a separate email account that you only use to subscribe to newsletters, forums, online retailers, social media accounts or other public Internet services. Keep your personal email account as private as possible. This will help reduce the amount of spam and phishing attempts you receive.

Also, beware not to click on the Unsubscribe button or follow instructions for unsubscribing. Many spammers and phishers use these in order to find out if your email is valid.


BASIC SAFE PASSWORDS MANAGEMENT RULES

Phishing is very effective because more than 50% of users use the same passwords for different credentials. This makes it easy for the cyber criminals to gain access to other accounts.

It’s important to use different passwords for your accounts. The same way you don’t use only one key for your house and your car, you shouldn’t use the same password more than once. This way, cyber attackers won’t be able to get into any other accounts of yours.

If available, activate two-factor authentication. This way, you’ll receive a unique one time code on your phone every time you want to log in from a different device. It will add a second layer of protection, that’s much more difficult to breach by cyber attackers.

For more actionable tips on this subject, check out our password security guide.

How Tough is Your Password Security


FINANCIAL SECURITY STEPS

Periodically review your bank account activity (daily, if possible), to check all the transactions.

If you don’t recognize any of the transactions, regardless the amount, contact your bank straight away.

Turn on text messages notifications for all card transactions.

It will alert you in real time if an online transaction exceeds the limit that you set (make sure you set it to the minimum available).

Also enable two-steps approval for transactions, so that you will have to use your mobile phone number.

Put a security freeze on your credit report.

In case of identity theft, it will prevent any openings of new accounts in your name. However, you will have to lift it every time you want to apply for a loan or rent a new place.

And lastly but not least important: try to use a separate card, dedicated only to digital transactions.

Transfer money on it every time you plan to buy something. In the rest of the time, leave only a small amount of money on it.

Credit cards


IF STILL UNSURE WHETHER IT’S PHISHING OR NOT

What steps to take:

Try to always directly type the web address of the site you want to access in your browser, instead of clicking on links from emails or social media networks.

Directly contact the company or organization from which the message appears to be sent. Grab the phone or forward them the phishy email. Search for prior communications with them, such as post mail, and use the contact information provided there. Don’t use the contact information provided in the email.

You can also improve your phishing detection skills by taking these quizzes gathered by Capterra on their blog. They also have plenty of phishing emails examples.

Phishing_Login


WHAT TO DO IF YOU THINK YOU WERE PHISHED

If you have a hunch that something is wrong, immediately contact your bank or credit card institution and close the accounts you believe they may have been compromised.

Change the passwords used for those accounts and then also change the passwords used for the emails linked to them.


WHERE TO REPORT PHISHING ATTACKS

Forward the message to the last known good address of the sender.

There are several places where you can submit phishing attacks or websites:

If it appears to be from IRS, you can forward it to phishing@irs.gov
Or to the Federal Trade Commission at spam@uce.gov
At US Cert: phishing-report@us-cert.gov
At The Anti-Phishing Working Group: reportphishing@apwg.org

If you are using Gmail, in the drop down menu at every email there is a Report Phishing button.

Report Phishing at Gmail example

If you aren’t using Gmail, you can complete this form.


Conclusion

One last advice: always trust your gut. It may not be the most scientific approach, but, ultimately, you should just listen to what your intuition tells you. If something feels wrong, even if you cannot specifically explain why, or if it’s too good to be true, it’s better to stay away from it.



Comments

[…] click on the links or open the attachments. Since so many people have vulnerable workstations, phishing has been an extremely successful way to get malware installed, or to trick users into divulging […]

[…]  Don’t click any links or download attachments from phishing emails. […]

[…] people usually associate phishing with emails, but another important channel is social […]

[…] a standard phishing attack, a malicious hacker tries to trick the victim into believing he is trustworthy, in order for the […]

[…] Here’s a more in-depth look on how you can avoid a phishing attack. […]

[…] There are a number of strategies for phishing attacks. Heimdal security gives great explanations in its blog post, The ABCs of Detecting and Preventing Phishing: […]

[…] the Internet is harmful, until proven otherwise. With that being said, here are some basic tips to protect yourself from these nasty phishing […]

[…] Phishing is a method that cyber criminals use to sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by posing as a trustworthy entity in emails or other means of electronic communication. […]

[…] most common ways for you to become vulnerable to a malware attack or phishing scam take place when […]

[…] want to report phishing scams that you come across from other sources, we included some tips in our dedicated guide for phishing […]

[…] most common ways for you to become vulnerable to a malware attack or phishing scam take place when […]

[…] is the same: the victims will be delivered malicious websites that are intended for pharming or phishing. The websites can either be an impersonation of the website that the victim wanted to see […]

[…] attacker used a simple phishing technique in order to gain access to victims’ accounts: he sent them emails that appeared to look like they […]

[…] click on the links or open the attachments. Since so many people have vulnerable workstations, phishing has been an extremely successful way to get malware installed, or to trick users into divulging […]

[…] wouldn’t want to end up in a phishing net or with some type of malware that takes over your computer, would […]

[…] the same percentage said they are not confident that their executives could spot a phishing scam […]

[…] Cyber criminals used extremely targeted phishing emails to infect the targets with malware and gain access to hotels’ networks. Those breaches […]

[…] manipulation is heavily used in cyber attacks, especially in phishing and ransomware compromise […]

[…] your time and read our anti-phishing guide – it will help you detect and prevent the techniques used by […]

[…] can also send them our extended guide on phishing and how to prevent it – there we explained everything they should know about […]

[…] able to recognize a potential threat or attack. You need to be able to differentiate between spam, phishing attacks, malware, etc. so you can prevent a virus from penetrating the system and leaking data to […]

[…] know that online criminals use a vast array of weapons against computers, from phishing attempts in spam campaigns and drive-by downloads to deliver malware but, as we have recently disclosed in […]

[…] most data stealing malware and ransomware, CryptoWall spreads mainly through phishing and spam campaigns that invite users to click a malicious link or access an e-mail attachment. At […]

[…] angles of attack used by hackers from the Internet are attacks such as phishing, drive-by downloads, watering hole attacks or social website attacks. If you don’t know them, […]

[…] click on the links or open the attachments. Since so many people have vulnerable workstations, phishing has been an extremely successful way to get malware installed, or to trick users into divulging […]

[…] of hacks to increase. The natural head-on hack will continue, but the use of more complex spear phishing and targeted malware attacks will certainly increase as well. By targeted malware I mean that […]

[…] Phishing is an old tactic used by IT criminals who try to steal your sensitive information and your financial data. For this reason, you should keep an eye, not only on e-mail messages, but also on messages received via your LinkedIn account. […]

[…] a CEO you are the front figure of the organization and therefore more likely to be the victim of phishing attacks or direct hacker attempts to gain access to your corporate […]

[…] new email phishing campaign has been targeting Airbnb customers. Make sure you don’t fall into this […]

[…] and we should all just give up antivirus products, but rather adopt new tools to protect against phishing attempts, spam campaigns, malicious web pages and cybercriminal […]

[…] we need to establish fast the limits of our liberty to access unfiltered content and the potential dangerous phishing attempts that could pose a threat to our […]

[…] Phishing is the name given to cybercriminals’ attempt to trick you into giving them sensitive information or money. […]

[…] 3. With real-time phishing – the attacker will ask for the one-time password and use it immediately. LastPass users were recently targets to a severe phishing campaign, that not even two-factor authentication could have prevented. You can find out more about how to detect and prevent phishing from our dedicated article. […]

[…] the first one we covered the basics of detecting and preventing phishing: what it is, how to detect it and what to do in case you got caught in the phishing […]

[…] for JavaScript code from a web location controlled by the IT criminals. The infected computers run phishing attacks to obtain sensitive data from its […]

[…] Security is the solution which detects and blocks phishing websites and malicious servers controlled by IT criminals from removing your sensitive […]

[…] Exposing personal details may lead hackers into finding your financial information. For the same reason, check your kids’ social media behavior to make sure they won’t expose private information that may possibly be used against you, in phishing attacks. […]

[…] most common ways to become vulnerable to a malware attack or phishing scam take place when […]

[…] away from phishing attacks. This malicious attempt to retrieve personal information from a user is usually done using the […]

[…] antivirus program that protects you against classical threats, such as viruses, worms, trojans or phishing. At the same time, you also need solutions against spam, data and financial stealing malware, a […]

[…] safe from phishing attacks. Pay attention to the various messages you receive from unknown users, which ask for your personal […]

[…] And the word “danger” brings to our minds words, such as: cyber-crime, online threats, phishing, scams, trojans, hackers and […]

[…] is a classic phishing attack through which they try to trick you into giving away personal information or private […]

[…] ingenious phishing scams used in their attacks usually target the users when they shop online, check the e-mail or when they […]

[…] The VPN hides your IP address and encrypts your connection. This way you can access any online location in complete anonymity. No more danger from IT criminals and their malicious software or phishing attempts. […]

[…] software like Heimdal Security to keep your sensitive data away from cyber-criminal minds, phishing attempts and malicious […]

[…] laws or international treaties do not apply or are difficult to impose. A security threat or a phishing campaign that originated in the other part of the world makes it difficult to reveal and catch the real […]

[…] The VPN hides your IP address by encrypting your connection and allowing you to browse online in anonymity. Using this method you protect your online privacy and you keep your valuable information from cyber threats, online scams, identity breaches or phishing attempts. […]

[…] most common threats include identity theft, phishing schemes, credit card fraud, impostor scams, impersonation and many more. You can find more examples […]

[…] test evaluates the protection against phishing attempts, which usually occur by e-mail or instant messaging, and lure the target into entering sensitive […]

[…] Phishing: the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by disguising itself as a trustworthy entity in a Facebook message or Tweet. […]

[…] In 2014, the proportion of spam in email flows was about 60%, according to a study by Symantec, and that’s a constant problem we’ve all been dealing with for years and years. The same study shows that the estimated Global Spam Volume per Day is 28 billion emails, and 1 in every 965 of these emails contains a phishing attempt. […]

[…] Phishing – is a method that cyber criminals use to sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by posing as a trustworthy entity in emails or other means of electronic communication. […]

[…] is not very difficult to spot this type of phishing e-mails which demand immediate action and contain words like “confirm now“, “take action […]

[…] they target your financial data, by launching “zero-day” attacks and phishing campaigns, you need an advanced technology that is specially designed for these […]

[…] If your device is used for work too, the phishing e-mails may target more than just personal information. […]

[…] Phishing spam campaigns are another popular method to target users’ sensitive information and private data. […]

[…] malware economy is now firmly established using macroeconomic strategies, with wide scale phishing attacks (mass marketing), massive and centralised malware distribution channels and big […]

[…] face it, neither malvertising, malware-ladden websites, browser hijackers nor phishing attempts are going to be eradicated as cyber threats, but there is a lot we can do to diminish their reach, […]

[…] been compromised to deliver attacks to other computers, without their owners knowing it) to hide phishing campaigns, malware-loaded websites and other infection sources targeting a large group of […]

[…] content is legitimate, safe. But sometimes it can lead you to a malicious destination, such as a phishing website or a malware-infected spam email. And cyber criminals are getting unbelievably good at […]

[…] Amanda is not a regular Internet user. She works for a renowned website and has read plenty of cautionary stories about cyber security incidents. She knows and follows some basic steps that can shield her from cyber attacks, but she still fell for one of the most common scams out there: a phishing email. […]

[…] your email address so they can send you all sorts of messages packed with malware, ransomware, phishing attempts or other threats to your cyber […]

[…] a security solution that can filter your Internet traffic to protect you from malicious websites, phishing attempts and other dangerous web […]

[…] addresses and make them look legitimate. This tactic is not only used in spam campaigns, but in phishing and spear phishing attacks as […]

[…] Next week we’ll come up with another comprehensive security guide, with everything you need to know about phishing. […]

[…] most people know, phishing refers to online attempts to collect valuable information and sensitive data from an individual or […]

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP