In the digital realm, email communication has become the standard form of communication in our personal, work, and education. Due to the information we consistently send via email, they could easily fall into the wrong hands if left unprotected, bringing about dire consequences such as identity theft and financial losses. To avoid such nightmares, you can use a temporary email to keep your email safe from spam or an encrypted email to protect the contents of the emails you send.

At Black Hat USA 2023, a session led by a team of security researchers, including Fredrik Heiding, Bruce Schneier, Arun Vishwanath, and Jeremy Bernstein, unveiled an intriguing experiment. They tested large language models (LLMs) to see how they performed in both writing convincing phishing emails and detecting them. This is the PDF technical paper.

Read also: A Bitfinex hacker pleads guilty, over €2M seized in a major crackdown on West African crime groups, and more.

Threat actors abuse Google AMP for evasive phishing attacks, hackers exploit Salesforce’s email services in targeted Facebook phishing campaign, and Russian actor BlueCharlie alters infrastructure in response to disclosures.

On March 15th, 2023, a new feature released from Microsoft enabled organizations with a paid subscription to Microsoft 365 for business, Microsoft Dynamics CRM Online, Enterprise Mobility Suite, or other Microsoft services, to add company branding to their Microsoft 365 sign-in page via Azure Active Directory. This update is often recommended to improve both user experience and security by providing assurance the individual is logging in via the legitimate page for their company.

A record 2,322 scams in Japan to steal internet banking IDs and passwords have resulted in unauthorized money transfers totaling a record of around 3 billion yen ($21 million) in the first half of this year, a report by the National Police Agency showed Tuesday. The number of cases mainly involving phishing this year has already surpassed the annual total of any previous year, with the financial loss approaching the record high of 3.07 billion yen set in 2015, according to the agency.

Common indicators of a phishing attempt include warnings from your email service provider, urgent language, threat of dire consequences, too-good-to-be-true offers and more. Continue reading to learn what to look for to spot phishing attempts and how to keep yourself protected.

As a security awareness practitioner, keeping your pulse on industry - and geographical - benchmarking data and best practices is always a good way to measure your organization’s security awareness success. That’s why KnowBe4 has launched its Phishing Benchmarking Analysis Center. It’s intended as a fun, interactive digital hub that allows you to slice and dice security awareness benchmarking data from across various industries and geographical regions.