Tag Archives: phishing

Phishing 101 at the School of Hard Knocks

March 24, 2017

A recent, massive spike in sophisticated and successful phishing attacks is prompting many universities to speed up timetables for deploying mandatory two-factor authentication (2FA) — requiring a one-time code in addition to a password — for access to student and faculty services online. This is the story of one university that accelerated plans to require 2FA after witnessing nearly twice as many phishing victims in the first two-and-half months of this year than it saw in all of 2015.

Spam Uses Default Passwords to Hack Routers

February 26, 2015

43 Comments

In case you needed yet another reason to change the default username and password on your wired or wireless Internet router: Phishers are sending out links that, when clicked, quietly alter the settings on vulnerable routers to harvest online banking credentials and other sensitive data… Read More »

Washington Post Site Hacked After Successful Phishing Campaign

August 15, 2013

25 Comments

The Washington Post acknowledged today that a sophisticated phishing attack against its newsroom reporters led to the hacking of its Web site, which was seeded with code that redirected readers to the Web site of the Syrian Electronic Army hacker group. According to information obtained by KrebsOnSecurity, the hack began with a phishing campaign launched over the weekend that ultimately hooked one of the paper’s lead sports writers.

After Epsilon: Avoiding Phishing Scams & Malware

April 6, 2011

70 Comments

The recent massive data leak from email services provider Epsilon means that it is likely that many consumers will be exposed to an unusually high number of email-based scams in the coming weeks and months. So this is an excellent… Read More »

IRS Scam: Phishing by Fax

March 29, 2011

12 Comments

Scammers typically kick into high gear during tax season in the United States, which tends to bring with it a spike in phishing attacks that spoof the Internal Revenue Service. Take, for example, a new scam making the rounds via email, which warns of discrepancies on the recipient’s income tax return and requests that personal information be sent via fax to a toll-free number.

Google Debuts “This Site May Be Compromised” Warning

December 17, 2010

19 Comments

Google has added a new security and anti-spam feature to its search engine that promises to increase the number of Web page results that are flagged as potentially having been compromised by hackers.

A Spike in Phone Phishing Attacks?

June 20, 2010

33 Comments

A couple of readers have written in to say they recently received scam telephone calls warning them about fraud on their credit card accounts and directing them to call a phone number to “verify” their credit card numbers.

These sometimes-automated attacks prompt people to call a supplied telephone number — often a toll-free line. In most cases, the calls will be answered by bogus interactive voice response system designed to coax account credentials and other personal information from the caller.

Teach a Man to Phish…

May 17, 2010

13 Comments

Phishing may not be the most sophisticated form of cyber crime, but it can be a lucrative trade for those who decide to make it their day jobs. Indeed, data secretly collected from an international phishing operation over the last 18 months suggests that criminals who pursue a career in phishing can steal millions of dollars a year, even if they only manage to snag just a few victims per scam.

Comerica Phish Foiled 2-Factor Protection

February 8, 2010

50 Comments

A metals supply company in Michigan is suing its bank for poor security practices after a successful phishing attack against an employee allowed thieves to steal more than $560,000 last year.