Phishing Just Got an Upgrade!
Watch how AI is changing phishing attacks forever and how to defend yourself against them using miniOrange phishing-resistant solutions.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Spotting "Instant Loan" Phishing and Taking Campaigns Down
While instant loans promise quick cash for emergencies, they also come with risks of scams. Phishing campaigns, deceptive emails, and fake apps target users who need fast financial solutions, steal data, or demand fees. The latest FTC report shows $12.5 billion in fraud losses across all categories in 2024, with loan scams being a rising threat. By knowing red flags in loan-bait emails, you can stop phishing campaigns and protect your personal or business information and finances. Let's find out how to identify a fake loan app, loan offer, or phishing email.
Preventing Data Breaches: Essential Steps Your Business Needs Today
The average total cost of a data breach is now $3.86 million, making prevention a top priority for businesses of every size. Yet most organizations still struggle to stay ahead. Studies reveal that it takes nearly 280 days on average to identify and contain a breach, and the shift to remote work has only made matters worse. More than three quarters of companies report longer detection and containment times, adding an estimated $137,000 to the cost of each incident.
Attackers Abuse Google's AppSheet to Send Phishing Emails
Hackread reports that attackers are abusing Google’s AppSheet platform to send phishing emails. The campaign was spotted by researchers at Raven, who warn that attackers are sending messages that impersonate AppSheet, informing users of phony trademark violations. Notably, the emails are sent from AppSheet’s legitimate infrastructure, making them more likely to bypass security controls and appear legitimate to human recipients.
AI-Assisted Phishing Attacks Are an Increasingly Serious Threat
AI-assisted phishing attacks pose a significant and increasing threat to organizations, according to Matt Weidman, partner and vice president of Commercial Property & Casualty at USIA. In an article for CBIA, Weidman explains that attackers can use AI tools to craft targeted, convincing phishing messages that are almost indistinguishable from the real thing.
RaccoonO365 Domain Takedown: Microsoft and Cloudflare Dismantle Global Phishing Network
The cybercrime world took a major hit this month with the RaccoonO365 domain takedown, a coordinated move by Microsoft’s Digital Crimes Unit (DCU) and Cloudflare. By seizing 338 malicious domains, investigators disrupted a sprawling phishing-as-a-service ( PhaaS) network that had stolen more than 5,000 Microsoft 365 credentials across 94 countries. This action signals a shift toward large-scale, proactive disruption of phishing operations that exploit everyday users and global enterprises alike.
Report: AI-Powered Phishing Fuels Ransomware Losses
AI-powered social engineering attacks are significantly more successful than traditional attacks, according to a new report from cyber risk management firm Resilience. The researchers state, “Social engineering attacks fueled 88% of material losses, with AI-powered phishing achieving a 54% success rate compared to just 12% for traditional attempts.” AI allows attackers to easily craft sophisticated phishing emails, as well as voice and video deepfakes.
Phishing Campaign Abuses iCloud Calendar Invites
Attackers are abusing iCloud Calendar invites to send phishing messages that pose as PayPal notifications, BleepingComputer reports. Since the messages are sent from Apple’s infrastructure, they’re more likely to bypass security filters. BleepingComputer explains, “This email is actually an iCloud Calendar invite, where the threat actor included the phishing text within the Notes field and then invited a Microsoft 365 email address that they controlled.
How To Secure Your Gmail Email Service Account
Your Gmail account is linked to so much of your online life, so it’s important to protect it at all costs. Watch this short video to learn ways to secure your Gmail account and how Keeper can help.
Five Essential Strategies to Combat Phishing Threats
Phishing threats remain one of the most common and effective attack methods. Research shows it contributes to over 34% of confirmed breaches. The financial impact is significant as well, with credential-related breaches averaging $4.76 million per incident. And despite years of security awareness training, nearly a third of employees still click on simulated phishing emails. Why does phishing work so well? Attackers exploit gaps in visibility, speed, and user behavior.