As Valentine’s Day approaches, cybercriminals are ramping up their efforts to exploit consumers through romance scams, phishing campaigns and fraudulent e-commerce offers. The post Cybercriminals Exploit Valentine’s Day with Romance Scams, Phishing Attacks appeared first on Security Boulevard.
Category: phishing
Global Security News, Guest blog, North America, phishing, SMS
Toll booth bandits continue to scam via SMS messages
North American drivers are continuing to be barraged by waves of scam text messages, telling them that they owe money on unpaid tolls. Do you know what to tell your friends and family to watch out for? Read more in my article on the Hot for Security blog.
Cloud Security, Global Security News, MFA. phishing MFA, phishing, Security, spear phishing
How to Prevent Phishing Attacks with Multi-Factor Authentication
Learn how to protect yourself and your sensitive information from phishing attacks by implementing multi-factor authentication.
Cybersecurity, Global Security News, NIST phish scale, NIST Phishing Framework, phishing, phishing awareness training, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Threats & Breaches
Using the NIST Phish Scale Framework to Detect and Fight Phishing Attacks
The NIST Phish Scale framework offers a structured and effective approach to improving phishing awareness training in organizations. The post Using the NIST Phish Scale Framework to Detect and Fight Phishing Attacks appeared first on Security Boulevard.
Cloud Security, Cybersecurity, Data Privacy, Data Security, Endpoint, enterprise mobile threats, Featured, Global Security News, Mobile Security, News, PDF files, phishing, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Social Engineering, Spotlight, Threat Intelligence, USPS
Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam
A large-scale phishing campaign is using PDF files and hidden malicious links, as well as posing at the U.S. Postal Service, in phishing campaign targeting mobile device users in hope that victims will divulge credentials and personal information, Zimperium researchers say. The post Hackers Use Malicious PDFs, pose as USPS in Mobile Phishing Scam appeared…
business email compromise, CloudFlare, Cybersecurity, Global Security News, group-1b, Microsoft, Microsoft 365, Microsoft Office, microsoft outlook, phishing, phishing-as-a-service, Security, Sekoia, sneaky 2fa, sneaky log, Social Engineering, Telegram, trac labs, two factor authentication
‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security
The phishing-as-a-service kit from Sneaky Log creates fake authentication pages to farm account information, including two-factor security codes.
BforeAI, Bitcoin, Crypto, Cybersecurity, disaster, Exploits, fraud, Global Security News, phishing, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Veriti
California Wildfires Spark Phishing Scams Exploiting Chaos
As Southern California continues to battle devastating wildfires, cybercriminals have seized the opportunity to exploit the chaos, targeting vulnerable individuals and organizations. The post California Wildfires Spark Phishing Scams Exploiting Chaos appeared first on Security Boulevard.
AI, AI executive order, Artificial Intelligence, Bennie Thompson, Biden, Biden administration, Bob Kolasky, Center for Cybersecurity Policy and Law, Center for Democracy & Technology, Center for Democracy and Technology, Chris Inglis, CISA, cloud computing, contracting, critical infrastructure, Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), Donald Trump, Emerging Tech, encryption, fraud, Global Security News, Government, House Homeland Security Committee, Joe Biden, Mark Green, National Cyber Director, National Risk Management Center, National Security Council, National Security Council (NSC), Office of the National Cyber Director, operational technology, phishing, quantum computing, supply chain, supply chain security, Trump, Trump Administration
Biden cyber executive order gets mostly plaudits, but its fate is uncertain
A sweeping executive order on cybersecurity released Thursday won largely positive reviews, with the main question being its timing — and what will come of it with the executive branch set to be handed over from president to president. Chris Inglis, the former national cyber director for Joe Biden who has served under both Democrats…
Department of Justice (DOJ), FSB, Geopolitics, Global Security News, Government, Microsoft, phishing, Russia, Star Blizzard, Threats, WhatsApp
Microsoft catches Russian state-sponsored hackers shifting tactics to WhatsApp
The cat-and-mouse game between state-sponsored Russian hackers and one of the world’s biggest technology companies has continued into 2025. Microsoft’s threat intelligence team published research Thursday examining how a state-sponsored Russian threat actor group, known as Star Blizzard, has altered its longstanding attack strategies to target WhatsApp accounts. This attack vector is a significant change…
Emerging Tech, Global Security News, phishing
Phishing click rates tripled in 2024 despite user training
For years organizations have invested in security awareness training programs to teach employees how to spot and report phishing attempts. Despite those efforts, enterprise users were three times as likely in 2024 to land on phishing pages compared to the previous year, according to a report from security vendor Netskope. Based on telemetry collected from…
2FA, CryptoCurrency, Global Security News, Google, Guest blog, Kraken, password manager, phishing
Canadian man loses a cryptocurrency fortune to scammers – here’s how you can stop it happening to you
A Canadian man lost a $100,000 cryptocurrency fortune – all because he did a careless Google search. Read more in my article on the Hot for Security blog.
2024, 2025, Analytics & Intelligence, Cybersecurity, Exploits, Featured, GenAI, Global Security News, Netskope, News, phishing, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threats & Breaches, vulnerabilities
Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025
Organizations are facing escalating threats from phishing attacks, personal app usage and the widespread adoption of generative AI (GenAI) in workplaces. According to a Netskope report, phishing attacks surged in 2024, with enterprise employees clicking on phishing links at a rate nearly three times higher than in 2023. The study found phishing campaigns have evolved..…
Browsers, clickjacking, Cybersecurity, Exploits, Global Security News, phishing, Security Bloggers Network
Two Clicks to Chaos: How Double-clickjacking Hands Over Control of Apps without Users Knowing
In our last blog, we discussed how OAuth-based consent phishing attacks have been used to trick users into giving malicious apps the permission to conduct malicious activities via an employee’s account. This attack has been extremely effective due to the lack of awareness of how attackers can misuse OAuth permissions. Now, let’s say we are…
Cybersecurity, Exploits, Featured, Global Security News, News, phishing, plugin, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threats & Breaches, wordpress
WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps
A WordPress plugin known as PhishWP, has been discovered on Russian cybercrime forums and is being exploited by cybercriminals to steal sensitive data from unsuspecting users. The post WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps appeared first on Security Boulevard.
Cybersecurity, Global IT News, Global Security News, identity, Identity & Access, infosec, phishing, SaaS, Security Bloggers Network
Consent Phishing: The New, Smarter Way to Phish
What is consent phishing? Most people are familiar with the two most common types of phishing — credential phishing and phishing payloads, where attackers trick users into revealing credentials and downloading malicious software respectively. However, there is a third type of phishing on the rise: consent phishing. Consent phishing deceives users into granting a third-party SaaS application…
2024, 2025, cyber security, cyber threat, Cybersecurity, Data Privacy, Data Security, Digital Privacy, Episodes, Global Security News, Happy New Year, Information Security, infosec, New Year, phishing, Podcast, podcasting, Podcasts, Port 83, predictions, privacy, Security, Security Bloggers Network, Social Engineering, Technology, Weekly Edition, Year End Reflections
2024 Year in Review: What We Got Right and Looking to 2025
In the final episode of the Shared Security Podcast for 2024, join us as we recap our predictions for the year, discuss what we got right and wrong, and highlight our top episodes on YouTube. We also extend a heartfelt thank you to our Patreon supporters and special guests. Plus, stay tuned for our predictions…
Android, Apple, Cybersecurity, encryption, Global Security News, Google, identity theft, Microsoft, Mobile Security, password manager, phishing, privacy, Ransomware, Security, spam, TR Academy, trend micro
Protect 3 Devices With This Maximum Security Software
Trend Micro guards desktop and mobile devices from ransomware, phishing schemes, spam, and more for one year.
agentic ai, Blog, generative ai, Global Security News, phishing, Security Bloggers Network, SentinelOne, XDR
The Rise of Agentic AI: How Hyper-Automation is Reshaping Cybersecurity and the Workforce
As artificial intelligence evolves, its impact on cybersecurity and the workforce is profound and far-reaching. Predictive AI once enabled security teams to anticipate threats, and generative AI brought creativity and automation to new levels. Now, we stand at the threshold […] The post The Rise of Agentic AI: How Hyper-Automation is Reshaping Cybersecurity and the…
2025, cyber, Cybersecurity, Global Security News, Insider Threats, phishing, Ransomware, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Threats & Breaches, trends, vulnerabilities
Acumen Threat Analysis: Preparing for 2025
Phishing continues to be the threat vector of choice for adversaries, ransomware continues to deliver the desired financial and destructive results for attackers, while organizations, both public and private, are growing increasingly concerned about the risks posed by insiders. The post Acumen Threat Analysis: Preparing for 2025 appeared first on Security Boulevard.
Fake anti-virus, Global Security News, Google, Google ads, Guest blog, malvertising, malware, phishing, Ransomware, Scam, seo, technical support scam
Tech support scams leverage Google ads again and again, fleecing unsuspecting internet users
It’s not a new technique, but that doesn’t mean that cybercriminals cannot make rich rewards from SEO poisoning. Read more in my article on the Tripwire State of Security blog.
@chenlun, A Little Sunshine, and Mobile Anti-Abuse Working Group, Anti-Phishing Working Group, Coalition Against Unsolicited Commercial Email, Global Security News, ICANN, Interisle Consulting, Internet Corporation for Assigned Names and Numbers, John Levine, Latest Warnings, malware, Messaging, new gTLDs, North America, phishing, spam, The Coming Storm, U.S. Postal Service
Why Phishers Love New TLDs Like .shop, .top and .xyz
Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees…