Microsoft warns organizations of consent phishing attacks

In this type of phishing campaign, attackers trick people into giving a malicious app consent to access sensitive data, says Microsoft. Image: weerapatkiatdumrong, Getty Images/iStockphoto Phishing campaigns are a common tactic in which cybercriminals impersonate a well-known company, product, or brand to steal account credentials, financial information, or other data from unsuspecting victims. A typical […]

How to protect your organization from coronavirus-related phishing attacks

Emails exploiting COVID-19 have risen, declined, and risen again along with the changes in the pandemic and the shift to remote working, according to the security company GreatHorn. Image: GreatHorn Cybercriminals have been all too happy to take advantage of COVID-19 to deploy virus-related malware and cyberattacks. Phishing emails have been one popular method as […]

How to protect your remote desktop environment from brute force attacks

An RDP compromise provides a cybercriminal with a backdoor for ransomware and other types of malware, says security provider ESET. The coronavirus lockdown has prompted a host of organizations to require their staffers to work from home. But many of those employees still need to remotely access computers in the office, which has triggered an […]

2020 sees rise in invoice and payment fraud BEC attacks

Abnormal Security found a 75% increase in this type of campaign in the first three months of the year and a spike of 200% from April to May. Image: GrafVishenka, Getty Images/iStockPhotos The Business Email Compromise (BEC) is a more focused and potentially more profitable type of phishing scam favored by many cybercriminals. By spoofing […]

Phishing attacks target workers returning to the office

Emails with fake COVID-19 training materials are trying to trick employees into sharing their Microsoft credentials, says Check Point Research. Image: GrafVishenka, Getty Images/iStockPhotos The coronavirus has been a subject ripe for exploitation and abuse by cybercriminals with phishing campaigns, malicious websites, and phony apps. Now that organizations in some parts of the world are […]

Phishing attacks impersonate QuickBooks invoices ahead of July 15 tax deadline

Targeting the CEO and others in an organization, the attacks spotted by cybersecurity firm Darktrace were detected due to artificial intelligence. Image: designer491, Getty Images/iStockphoto Phishing campaigns typically use a few different tactics to compromise their victims. The initial emails usually spoof a company, brand, or product potentially used by the recipient. Often such emails […]

Cybercriminals unleash diverse wave of attacks on COVID-19 vaccine researchers

As multiple companies inch closer to a potentially life-saving vaccine for the coronavirus, cybercriminals with varying motives have increased attacks. Image: howtogoto, Getty Images/iStockphoto Governments, companies and educational institutions around the world have banded together to come up with a vaccine or treatment for COVID-19. But efforts to collectively come up with a cure have […]

How Business Email Compromise attacks pose a threat to organizations

BEC campaigns represent a relatively small percentage of all email attacks yet pose the greatest financial risk, says Abnormal Security. Image: Vladimir Obradovic, Getty Images/iStockphoto Cybercriminals like to use email to launch malicious campaigns as it’s the most direct method of reaching a potential victim. Phishing emails that spoof a well-known company or brand are […]

How DNS attacks threaten organizations

Application downtime was the most significant side effect of a DNS attack, according to EfficientIP. Image: EfficientIP Organizations rely on their own internal Domain Name System (DNS) servers to properly route users to the right computers, applications, and files. If DNS isn’t functioning correctly, then users won’t be able to access the resources they need. […]

Ransomware: Consumers would hold CEOs personally responsible for attacks

Some people believe the CEO of a company hit by ransomware should pay a fine, resign, or even be sent to prison, says Veritas. Image: Vitalii Gulenok, Getty Images/iStockPhoto A successful ransomware attack can hurt an organization in a variety of ways. Beyond the loss of sensitive data and the financial costs, an organization’s reputation […]