Anti-Phishing Working Group – WindowsTechs.com

Why Web Browser Padlocks Shouldn’t Be Trusted

Posted on September 29, 2020 by Tom Spring

Popular ‘safe browsing’ padlocks are now passe as a majority of bad guys also use them. Continue reading Why Web Browser Padlocks Shouldn’t Be Trusted→

BEC Wire Transfers Average $80K Per Attack

Posted on September 2, 2020 by Tara Seals

That number represents a big uptick over Q1. Continue reading BEC Wire Transfers Average $80K Per Attack→

Phishers are Angling for Your Cloud Providers

Posted on August 30, 2019 by BrianKrebs

Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and thei… Continue reading Phishers are Angling for Your Cloud Providers→

Google-protected mobile browsers were open to phishing for over a year

Posted on May 28, 2019 by Danny Bradbury

Researchers revealed a massive hole in Google Safe Browsing’s mobile browser protection that existed for over a year. Continue reading Google-protected mobile browsers were open to phishing for over a year→

What’s behind this 1,000-character phishing URL?

Posted on February 14, 2019 by Danny Bradbury

Bleeping Computer learned of a strange phishing campaign which uses an unusually long URL – but why? Continue reading What’s behind this 1,000-character phishing URL?→

To avoid phishing hooks don’t swim with the shoal

Posted on December 15, 2017 by Lisa Vaas

A study found that national culture is the strongest predictor of an individual’s ability to spot deceitful emails.

Continue reading To avoid phishing hooks don’t swim with the shoal→

Hottest trend for phishing scammers: Buying web domains instead of hacking them

Posted on July 3, 2017 by Shaun Waterman

Hackers are increasingly abusing the highly decentralized web domain-name registration system to buy internet addresses they can use in phishing attacks, a new report says. The scams use legitimately acquired addresses to set up webpages that mimic bank or other e-commerce sites with the intention of tricking consumers into giving over login details and passwords. Such abuse of the domain-name registration system is not new, but it more than trebled last year, according to the Anti-Phishing Working Group’s 2016 Global Phishing Survey, released last week. The report documents in detail more than a quarter-million individual phishing sites that mimicked the web presence of nearly 700 genuine banks or other financial, e-commerce or social media companies and attracted potential victims through links in spam email or other messages. Those 255,056 phishing sites were hosted on nearly 200,000 domains (some domains had multiple sites on them), almost half of which, or 95,424, were registered by hackers through the legitimate domain registration system, overseen by […]

The post Hottest trend for phishing scammers: Buying web domains instead of hacking them appeared first on Cyberscoop.

Continue reading Hottest trend for phishing scammers: Buying web domains instead of hacking them→