It’s Not Only About the URL

You have to look at the totality of an email to determine whether it is a phishing attack or not. I’ll admit it, I’m guilty. When I get a phishy-looking email, the... Read more »

Healthcare Sector Still Sustains Phishing Campaigns

No one should take too seriously the high-minded things criminals sometimes say about how they’re restraining themselves during the pandemic, and that they’re going to avoid hitting hospitals and biomedical research organizations.... Read more »

Sawfish Spearphishing Attacks Continue, Prompting Password Resets on GitHub and DeepSource

A new wave of attacks on GitHub users via app developer DeepSource has raised concerns over access to user credentials and development code. I’ve written about phishing attacks targeting GitHub users previously.... Read more »

Pyongyang’s Phishing with Job Offers

An attack campaign with possible ties to North Korea’s Lazarus Group targeted aerospace and military companies in Europe and the Middle East with spear phishing attacks late last year, according to researchers... Read more »