An ongoing email-based phishing scam is attempting to fool recipients into opening malicious attachments disguised as notifications from the U.S. Department of Homeland Security (DHS), according to the Cybersecurity and Infrastructure Security Agency, in a warning posted on the official US-CERT web site this past Tuesday. “The email campaign uses a spoofed email address to […]
“File Deletion” Alert Becomes the Latest Scam to Compromise Office 365 Credentials
Attackers use simple cause for concern as the basis of a scam intent on tricking victims into offering up their Office 365 credentials. A very official-looking email is making the rounds, taking advantage of the approximately 50% of companies today using Office 365. And it’s not surprising, as Microsoft is the most impersonated brand in […]
Extortion Threatens Reputational Damage
Scammers are sending emails threatening to damage the reputation of websites unless the sites’ owners hand over 0.3 bitcoin, or around $2,400, according to BleepingComputer. The attackers say that they’ll send out billions of spam emails to millions of email addresses and websites. All of these emails will be spoofed to appear as though they’re […]
Phishing Canadian Targets
We have recently blogged about KrebsOnSecurity’s story on compromised Canadian business email addresses. Here is some updated background on threats to Canadian organizations. Since January 2019, nearly one hundred phishing campaigns have been tailored specifically for Canadian targets, according to researchers at Proofpoint. Attackers are spoofing a number of well-known Canadian companies and organizations, and […]
Q1 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC]
Every quarter, KnowBe4 reports on the top-clicked phishing emails by subject lines in three categories: Social, General, and ‘In the Wild’. The latter category results come from the millions of users that click on our Phish Alert Button to report real phishing emails and allow our team to analyze the results. Social Media Is Now […]
[Heads-up] Scary New MegaCortex Ransomware Strain Discovered That Targets Your Business Network
Sophos has discovered a scary new strain of very sophisticated ransomware called MegaCortex. It was purpose-built to target corporate networks, and once penetrated, the attackers infect your entire network by rolling out the ransomware to all servers and workstations, using your own Windows domain controllers. Sophos have detected infections in the United States, Italy, Canada, […]