Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cybercriminals are capitalizing on tax season by launching phishing campaigns targeting QuickBooks users, Malwarebytes reports. The attack begins with a malicious Google ad that appears at the top of the page when a user searches for QuickBooks. The website’s domain, “quicckboorks-acccountingcom,” is designed to trick users who don’t closely examine the URL.

Arctic Wolf has observed an uptick in activity from the Silent Ransom Group, a cybercriminal group first identified in 2020 and notorious for its targeted cyber extortion campaigns driven by financial gain. This week, the group has been targeting the legal industry using “call-back” phishing tactics. The group sends emails impersonating services such as Duolingo or Masterclass, claiming a pending charge and urging recipients to call a phone number to resolve the issue.

Ever thought an image file could be part of a cyber threat? The Trustwave SpiderLabs Email Security team has identified a major spike in SVG image-based attacks, where harmless-looking graphics are being used to hide dangerous links. This blog post analyzes the various techniques cybercriminals are using to cleverly weaponize these image files in phishing attacks and what your organization can do to prevent these pixel-perfect tricks.

A phishing-as-a-service (PhaaS) platform dubbed ‘Lucid’ is driving a surge in SMS phishing (smishing) attacks, according to researchers at Prodaft. The platform is operated by Chinese cybercriminals who offer access to the service under a subscription model. A Lucid subscription allows crooks to easily craft sophisticated, targeted phishing campaigns.

A strong email security posture is as much about culture as it is about technology. In the 2022-23 financial year, 78% of Australian businesses offered annual cybersecurity training to their entire workforce; however, only 39% of these businesses provided specialized training for privileged users who are authorized to perform security-relevant functions that ordinary users are not.

Phishing attacks are driving a surge in “double brokering” scams in the shipping industry, according to Christian Reilly, Cloudflare’s Field CTO for EMEA. In an article for TechRadar, Reilly explains that these scams have risen by 400% since 2022, and 50% of freight brokers name it as their top concern. “Here’s how they work: Scammers pose as legitimate freight brokers or create fake transportation companies,” Reilly writes.

Traditional email authentication mechanisms like SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are great for getting started. They are like the first step to verifying email senders and combatting tampering. However, they don’t solve the entire problem. Attackers may still manipulate the “From” address, evade SPF checks using intermediary servers, or exploit misconfigured DNS (Domain Name System) records.

Trustwave MailMarshal fortified its position as a leading secure email gateway by being named a Top Player in Radicati’s Secure Email Market Quadrant 2025 report. This is the second consecutive year that Radicati has recognized Trustwave MailMarshal for its ability to protect organizations from email-based attacks.