It’s Official – Generative AI Has Made Phishing Emails Foolproof
The most basic use of tools like ChatGPT to script out professional-looking emails has all but eliminated improperly written content as an indicator of a potential phishing scam.
phishing
Threat Group UNC3944 Continues to See Success Using Text-Based Social Engineering
A new update on UNC3944 group’s activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.
Pharma Industry Seeing Reduction in Data Breach Costs, But Still Have Much to Do
Insights from IBM’s Cost of a Data Breach Report on the Pharmaceutical Industry shows that while the overall cost has improved, there are clear areas of risk that need to be addressed.
Facebook Messenger Becomes the Delivery Mechanism for Infostealer Malware Attack
Millions of business accounts on Facebook are the target of a new malware attack, which is seeing a success rate of 1 out of 70, causing concern for the security of corporate credentials.
Zero-Point Fonts in Phishing Emails
Attackers are using zero-point fonts to make phishing emails appear as though they’ve been verified by security scanners, BleepingComputer reports.
[HEADS UP] If You’re a LastPass User, You May be the Next Phishing Email Target
Cybercriminals are not holding back on LastPass users as a new phishing campaign has recently launched with the intent to steal your data.
New Threat Actor Impersonates the Red Cross to Deliver Malware
Researchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.
The hidden costs of neglecting cybersecurity for small businesses
In this Help Net Security interview, Raffaele Mautone, CEO of Judy Security, talks about the cybersecurity problems that small businesses face and the need for prioritization to save businesses from potential fines and damage to their brand reputation….
New twist on ZeroFont phishing technique spotted in the wild
Cybercriminals are leveraging the ZeroFont technique to trick users into trusting phishing emails, SANS ISC handler Jan Kopriva has warned. The ZeroFont phishing attack Documented and named by Avanan in 2018, the ZeroFont technique involves using text …
Ukrainian Military Targeted in Sophisticated Phishing Attack Using Drone Manuals
Securonix is tracking a phishing campaign that’s targeting the Ukrainian military with malware-laden attachments posing as drone instruction manuals. The threat actor is using Microsoft help files (.chm) to deliver the malware.