AI vs. human deceit: Unravelling the new age of phishing tactics

Attackers seem to innovate nearly as fast as technology develops. Day by day, both technology and threats surge forward. Now, as we enter the AI era, machines not only mimic human behavior but also permeate nearly every facet of our lives. Yet, despite the mounting anxiety about AI’s implications, the full extent of its potential […]

The post AI vs. human deceit: Unravelling the new age of phishing tactics appeared first on Security Intelligence.

Continue reading AI vs. human deceit: Unravelling the new age of phishing tactics

ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK)

In late April 2023, IBM Security X-Force uncovered documents that are most likely part of a phishing campaign mimicking credible senders, orchestrated by a group X-Force refers to as ITG10, and aimed at delivering RokRAT malware, similar to what has been observed by others. ITG10’s tactics, techniques and procedures (TTPs) overlap with APT37 and ScarCruft. […]

The post ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK) appeared first on Security Intelligence.

Continue reading ITG10 Likely Targeting South Korean Entities of Interest to the Democratic People’s Republic of Korea (DPRK)

New Generation of Phishing Hides Behind Trusted Services

The days when email was the main vector for phishing attacks are long gone. Now, phishing attacks occur on SMS, voice, social media and messaging apps. They also hide behind trusted services like Azure and AWS. And with the expansion of cloud computing, even more Software-as-a-Service (SaaS) based phishing schemes are possible.  Phishing tactics have […]

The post New Generation of Phishing Hides Behind Trusted Services appeared first on Security Intelligence.

Continue reading New Generation of Phishing Hides Behind Trusted Services

Black Hat SEO: Is Someone Phishing With Your Site Domain?

Search engine optimization (SEO) is a long game. Improving your website to rank higher on search engine results pages helps you attract more traffic. Plus, it helps build a trustworthy reputation. But, some people want to take shortcuts by using what’s known as black hat SEO. If this happens, your business could pay the price. […]

The post Black Hat SEO: Is Someone Phishing With Your Site Domain? appeared first on Security Intelligence.

Continue reading Black Hat SEO: Is Someone Phishing With Your Site Domain?

Why Phishing Is Still the Top Attack Method

Attackers are known to pore over a company’s website and social channels. Perhaps they spot a mention of an upcoming charity event. Who runs the charity? What does their email signature look like? What’s the color and size of the charity’s logo?    This kind of information is priceless to attackers. From there, attackers can craft […]

The post Why Phishing Is Still the Top Attack Method appeared first on Security Intelligence.

Continue reading Why Phishing Is Still the Top Attack Method

What Are the Biggest Phishing Trends Today?

According to the 2022 X-Force Threat Intelligence Index, phishing was the most common way that cyber criminals got inside an organization. Typically, they do so to launch a much larger attack such as ransomware. The Index also found that phishing was used in 41% of the attacks that X-Force remediated in 2021. That’s a 33% […]

The post What Are the Biggest Phishing Trends Today? appeared first on Security Intelligence.

Continue reading What Are the Biggest Phishing Trends Today?

Hive0117 Continues Fileless Malware Delivery in Eastern Europe

Through continued research into the ongoing cyber activity throughout Eastern Europe, IBM Security X-Force identified a phishing email campaign by Hive0117, likely a financially motivated cybercriminal group, from February 2022, designed to deliver the fileless malware variant dubbed DarkWatchman. The campaign masquerades as official communications from the Russian Government’s Federal Bailiffs Service, the Russian-language emails […]

The post Hive0117 Continues Fileless Malware Delivery in Eastern Europe appeared first on Security Intelligence.

Continue reading Hive0117 Continues Fileless Malware Delivery in Eastern Europe

Ransomware Resilience Tops Findings in X-Force Threat Intelligence Index 2022

For the third year in a row, ransomware was the top attack type globally in 2021, despite some successes last year by law enforcement to take down ransomware groups. This was among the top findings of IBM Security’s latest research published in the tenth annual X-Force Threat Intelligence Index, a comprehensive overview of the global […]

The post Ransomware Resilience Tops Findings in X-Force Threat Intelligence Index 2022 appeared first on Security Intelligence.

Continue reading Ransomware Resilience Tops Findings in X-Force Threat Intelligence Index 2022

How to Report Scam Calls and Phishing Attacks

With incidents such as the Colonial Pipeline infection and the Kaseya supply chain attack making so many headlines these days, it can be easy to forget that malicious actors are still preying on individual users. They’re not using ransomware to do that so much anymore, though. Not since the rise of big game hunting, anyway. […]

The post How to Report Scam Calls and Phishing Attacks appeared first on Security Intelligence.

Continue reading How to Report Scam Calls and Phishing Attacks

Phishing Attacks Are Top Cyber Crime Threat, Easier Than Ever to Create and Deploy

Why is one of cyber crime’s oldest threats still going strong? The Anti-Phishing Working Group (APWG) reports that January 2021 marked an unprecedented high in the APWG’s records, with over 245,771 phishing attacks in one month. IBM X-Force’s 2021 Threat Intelligence Index found that phishing led to 33% of cyber attacks organizations had to deal […]

The post Phishing Attacks Are Top Cyber Crime Threat, Easier Than Ever to Create and Deploy appeared first on Security Intelligence.

Continue reading Phishing Attacks Are Top Cyber Crime Threat, Easier Than Ever to Create and Deploy