After a widely publicised hack or data breach, you'll often find "password check" sites springing up.
Some of them are legitimate, but other password check sites are as bogus as they sound on the surface...
It's good news if you're a cybercriminal.
But probably not something that's going to do much good for one of the world's poorest countries.
O, frailty, thy name is insecure pet supply website operators...
Spammers think quoting Hamlet is a way to help them steal usernames and passwords - but they're wrong.
Phishing is often regarded as old hat. From a technical perspective, it's a case of 'been there, done that'. Sometimes however, we come across attacks that are just a little bit more interesting (or at least different) from the norm.
Slovenian police on Thursday raided 12 homes and arrested five Slovenian citizens in connection with sending malware-packed email to small and medium businesses' accounting departments.
Have you taken a close look at the email that Evernote has sent out, with the subject line "Evernote Security Notice: Service-wide Password Reset"?
It looks like the hacked company has made a blunder.
Flooded with phishing attacks, which staff and students were falling for, the IT team at Oxford University blocked access to Google Docs - hoping to wake up users to the threat..
Would such a technique work in your organisation?
Account takeovers are down a mammoth 99.7% compared with what they were at the height of the spear-phishing plague of 2011, the company (rightfully) brags.
Do not relax: such success doesn't let us users off the hook when it comes to account security beef-up.
"Please log into Google Docs, and then you'll be able to read my message."
"I've provided a handy link..."
You would like to think that computer users are getting smarter about securing their systems, and not falling for the age-old tricks used by cybercriminals.
However, we still see our fair share of elementary unsophisticated attacks designed to steal credentials from the unwary.
PayPal users are being targeted in what is a now-typical pattern of phishing against the global payment service.
The trick is short and simple: you receive an email "acknowledging" a smallish payment. It's $79 to an eBay advertising service in our example...
What would you do if you unwittingly became a victim of a phishing attack? Do you know how you'd go about reporting the phishing to the authorities?
On Friday, Microsoft launched Windows 8 to consumers.
Today, the experts at SophosLabs have intercepted a phishing attack which plays upon interest in the new operating system.
Chinese technology giant Huawei, under the spotlight following US concerns that its technology could be used for undercover surveillance, has made an elementary mistake in regards to its UK careers page.
You can thank India for one out of six spam messages in your inbox, up from one in 10 when SophosLabs last put out its list of the Dirty Dozen top spam-relaying countries. The UK has upped its spam output as well, meaning it's rejoined the dirty dozen after an 18-month hiatus.
Spam messages have been sent out by cybercriminals claiming to reward loyal Apple customers with $100 of credit to spend in-store if they just buy a $9 discount card.
It's a wonder that Apple makes any money with marketing campaigns like this! (Or rather it would be, if the email could be trusted).
Inventive spammers are up to their old tricks again, desperate to do whatever it takes to get you to click on a link to their websites.
Beware any emails which claim to come from email@example.com - it could be that you're being targeted in an attack designed to steal your AOL, Gmail, Yahoo or Windows Live password.