As you wake up in the morning feeling sleepy and preoccupied, you receive an urgent email from a seemingly familiar source, and without much thought, you click on a link that you shouldn’t have. Sometimes it’s that simple, and this more than 30-year-old phishing method means chaos breaks loose – whether it’s your personal bank […]
Tag Archives: phishing
Top 50 Most Impersonated Brands in phishing attacks and new tools you can use to protect your employees from them
Someone in your organization may have just submitted an administrator username and password for an internal system to the wrong website. And just like that, an attacker is now able to exfiltrate sensitive data. How did it all happen? A well crafted email. Detecting, blocking, and mitigating the risks of phishing attacks is arguably one […]
Black Friday & Cyber Monday Ecommerce Security Threats
Consumers spent a whopping $33.9 billion during Cyber Week last year. With the average adult spending $430 on Black Friday alone, this period remains one of the biggest online shopping events of the year. Unfortunately, hackers are making bank alongside online retailers. As we enter the holiday season, ecommerce websites are at an increased risk […]
Fake Instagram Verification & Twitter Badge Phishing
Social media platforms like Instagram and Twitter offer verification badges as a credibility indicator to help show authenticity and integrity to visitors. To obtain a badge, profiles must meet a list of various requirements and undergo verification process. For example, the one found on our Sucuri Twitter profile: Let’s examine how these coveted verification badges […]
DHL Phishing Page Uses Telegram Bot for Exfiltration
One of the quickest ways for an attacker to harvest financial data, credentials, and sensitive personal information is through phishing. These social engineering attacks can typically be found masquerading as a trusted or recognizable service, intent on tricking unsuspecting users into submitting sensitive information on the attacker’s customized web page. Criminals use phishing because it […]
Top 5 Most Common WordPress Malware Infections: An Anatomy Lesson
WordPress security is serious business – and an essential consideration for anyone using the world’s most popular CMS (Content Management System). While the WordPress team quickly addresses known security issues in WordPress’ core to protect the millions of website owners who rely and depend on the software, the reality is that the same cannot be […]
2021 Threat Report Webinar
The threat landscape is constantly shifting. As attackers continue to hone their tools and exploit new vulnerabilities, our team works diligently to identify and analyze threats posed to webmasters. So – what do you need to do to stay one step ahead of attackers? Join Sucuri researcher Ben Martin on July 6th in our latest […]
What is a Scam?
Sure — as a security-minded website owner you’re probably already using a VPN to protect your privacy, managing app permissions to protect your phone, making sure your browser is blocking third party trackers, and enforcing strong passwords for all of your databases and user accounts. But personal security extends well beyond the scope of protecting […]
Trojan Spyware and BEC Attacks
When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that attacks often use a human victim to authorize a fraudulent transaction to bypass existing security controls that would normally be used to prevent fraud. Another reason is that social engineering […]
Phishing & Malspam with Leaf PHPMailer
It’s common knowledge that attackers often use email as a delivery mechanism for their malicious activity — which can range from enticing victims to click a phishing URL or download a malicious attachment. To support these activities, attackers seek out tools that assist in the mass sending of malspam (malicious spam) emails from a compromised […]