dcsimg
November 30, 2020

A week in security (November 23 – November 29)

Last week on Malwarebytes Labs, we talked with Chris Boyd about charities that track you online. We also looked back at Zoom, and wondered whether it’s any safer months after its first vulnerability was reported. We talked about how Apple’s security is hampering the detection of potentially unwanted programs (PUPs). Lastly, we reported on Spotify resetting some user accounts after … [Read more...]

Filed Under: a week in security, Apple, awis, Chris Boyd, covid-19, fbi, lock and code podcast, Minecraft, Minecraft mod, Mustang Panda, online video gaming, pandemic, remote work, remote working, smart doorbells, Social engineering, Spotify, Vatican, vishing, voice phishing, Week in security, zoom
July 9, 2019

The 5 most common types of phishing attack

Phishing is one of the most frustrating threats we face. Most of know what it is and how it works, but we still get caught out.  The scam, which involves criminals sending messages that masquerade as legitimate organisations, targets hundreds of millions of organisations every day. The messages direct recipients to a bogus website that captures their personal information or contain a malicious … [Read more...]

Filed Under: Cyber Security, phishing, phishing attack, Phishing staff awareness, Risk Management, smishing, spear phishing, vishing, whaling, whaling attack
January 28, 2019

A week in security (January 21 – 27)

Last week on the Malwarebytes Labs blog, we took a look at Modlishka, the latest hurdle in two-factor authentication (2FA), the potential for abuse of push notifications, a malware-phishing combo by the name of CryTekk ransomware, and why we detect PUPs, but enforce the power of users’ choice. We also pushed out the 2019 State of Malware report, which you can readily download here. Other … [Read more...]

Filed Under: 2019 State of Malware report, 2fa, ALPR, android malware, anpr, Ars Technica, Bleeping Computer, crytekk, crytekk ransomware, Dark Reading, fortnight, GDPR, GoDaddy, Help Net Security, KrebsOnSecurity, mitsubishi, modlishka, phishing, recap, Security Week, Security world, TechCrunch, The Wall Street Journal, vishing, voicemail phishing, vulnerability, Week in security, weekly blog roundup, youtube
December 10, 2018

Something else is phishy: How to detect phishing attempts on mobile

In a report published in 2011, IBM revealed that mobile users are three times more likely to fall for phishing scams compared to desktop users. This claim was based on accessed log files found on Web servers used to host websites involved in phishing campaigns. Almost a decade later, we continue to see different organizations reporting an increased trend in phishing attacks targeting the mobile … [Read more...]

Filed Under: 101, ad-networking phishing, homograph attacks, How-tos, HTTPS, iOS, Mobile, phishing, phishing apps, Punycode, smishing, Social Phishing, unicode, url padding, vishing
September 20, 2018

6 sure signs someone is phishing you—besides email

There are several common and, unfortunately, frequently successful avenues of attack that cybercriminals can use to part you from your personal contact and financial information. These phishing attack methods include email, phone calls, corrupted software or apps, social media, advertisements, and even direct SMS (text) messages. Beyond the medium used to reach you (which is most often … [Read more...]

Filed Under: 101, FYI, iOS phishing, phishing, phishing scam, smishing, sms phishing, Social engineering, vishing