Forcepoint researchers describe a layered attack chain that slips past filters by mimicking everyday business behavior.

A new breed of malware uses various dynamic techniques to avoid detection and create customized phishing webpages.

At first glance, it’s a normal and harmless webpage, but it’s able to transform into a phishing site after a user has already ...

With phishing, scammers try to trick you into revealing personal or financial information. Here's what to know to ensure you ...

Microsoft reports a multi-stage AitM phishing and BEC campaign abusing SharePoint, inbox rules, and stolen session cookies to ...

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...

You get an email from a service you use, letting you know that your account is closing. Better click the link before it’s gone! Sounds legit, but if you click the link, you could be a victim of one of ...

Holding large sums of cryptocurrency, crypto whales attract cybercriminals who launch sophisticated phishing attacks to exploit them. These attacks often use fake websites, emails, and impersonation, ...

A new phishing attack campaign, targeting Mac users and identified by LayerX Labs, “shows the trials and tribulations of combating online phishing, and how attacks morph and shift in response to ...

Despite being a legacy communication tool, email isn’t going anywhere anytime soon—and as long as it continues to be used in business, it will continue to serve as a prime target for cybercriminals, ...

Current anti-phishing training programs have little to no impact. Training methods lack what human learners need: engagement. These programs must be revamped and combined with supportive technologies.