Tag: phishing
Three new reports from ITRC: H1 breaches, 2023 trends, and a new toll scam
As longtime readers of this space already know, I’m a big fan of the Identity Theft Resource Center (ITRC). Their regular breach reports provide lots of highly detailed statistics, their trend reporting is invaluable to help project the future of...
Understanding email threats: The foundation of email security
In today’s digital landscape, email remains a fundamental communication tool for businesses. However, its ubiquity makes it a prime target for cyber threats. Understanding these threats is the first step in fortifying your email security. In this blog post, we’ll...
Threat Spotlight: How company size affects the email threats targeting your business
It takes less than a minute for someone to fall for a phishing scam. According to the 2024 Data Breach Investigations Report, the median time for a recipient to click on a malicious link after opening the email is 21 seconds, followed by...
Threat Spotlight: Attackers abuse URL protection services to mask phishing links
As defenders tighten their grip on the tools and techniques used in phishing attacks, adversaries are finding new ways to bypass detection and target potential victims. For example, many phishing attacks rely on convincing users to click on a compromised link...
New report: BEC accounts for 1 in 10 email attacks
Email-based social engineering threats are thriving as attackers continue to adapt and evolve their tactics to increase their chances of success. The latest analysis of email detection data by Barracuda researchers reveals that while the landscape remains dominated by mass phishing and general scamming attacks, there’s...
5 Ways cybercriminals are using AI: Access and credential theft
Threat actors have embraced artificial intelligence (AI) for phishing, deepfakes, malware generation, content localization, and more. This week we’re looking at how they’re using it for credential theft to gain access to high-value networks. Stolen credentials are a goldmine for cybercriminals, especially if the...
QR code phishing: What MSPs need to know to protect their customers
In today’s digital age, the use of technology continuously evolves to make our personal and professional lives more convenient. Quick Response (QR) code has been one such advancement. This two-dimensional barcode allows users to share website URLs and contact information...
How attackers weaponize generative AI through data poisoning and manipulation
The generative AI models that today power chatbots, online search queries, customer interactions, and more are known as large language models (LLMs). The LLMs are trained on vast volumes of data and then use that data to create more data,...
Cybersecurity Threat Advisory: TA558 phishing campaign
The threat actor TA558 is conducting a phishing campaign targeting various sectors in Latin America, intending to deploy the remote access tool known as Venom RAT. Barracuda MSP encourages organizations to follow the recommendations detailed in this Cybersecurity Threat Advisory...
Cybersecurity Threat Advisory: StrelaStealer malware targets organizations
A new email threat, StrelaStealer malware, is targeting Europe and United States organizations. It spreads through phishing emails with attachments that execute its dynamic-link library (DLL) payload designed to steal email login data. This Cybersecurity Threat Advisory reviews the threat...