Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Every year, more and more companies are confronted with website and email spoofing worldwide. Cyber criminals use fake websites and fake email accounts for phishing, spear phishing and social engineering attacks to commit fraud, redirect web traffic, or manipulate search engine rankings. The disarming, or takedown, of these fake domains is a real challenge for more and more security teams. This is because cyber criminals are becoming increasingly professional in their spoofing activities.

Even though cybersecurity is always changing, phishing attacks are still a threat that is getting worse. The goal of these attacks is to get people to give up private data like passwords, financial information, or company secrets by using social engineering tricks. As technology has improved, phishing schemes have grown more complex in 2024. They now use convincing methods to target both people and businesses. According to new studies, 91% of cyberattacks start with a phishing email.

The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access. I’ve stood on the “phishing is a problem” soapbox for many years, attempting to focus the attention of cybersecurity teams on the single largest problem within the organization: the employees that fall for social engineering tactics time and time again.

Threat actors are exploiting Microsoft Visio files and SharePoint to launch two-step phishing attacks, according to researchers at Perception Point. “Perception Point’s security researchers have observed a dramatic increase in two-step phishing attacks leveraging.vsdx files – a file extension rarely used in phishing campaigns until now,” the researchers explain.

CYJAX has identified a novel phishing technique which is used to harvest Microsoft credentials via websites which are masqueraded as locked Microsoft Word documents. This technique, which CYJAX is calling DirtyWord, uses a blurred Word document as the page background to inform the user that they must log in to view the document. Whilst CYJAX has not observed the delivery mechanism of the phish, it appears that it likely occurs through spear-phishing emails.

Enforce identity verification throughout the employee life cycle using Persona and Okta’s out-of-the-box integration for identity verification. Joshua Rodriguez is a product marketing manager at Persona focused on our Graph product and financial institution and public sector verticals. You'll find him around the Bay Area exploring museums with his wife and young daughter.

If you think you’ve accidentally opened a phishing PDF, it’s important to immediately disconnect your device from the internet, back up your files, run a virus scan on your device and change your passwords. Typically, you can spot a phishing attempt if an email contains urgent and threatening language, too-good-to-be-true offers, spelling and grammatical errors or requests for private information.

Attackers are abusing Eventbrite’s scheduling platform to send phishing emails, according to researchers at Perception Point. These attacks increased by 900% between July and October 2024. “Perception Point researchers observed phishing emails delivered via ‘noreply@events.eventbritecom,’” the researchers write.

Threat actor uses the Gophish toolkit in phishing campaigns, attackers bypass secure email gateways and antivirus scanners, and Bumblebee malware returns.