phishing   2597

« earlier    

Phishing for Phools - by @timoreilly
"Akerlof and Shiller propose a different theory, one with that marvelous quality of the best insights, which change the way you see, so the world never looks quite the same way again: Fraud and abuse are not market failures. There is an efficient market for everything, including manipulation, fraud, and abuse. For every phish, there is at least one “phool.” We each line up for the phishes that best match our own flawed estimate of our supposedly rational choices, and the phishermen efficiently learn to cast their lures where they can catch their self-selected prey."
social-media  words-that-matter-2017  facebook  phishing  bias 
3 days ago by jonerp
Phishing attacks growing more sophisticated
"Not long ago, phishing attacks were fairly easy for the average Internet user to spot: Full of grammatical and spelling errors, and linking to phony bank or email logins at unencrypted (http:// vs. https://) Web pages. Increasingly, however, phishers are upping their game, polishing their copy and hosting scam pages over https:// connections — complete with the green lock icon in the browser address bar to make the fake sites appear more legitimate. According to stats released this week by anti-phishing firm Phishlabs, nearly 25 percent of all phishing sites in the third quarter of this year were hosted on HTTPS domains — almost double the percentage seen in the previous quarter." - Brian Krebs. The Phishlabs data can be found here:
otf  phishing  security 
3 days ago by dmcdev
“Malware-free” attacks mount in big breaches, CrowdStrike finds | Ars Technica
Not necessary to use malware/files if you can phish credentials then log in and use PowerShell. Hard to detect.
malware  hacking  security  PowerShell  phishing 
5 days ago by jcretan
How to Protect Yourself Against Spearphishing: A Comic Explanation
Learn how to avoid getting phished with some digital security basics, as told through a comic narrative portraying a prominent hack you may be familiar with (the Podesta/DNC 2016 hack). Artwork by Joyce Rice and words by Intercept journalist Micah Lee.
otf  digisec  spearphishing  phishing  security  awareness  2fa 
6 days ago by dmcdev
Testing the Waters: How to Perform Internal Phishing Campaigns | Linux Journal
Phishing is one of the most dangerous threats to modern computing. Phishing attacks have evolved from sloppily written mass email blasts to targeted attacks designed to fool even the most cautious users. No defense is bulletproof, and most experts agree education and common sense are the best tools to combat the problem. The question is how can you safely test your users to determine their response? The answer in most cases is a phishing campaign—an ongoing attempt to test your own users on these types of risks.
phishing  security  2fhg 
10 days ago by jchris
Notification Of Data Breach Most Clicked Subject in Phishing Tests
According to the top 10 global phishing email subject lines for 2017 by, “Official Data Breach Notification” was the most clicked subject line from simulated tests.
data  data-breach  phishing 
12 days ago by Adventure_Web
FBI gave heads-up to fraction of Russian hackers' US targets • Associated Press
Raphael Satter, Jeff Donn and Desmond Butler:
<p>In the absence of any official warning, some of those contacted by AP brushed off the idea that they were taken in by a foreign power’s intelligence service.

“I don’t open anything I don’t recognize,” said Joseph Barnard, who headed the personnel recovery branch of the Air Force’s Air Combat Command.

That may well be true of Barnard; Secureworks’ data suggests he never clicked the malicious link sent to him in June 2015. But it isn’t true of everyone.

An AP analysis of the data suggests that out of 312 U.S. military and government figures targeted by Fancy Bear, 131 clicked the links sent to them. That could mean that as many as 2 in 5 came perilously close to handing over their passwords.

It’s not clear how many gave up their credentials in the end or what the hackers may have acquired.

Some of those accounts hold emails that go back years, when even many of the retired officials still occupied sensitive posts.

Overwhelmingly, interviewees told AP they kept classified material out of their Gmail inboxes, but intelligence experts said Russian spies could use personal correspondence as a springboard for further hacking, recruitment or even blackmail.</p>
phishing  gmail  fbi 
15 days ago by charlesarthur
How to Protect Yourself Against Spearphishing: A Comic Explanation
A trick called “phishing” was used to snare emails from the Hillary Clinton campaign and other Democrats. Here's how to protect yourself.
humor  security  phishing 
21 days ago by longfried

« earlier    

related tags

/  (plattsmouth  -  000  00000  2fa  2fhg  5words  9to5  advancedsearch  ai  alphabay  alphabaymarket  and  anonimowo  apfs  apple  appleid  appletv  apps  attack  automation  avoidance  awareness  bezpiecze  bialywywiad  bias  breach  camera  chatbot  clickman  countermeasures  crime  cv  cyber-security  cyber  cybersecurity  data-breach  data  databreach  digisec  dns  docs  domains  dopost  downloads  edtech  email  encryption  end  engineering  facebook  fail  fbi  file_system  fraud  free  gen_z  gmail  google  hack  hacking  humor  id  identity  impersonation  internet  ios  isa  isdp  it  keylogging  krack  lang:en  lasc  llc  mac  malware  monitoring  ne)  network  ocr  office365  oss  otf  pass  password  passwords  personal_net  podcast  potential_products  powershell  privacy  private  protection  proxy  python  ransomware  reference  report  research  scam!  scam  scammers  scams  security  securityculture  sms  social-media  social  socialengineering  solutions  spam  spearphishing  ssl  sudduth  sudduth”  theft  tips  tool  tor  tutorial  ui/ue  user  utilities  video  vision  webapps  webdev  wi-fi  words-that-matter-2017  work  wpd  “robert  ★★★★☆  watch 

Copy this bookmark: