Search Results for: phishing
Olajide Onikoyi was one of many criminals who tricked students via a phishing campaign. Victims received emails prompting them to visit a fake student loans website.
A threat that doesn't just attack, but asks you to put in a password first?
Sounds weird, but the trick worked for malware in the past, and is now being used in phishing
Fraser Howard of SophosLabs explains...
Here you are! Episode #116 of the Sophos Security Chet Chat.
News, opinion, advice and research: Chet and Duck bring you their unique and entertaining combination of all four in their regular podcast.
The latest figures from the APWG show a decline in phishing reports. Verizon, on the other hand, implies that almost all incidents of cyber espionage reported in the last year included some phishing component.
This seems to confirm that phishing attacks are becoming less scatter-gun, focusing more on specific targets.
The Syrian Electronic Army (SEA) claimed on Tuesday that it had taken over the support page for instant messaging/VoIP service Viber.
Viber itself announced that the claims are overblown and that only two minor systems were breached - a customer support panel and a support administration system.
Google has expanded its Transparency Report data to include stats from their 'Safe Browsing' system, which keeps tabs on where malware and phishing sites are hosted. The data is a little short on definition, but shows which hosting providers are doing the worst job of keeping their IP space clean.
With a cybercrime plan as poorly thought out as this, maybe it's no wonder the Soviet Union didn't survive.
Phishing is often regarded as old hat. From a technical perspective, it's a case of 'been there, done that'. Sometimes however, we come across attacks that are just a little bit more interesting (or at least different) from the norm.
Flooded with phishing attacks, which staff and students were falling for, the IT team at Oxford University blocked access to Google Docs - hoping to wake up users to the threat..
Would such a technique work in your organisation?
"Please log into Google Docs, and then you'll be able to read my message."
"I've provided a handy link..."
You would like to think that computer users are getting smarter about securing their systems, and not falling for the age-old tricks used by cybercriminals.
However, we still see our fair share of elementary unsophisticated attacks designed to steal credentials from the unwary.
PayPal users are being targeted in what is a now-typical pattern of phishing against the global payment service.
The trick is short and simple: you receive an email "acknowledging" a smallish payment. It's $79 to an eBay advertising service in our example...
What would you do if you unwittingly became a victim of a phishing attack? Do you know how you'd go about reporting the phishing to the authorities?
On Friday, Microsoft launched Windows 8 to consumers.
Today, the experts at SophosLabs have intercepted a phishing attack which plays upon interest in the new operating system.
Can you phish without a phishing page? Research by a student at the University of Oslo in Norway finds that, with the help of a trusty URI, ‘Yes, you can.’
Phishers have taken advantage of the network disruption suffered by the O2 mobile network earlier this month.
The annual BlackHat conference in Las Vegas prides itself as "the best and biggest event of its kind, unique in its ability to define tomorrow's information security landscape."
That may well be. But this year's event has kicked off with a giant security boo-boo.