phishing

Subscribe to phishing via RSS

An attack against Salesforce between August 8 and August 18 targeting data through its Salesloft Drift app “is more extensive than at first thought.” The attack targeted numerous Salesforce customers “systematically exfiltrating large volumes of data.”

Google affirmed that threat actors not only targeted the Salesforce integration with Salesloft Drift, but also targeted some Google

HaveIBeenPwned is a website that allows users to check whether their data has been involved in data breaches. The website’s creator, Troy Hunt, was the subject of a phishing attack earlier this week. The attack was unrelated to the HaveIBeenPwned website and compromised Hunt’s personal Mailchimp account.

According to Hunt, he received an email purporting

A new report published by the software company Egress this month, Phishing Threat Trends Report, is a must-read. It outlines the proliferation of phishing toolkits on the dark web (that basically allows any Tom, Dick, and Harry Hacker) to launch successful phishing campaigns, how “commodity phishing attacks are overwhelming security teams,” the anatomy of

The recent increase in smishing and vishing schemes is prompting me to remind readers of schemes designed to trick users into providing credentials to perpetrate fraud. We have previously written on phishing, smishing, vishing, and QRishing schemes to increase awareness about these methods of intrusion.

HC3 recently warned the health care sector about vishing schemes

Most organizations and online platforms use multifactor authentication (MFA) (also called two-factor authentication) to confirm that the user is an authorized individual and not a scammer or fraudster. We have all been trained to use MFA through our workplaces to gain access to our work emails; tech companies offering free email services are suggesting that