How To Spot a Phishing Website
Phishing websites are designed to steal your personal information, but you don’t have to fall for them. Watch this short video to learn how to spot a phishing website and avoid getting scammed.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Cybersecurity Training For Teachers Is Key To Stopping Phishing In Schools
Schools have become a prime target for cybercriminals, with phishing now the biggest threat. In fact, 89% of UK primary and secondary schools experienced a phishing attack last year, the Department for Science, Innovation & Technology reveals. 40% of higher education institutions also reported serious repercussions after phishing attacks, such as, data breaches or financial loss. So, what makes schools such attractive phishing targets? The answer lies in the fact that they often store a lot of sensitive data, but lack the IT resources to properly protect it. The good news is teachers do have the power to fight back against phishing.
What To Do if You Opened a Phishing PDF
Opening a phishing PDF can instantly infect your device with malware, or it may trick you into entering personal information. Watch this video to learn what to do if you’ve opened a phishing PDF.
What to Look for in a Phishing Site Detection and Takedown Solution
With the average phishing campaign now harvesting its first set of credentials in under 15 minutes , the efficacy of a detection strategy is measured in seconds, not hours.. Relying on scanning and takedown or traditional threat intelligence feeds – that inherently lag behind real-time user engagement – is no longer a viable defense against even unsophisticated credential theft and account takeover (ATO) scams.
StrongestLayer Emerges from Stealth with $5.2M Seed Funding to Combat AI-Powered Email Threats
LLM-native cybersecurity platform addresses the 90 percent surge in phishing breaches as artificial intelligence democratizes nation-state attack capabilities.
Engineered To Evade: How Phishing Attacks Are Designed To Get Through Your Secure Email Gateway
Getting through secure email gateways (SEGs) is simply the cost of doing business for a cybercriminal. Literally, detection at the perimeter by a SEG is the same as falling at the first hurdle. SEGs have been adopted broadly, especially in larger organizations (although this picture has started to change in recent years - more on that below). Even where organizations don’t use a SEG, many native controls in email platforms (like Microsoft Exchange) operate using the same principles.
Arctic Wolf Observes Microsoft Direct Send Abuse
Arctic Wolf has recently observed a widespread phishing campaign targeting multiple organizations by abusing Microsoft 365’s Direct Send feature—a feature designed for internal email delivery without requiring authentication. Threat actors can identify valid domains and recipients, then send spoofed emails that appear to originate from internal domains—often impersonating the user themself—without needing credentials or access to the tenant.
Unlock Email Threat Visibility with Mimecast and Graylog
Email threats aren’t slowing down. From credential phishing to malware-laced attachments, email remains one of the most exploited entry points for attackers. If you’re already using Mimecast to help mitigate that risk, you’re ahead of the curve — but raw log data only gets you so far. Starting with Graylog 6.2.3, you can pull logs directly from Mimecast using API v2.0 and view them immediately with built-in Illuminate Dashboards.
Securing Against Phishing Beyond Email
Phishing is no longer just an email problem. Reports state that 40% of phishing campaigns now span channels beyond email, hitting collaboration tools like Slack and Teams, plus SMS, and social media platforms. Voice phishing (“vishing”) in particular is on the rise: 30% of surveyed organizations reported at least one instance of attackers using spoofed or AI-cloned calls to steal credentials in the past year.
What Is Smishing?
Text messages used to be a safe space—quick birthday wishes, delivery updates, maybe the odd emoji from a friend. But in today’s digital world, not every ping on your phone is innocent. Some are traps, carefully crafted to trick, scare, or confuse. One of the sneakiest tricks out there? Smishing. Yep, it’s a mashup of “SMS” and “phishing.” If phishing is the scam that hides behind a shady email, smishing is its text-based cousin.