Risk Management August 25, 2022

Black Hat SEO: Is Someone Phishing With Your Site Domain?

5 min read - Search engine optimization (SEO) is a long game. Improving your website to rank higher on search engine results pages helps you attract more traffic. Plus, it helps build a trustworthy reputation. But, some people want to take shortcuts by using…

News July 6, 2022

Bulk Email Theft May Point to Russian Espionage

2 min read - Cybersecurity researchers recently identified a threat group with a possible Russian connection that targets corporate email environments. At first, the researchers thought the UNC3524 gang mostly sought money, as do many ransomware attacks. A deeper look at the group’s actions,…

News June 15, 2022

Cyber Threats Target US Election Officials With Phishing Campaign

2 min read - On March 29, the FBI warned of an ongoing and widespread phishing campaign targeting U.S. election officials. Using false invoice inquiries and breached email accounts, attackers have attempted to steal officials’ login credentials in at least nine states since October…

Data Protection April 28, 2022

What Are the Biggest Phishing Trends Today?

4 min read - According to the 2022 X-Force Threat Intelligence Index, phishing was the most common way that cyber criminals got inside an organization. Typically, they do so to launch a much larger attack such as ransomware. The Index also found that phishing…

Malware April 26, 2022

Hive0117 Continues Fileless Malware Delivery in Eastern Europe

4 min read - Through continued research into the ongoing cyber activity throughout Eastern Europe, IBM Security X-Force identified a phishing email campaign by Hive0117, likely a financially motivated cybercriminal group, from February 2022, designed to deliver the fileless malware variant dubbed DarkWatchman. The…

Zero Trust February 23, 2022

Ransomware Resilience Tops Findings in X-Force Threat Intelligence Index 2022

7 min read - For the third year in a row, ransomware was the top attack type globally in 2021, despite some successes last year by law enforcement to take down ransomware groups. This was among the top findings of IBM Security’s latest research…

News November 3, 2021

Phishing: Attackers Use DocuSign to Send Malicious Links

2 min read - Attackers are abusing the electronic agreement management company DocuSign to send phishing links and documents. Inside the Phishing Attempt First, a malicious actor registers a free account with DocuSign or compromises another user’s account. They then upload a file to…

Advanced Threats October 14, 2021

How to Report Scam Calls and Phishing Attacks

5 min read - With incidents such as the Colonial Pipeline infection and the Kaseya supply chain attack making so many headlines these days, it can be easy to forget that malicious actors are still preying on individual users. They’re not using ransomware to…

News October 13, 2021

More Generation Zs Are Falling for Online Scams

2 min read - It’s sometimes easy to think phishing or vishing scams only work on people who aren’t very savvy online. Namely, there’s a sense that Generation Z (born after 1997) and Millennials (born between 1981 and 1996) have good enough cyber awareness…

Advanced Threats October 6, 2021

Phishing Attacks Are Top Cyber Crime Threat, Easier Than Ever to Create and Deploy

4 min read - Why is one of cyber crime’s oldest threats still going strong? The Anti-Phishing Working Group (APWG) reports that January 2021 marked an unprecedented high in the APWG’s records, with over 245,771 phishing attacks in one month. IBM X-Force’s 2021 Threat…