Microsoft

Phishing actors exploit complex routing and misconfigurations to spoof domains

Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, ...
CSOonline

Defenders can discover phishing sites through web analytics IDs

Many phishing websites are now using unique user IDs (UIDs), and that gives defenders a signal to detect phishing attacks before they do much damage. An increasing number of phishing websites use web ...
TechRepublic

IPFS phishing on the rise, makes campaign takedown more complicated

IPFS phishing on the rise, makes campaign takedown more complicated Your email has been sent Cybercriminals increasingly use IPFS phishing to store malicious content such as phishing pages, with the ...
CSOonline

Attackers abuse URL protection services to hide phishing links in emails

Reputation filters used to prevent access to phishing sites were misused to allow access to the very sites they are meant to prevent access to. Recent phishing campaigns were seen abusing email ...
Threat Post

Cyberattackers Embrace CAPTCHAs to Hide Phishing, Malware

CAPTCHA-protected malicious URLs are snowballing lately, researchers said. Cyberattackers are using Google’s reCAPTCHA (aka the “I am not a robot” function) and fake CAPTCHA-like services to obscure ...
Infosecurity-magazine.com

Fast and Furious Phishing Attacks – The Race Against Time Matters

Attackers hook nearly all phishing victims within mere minutes after the first user opens and clicks on a malicious email, attachment, or URL — then shutting down the phishing site URL and moving on ...
ZDNet

Google: We'll test hiding the full URL in Chrome 86 to combat phishing

Google will subject Chrome users to a large-scale test in the next version of its browser to discover how people respond to just seeing a site's domain name without the full URL for pages on that site ...