CSOonline

Defenders can discover phishing sites through web analytics IDs

Many phishing websites are now using unique user IDs (UIDs), and that gives defenders a signal to detect phishing attacks before they do much damage. An increasing number of phishing websites use web ...
Krebs on Security

‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA

According to an analysis of Starkiller by the security firm Abnormal AI, the service lets customers select a brand to impersonate (e.g., Apple, Facebook, Google, Microsoft et. al.) and generates a ...
Bleeping Computer

Evasive phishing mixes reverse tunnels and URL shortening services

Security researchers are seeing an uptick in the use of reverse tunnel services along with URL shorteners for large-scale phishing campaigns, making the malicious activity more difficult to stop. This ...
TWCN Tech News

Online URL Scanners to Scan websites for malware, virus, phishing, etc

Managing websites is not easy these days because it’s not just about pushing products, but it is also about the websites’ security. Hackers are known to place malware, virus, and even use it for ...
Threat Post

Malformed URL Prefix Phishing Attacks Spike 6,000%

Sneaky attackers are flipping backslashes in phishing email URLs to evade protections, researchers said. Researchers from GreatHorn report they have observed a nearly 6,000-percent jump in attacks ...
Bleeping Computer

Focused Phishing: Attack Targets Victims With Trusted Sites and Live Validation

The Keep Aware threat research team recently observed a phishing incident that involved leveraging legitimate infrastructure, precision email validation, and evasive delivery techniques. This attack ...
CSOonline

Attackers abuse URL protection services to hide phishing links in emails

Reputation filters used to prevent access to phishing sites were misused to allow access to the very sites they are meant to prevent access to. Recent phishing campaigns were seen abusing email ...