messengersPhishing via WhatsApp under the guise of online voting
We discovered a new wave of attacks on WhatsApp users in which attackers steal victims’ accounts using fake voting pages and social engineering on social networks.
900 articles
A new layer of anti-phishing security in Kaspersky for Android
The Kaspersky for Android app can now detect malicious links in notifications from any app.
signs of phishingPhishing scam targeting Ledger wallet owners
Attackers spin poignant tales of lost private keys as they try to phish seed phrases.
Phishing 101: what to do if you get a phishing email
Don’t panic. Again, don’t panic. Did we say don’t panic? A common threat explained in simple terms.
New phishing scam lures users with fake HR policy updates
A curious case of spear-phishing email techniques employed on a mass scale.
e-mailScammers exploiting GetShared for phishing attacks
Scammers are exploiting GetShared to bypass email security.
Honest phishing: the alert is fake, the attack is real
An Office 365 security alert as bait in a phishing email.
Automated phishing
Telegram bot sells subscriptions to phishing tools to hack Microsoft 365 accounts, including 2FA bypass.
How the adversary-in-the-middle technique is used in spearphishing attacks
Cybercriminals are using AitM techniques to compromise accounts of company executives. How do they do this, and how to protect against it?
Kaspersky Premium crowned best anti-phishing solution
Independent cybersecurity lab AV-Comparatives put 15 anti-phishing solutions to the test — with only eight making the grade. We took home the gold, adding to our already extensive collection of accolades.
Turnkey phishing
A turnkey home? A turnkey website? How about turnkey phishing? Scammers now sell turnkey phishing services to other scammers. Read on to find out how it works.
Phishing on GitHub through job offers to… developers
Developers’ accounts are being hijacked using fake job offers sent from a legitimate GitHub address.
Progressive phishing: How PWAs can be used to steal passwords
A new phishing technique uses progressive web apps (PWAs) to mimic browser windows with convincing web addresses to steal passwords.
Phishing using FB infrastructure stealing business-account passwords
Cybercriminals are using genuine Facebook infrastructure to send phishing emails threatening to block accounts.
Two-stage Dropbox spear phishing
Cybercriminals prey on corporate credentials by sending phishing links through Dropbox after priming the victim.
Recursive credential phishing for ESPs
Cybercriminals prey on access to mailing tools by sending phishing emails through these same tools.
Self-evaluation questionnaire phishing scam
Attackers invite employees to complete fake self-evaluations to steal corporate credentials.
QR codes
Phishing for Wise guys
Here’s how phishers extract phone numbers and credentials from users of Wise.
Bank phishing and identity theft
We explain how phishers are swindling Wells Fargo customers out of personal credentials, passwords, card details, and selfies with an ID card.
Browser-in-the-browser attack: a new phishing technique
We explain a new sneaky technique for stealing passwords, and how to avoid being tricked by a phishing site.