Trap phishing is one of the most valuable intelligence-gathering tools cyber criminals have at their disposal. Hackers routinely send out emails, phone calls, and messages to trick the recipients into handing over personal information, clicking on a web link,or downloading a malicious attachment and infecting their device. These trap phishing attacks, more commonly referred to...

When it comes to cyber crime, hackers like to locate the most high-value targets, whether it’s a piece of infrastructure or an individual with access to privileged information, all while expending the least effort possible. In most examples of spear phishing attacks, a criminal will send out targeted attacks via email to multiple users. In these emails, the attacker will use...

In early July, IT solutions provider and remote management solution provider Kaseya announced that it had fallen victim to a supply chain ransomware attack. During the attack, hackers leveraged a vulnerability in Kaseya’s VSA platform to encrypt the data of hundreds of downstream MSPs and their clients. The Kaseya ransomware outbreak is one of the latest high-profile...

At the start of April, hackers leaked the data of 533 million Facebook users from 106 countries in an online hacking forum. The leaked data included the private information of Facebook users like full names, phone numbers, email addresses, locations, Facebook IDs, and biographical data. While hackers obtained the information in 2019, there are serious concerns over how cyber...

During the last week of January 2021, cyber security provider TrendMicro shared a blog post highlighting an Office-365 phishing campaign that criminals have targeted executives within manufacturing, tech, real estate, government, and finance since May 2020. As part of the scam, fraudsters sent the victims fake emails with links to a phishing site, where they harvested their...

Spear phishing occurs when cyber criminals deploy targeted attacks against individuals and businesses alike via email. Using savvy tactics, hackers collect sensitive data about specific parties to construct messages that sound familiar and trustworthy. As its name implies, spear phishing falls under the larger umbrella category of phishing attacks that victimize end users and...

Discover security awareness trends and best practices for 2021 Your employees are your first line of defense against cyber security attacks. The strength of your security awareness program depends on every employee in your organization. As part of your organizational goals and plans for 2021, you need to prioritize building a cyber secure and aware culture. This requires an...

The disruption caused by the Covid-19 pandemic saw enterprises across the globe rapidly adopt remote working to support social distancing and comply with quarantine restrictions implemented by national governments. Amid this chaos, many cyber criminals created new phishing scams and other online threats, leading to many high profile data breaches. One of the most alarming...

With Black Friday, Cyber Monday, Thanksgiving, and the Christmas holidays fast approaching, cyber criminals are working round the clock to create new scams, such as the shipping notification scam, to phish for private information and commit identity fraud. As many employees will be shopping online during working hours, cyber security leaders need to educate employees on...

Security awareness training for financial services and bank employees must be a top priority. While financial services institutions have long been prime targets for cybercriminals, as most attacks are financially motivated, the shift to remote work business models and operations has heightened cyber security risk levels. Recent data reinforces why financial services CISOs and...

In mid-August, cybercriminals targeted the Canada Revenue Agency with two credential stuffing attacks, obtaining the usernames and passwords of 9,041 GCKey accounts, and 5,500 CRA accounts. The fraudsters then used the stolen login credentials to apply for the Canadian Emergency Response Benefit (CERB). In response to the attack, a statement released by the Office of the Chief...

Since December 2019, there has been a coordinated campaign of phishing attempts targeting Office 365 users. Cyber criminals have sent spoofed email, gathering the login credentials and payment details of Microsoft accounts in over 62 countries. According to one report, despite a 42% reduction in phishing attempts in 2019, scams like this Microsoft Office 365 campaign remain a...

Less than a week ago, Twitter fell victim to a monumental security breach that saw hackers successfully orchestrate a social engineering attack and take over high-profile Twitter user accounts, including world-renowned companies like Apple and business magnates like Bill Gates and Elon Musk. The cybercriminals used that access to launch a bitcoin scam that generated over $120...