The massive uptick in QR Code phishing is an indicator that scammers are seeing success in taking victims from the initial attack medium to one under the attacker’s control. It’s usually bad when we compare one month or quarter to another and see an increase. But when it’s a single month compared to more than half a year, you know it’s REALLY bad. And that’s what we find in security vendor ReliaQuest’s latest blog covering how Quishing is being used.
New findings show that the overwhelming majority of people have to sort through scam messages and texts. According to McAfee’s Global Scam Message Study, more than 80% of Americans say it’s more difficult than ever to spot a text, email or social media message that’s a scam. The proliferation of such messages sent via email and SMS is giving the average person a real sense that even they could become a victim if they’re not careful.
In a recent official advisory, the FBI warned about the threat of callback phishing (among other threats). Below is the relevant excerpt. If you are not familiar with callback phishing, it is usually a phishing email that arrives into a user’s email inbox, containing some sort of usual phishing message requiring the user’s urgent response. But unlike traditional email phishing, it does not contain a URL linked to a malicious site or content.
A phishing campaign is exploiting a large number of.top domains, according to researchers from WhoisXML API. In an article for CircleID, the researchers analyzed a phishing operation first uncovered by security researcher Dancho Danchev. “Our DNS deep dive into the phishing campaign led to the discovery of 5,245 unreported potentially connected threat artifacts, a majority of which were.top domains,” the researchers write.
The fight against cyber threats remains a top priority for all organizations, including phishing attacks. SlashNext just released its much-anticipated annual "State of Phishing Report for 2023." This report sheds light on the alarming surge in phishing threats across email, web, and mobile channels. We will delve into the key findings and insights from the report, highlighting the growing influence of generative AI tools in cybercriminal activities. The Phishing Landscape: A Disturbing Uptick.
Spear phishing was the most common attack technique in the third quarter of 2023, according to researchers at ReliaQuest. “In Q2 2023, spear phishing-related techniques represented the three most observed methods of attack,” the researchers write. “This remained true in Q3 2023, accounting for a total of almost 65% of all true-positive incidents.
What Are White Label Cloud Services? White-label cloud services are cloud solutions that are provided by a third-party vendor but can be rebranded and customized to fit the branding and requirements of the MSP or their clients. Essentially, white-label cloud services allow MSPs to offer cloud-based solutions under their own brand, enabling them to maintain consistency in their service offerings and provide a more cohesive experience to their clients.
The never-ending deluge of phishing emails, malware and ransomware threats can leave incident response and security operation teams (SOC) looking for faster ways to analyze user-reported malicious emails without risking their environments. Manually-triaging every email and being forced to switch between security applications/interfaces only slows response times, increases the chances for human error and means valuable threat intel can be missed.
