Phishing Used to Get PII, not Just Ransomware

With all of the focus on ransomware attacks, it’s easy to forget about the damage done by email phishing. Yet, new research from Vade shows that phishing has seen a meteoric rise in the first half of 2021, including a 281% increase in May and a 284% i… Continue reading Phishing Used to Get PII, not Just Ransomware

Phishers and Spoofers are Getting Smarter! Are You?

It is common knowledge that any system is as strong as its weakest link. Unsurprisingly, threat actors constantly probe enterprise networks for such
The post Phishers and Spoofers are Getting Smarter! Are You? appeared first on Kratikal Blog.
The post… Continue reading Phishers and Spoofers are Getting Smarter! Are You?

A Brief Guide to How to Prevent Email Phishing Attacks

Congratulations! You have been selected as the winner of the lucky draw. Click on the link to claim your AmazonContinue reading
The post A Brief Guide to How to Prevent Email Phishing Attacks appeared first on Kratikal Blog.
The post A Brief Guide to H… Continue reading A Brief Guide to How to Prevent Email Phishing Attacks

U.S. election software companies aren’t that worried about phishing emails

Although a recently leaked intelligence report suggested that Russian spies attempted to hack into at least one election software vendor, many of the industry’s top companies say they aren’t threatened by spear phishing emails. Prominent election software companies say that phishing emails do not present a pressing problem, even though a classified intelligence report recently published by The Intercept indicated that Russian military intelligence had previously targeted one such company. The report says Russia’s attempt to influence the U.S. voting process may have been more expansive, and revealed attempts to place malware on the computers of local government officials. Of 16 U.S. election software companies contacted by CyberScoop, four said that they had not received any phishing emails between August 2016 and June 2017, including Free & Fair, ClearBallot, Scytl and BPro Inc. Others, like Everyone Counts, reported receiving phishing emails but stressed the sufficiency of the security systems currently in place […]

The post U.S. election software companies aren’t that worried about phishing emails appeared first on Cyberscoop.

Continue reading U.S. election software companies aren’t that worried about phishing emails

OAuth-based phishing campaign gives Gmail users a scare

An immense phishing campaign targeting Google accounts hit a wide array of journalists, government employees, academics and private company email accounts. This is what the attack looks like: The email has been landed in newsrooms from BuzzFeed to ABC, at universities and reportedly from addresses within the Chicago city government. The “Open in Docs” link redirects to the OAUTH2 service on accounts.google.com, according to researcher Bojan Zdrnja, where it asks for full access to the GMail account and all contacts from an application deceptively named “Google Docs.” Once access is granted, the attacker uses that account to send phishing emails to every contact in the victim’s contact list. OAuth is a mechanism companies like Google use that allows users to authorize apps and websites to access account information without giving away a password. For example, a third-party email app will want access to your GMail and will ask for permission through OAuth. […]

The post OAuth-based phishing campaign gives Gmail users a scare appeared first on Cyberscoop.

Continue reading OAuth-based phishing campaign gives Gmail users a scare