Consent phishing: How attackers abuse OAuth 2.0 permissions to dupe users
What is consent phishing? How are cyberattackers using a standard protocol, OAuth 2.0, to gain access to user data even if it is robustly protected?
Phishing
The state of BEC in 2021 (and beyond)
What are the trends in business email compromise (BEC) in the next 12 months likely to be? Will deep fakes or crypto be the next big thing in BEC?
Why employees keep falling for phishing (and the science to help them)
Phishing is an ever-present cybersecurity issue. And people keep falling for it. Here is why and how people keep falling for phishing emails.
Phishing attacks doubled last year, according to Anti-Phishing Working Group
This article will recap findings from the 2020 fourth quarter edition of the APWG Phishing Activity Trends Report.
The Phish Scale: How NIST is quantifying employee phishing risk
The NIST Phish Scale is a useful tool for quantifying phishing risk for your employees.
6 most sophisticated phishing attacks of 2020
2020 saw a number of major phishing attacks — and an increase in the attacks. Here are some of the most sophisticated phishing attacks of the year.
JavaScript obfuscator: Overview and technical overview
JavaScript cyberattacks are on the rise, meaning you need to be extra careful when opening your emails.
Malicious Excel attachments bypass security controls using .NET library
A recent threat group called Epic Manchego is using a new technique to create Excel files to bypass antivirus (AV) and and get low detection rates. By exploring...
Top nine phishing simulators [updated 2021]
The title of this article was supposed to be “Top 9 Free Phishing Simulators.” However, after much searching, trying, visiting of broken links, filling...
11 phishing email subject lines your employees need to recognize
By now, we’ve all probably received an enticing email from a long-lost relative promising untold riches and wealth. In fact, there might be a few sitting...