October 03, 2018
- Popular security researcher Brian Krebs declared 2018 to be “The Year Targeted Phishing Went mainstream” in a blog post that profiles sextortion-based phishing scams and automated global attacks.
- Proofpoint researchers identified early adopters of malicious code embedded into PDF email attachments. The attack is significant due to the actor, who is known as TA505. Read the details about how this scam works on Proofpoint’s blog.
- A recent alert from the UK’s National Fraud & Cyber Crime Reporting Centre cautions that attackers are attempting to capitalize on the infamous WannaCry hacks. However, according to an article from SC Media, the extortion attempts — which demand Bitcoin — are scareware rather than ransomware and are easy to spot due to a misspelled word in the subject line.
- A BankInfoSecurity article highlighting RSA’s Quarterly Fraud Report indicates that “newsjacking” is on the rise in phishing attacks. Cybercriminals are using timely topics — like GDPR privacy notifications — to create fraudulent emails designed to trick victims.