New twist on ZeroFont phishing technique spotted in the wild

Cybercriminals are leveraging the ZeroFont technique to trick users into trusting phishing emails, SANS ISC handler Jan Kopriva has warned. The ZeroFont phishing attack Documented and named by Avanan in 2018, the ZeroFont technique involves using text … Continue reading New twist on ZeroFont phishing technique spotted in the wild

Spam is up, QR codes emerge as a significant threat vector

85% of phishing emails utilized malicious links in the content of the email, and spam emails increased by 30% from Q1 to Q2 2023, according to a VIPRE report. Information technology organizations also overtook financial institutions (9%) as the most ta… Continue reading Spam is up, QR codes emerge as a significant threat vector

Cybercriminals turn to AI to bypass modern email security measures

Cybercriminals employ artificial intelligence (AI) to create complex email threats like phishing and business email compromise (BEC) attacks, while modern email security systems use AI to counter these attacks, according to Perception Point and Osterma… Continue reading Cybercriminals turn to AI to bypass modern email security measures

Organizations invest in AI tools to elevate email security

To counteract new and emerging threat methods enhanced by artificial intelligence, specialized email security vendors are leveraging a synergy of AI and human insights to enhance email security, according to IRONSCALES and Osterman Research. Cybercrimi… Continue reading Organizations invest in AI tools to elevate email security

Product showcase: Free email security test by ImmuniWeb Community Edition

According to an FBI report, in 2022, global losses from business email compromise (BEC) and email account compromise (EAC) attacks attained $43 billion, hitting a historic anti-record. Multiple cybersecurity vendors, including Microsoft and Trend Micro… Continue reading Product showcase: Free email security test by ImmuniWeb Community Edition

37% of third-party applications have high-risk permissions

Email attacks have increased in both sophistication and volume since the start of the year, according to Abnormal Security. Examining data since 2013, Abnormal identified a massive increase in third-party applications (apps) integrated with email, unde… Continue reading 37% of third-party applications have high-risk permissions

Salesforce and Meta suffer phishing campaign that evades typical detection methods

The Guardio research team discovered an email phishing campaign exploiting a zero-day vulnerability in Salesforce’s legitimate email services and SMTP servers. Phishing email sample as was sent from the “@salesforce.com” email address The vulnerability… Continue reading Salesforce and Meta suffer phishing campaign that evades typical detection methods