phishing
46,000 new phishing sites are created every day
An average of 1.385 million new, unique phishing sites are created each month, with a high of 2.3 million sites created in May. The data collected by Webroot shows today’s …
Equifax directed consumers to fake phishing site for weeks
You can now add another blunder to the already long list of Equifax’s missteps in the wake of the massive breach it announced earlier this month: the company has been …
Phishers targeting LinkedIn users via hijacked accounts
A new phishing campaign has been spotted hitting LinkedIn users via direct messages and the LinkedIn InMail feature. They are sent from legitimate LinkedIn Premium accounts …
Canadian university scammed out of $11.8 million
MacEwan University in Edmonton, Alberta, is the latest confirmed victim of scammers. “On Wednesday, August 23, MacEwan University discovered it had been the victim of a …
Office 365 account compromise attempts on the rise
Office 365, Microsoft’s software-as-a-service productivity software suite popular with corporate users, is increasingly becoming attackers’ preferred way into …
Global DMARC adoption still slow, it’s open season for phishers
92 percent of U.S. Fortune 500 companies have left their customers, partners and brand names vulnerable to domain name spoofing, one of the most common digital deception …
Attackers turn to auto-updating links instead of macros to deliver malware
SANS ISC handler Xavier Mertens has flagged and analyzed a malicious Word file that, somehow, is made to automatically download an additional malicious RTF file, ultimately …
Google wants iOS Gmail users to think twice about following suspicious links
Google has announced the rollout of new anti-phishing checks for the iOS Gmail app: in less than two weeks, all users will be confronted with two warnings if they attempt to …
Obscuring malicious Facebook links using the Open Graph Protocol
Most users click on links popping up in their Facebook News Feed without thinking twice about it, but it’s good to keep in mind that they can lead to malicious sites. …
Another popular Chrome extension hijacked through phishing
Chris Pederick, the creator and maintainer of the Web Developer for Chrome extension, is the latest victim of attackers who hijack popular Chrome add-ons in order to push ads …
Phishers steal Chrome extension from developer
An attacker has compromised the Chrome Web Store account of German developer team a9t9 software, and has equipped their Copyfish Chrome extension with ad/spam injection …
Seagate to pay millions for forking over employee info to scammers
A moment of inattention by one of its employees, and Seagate stands to lose tens of millions of dollars. No, the company was not the victim of a BEC scam – instead, it …
Featured news
Resources
Don't miss
- Data-stealing VS Code extensions removed from official Marketplace
- Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
- What good threat intelligence looks like in practice
- AutoPatchBench: Meta’s new way to test AI bug fixing tools
- Third-party cyber risks and what you can do