Google Makes It Easier for At-Risk Users to Lock Down Their Accounts

Google is rolling out a fancy new security feature today that’s designed to protect users who face significant risk of having their accounts hacked—election and campaign officials, victims of intimate partner violence, and others seeking additional security. Read More >>

Net Neutrality Activists Targeted in Phishing Campaign

Several prominent net neutrality advocacy groups were targeted in a spearphishing campaign, with around 70 attempts made to break into the accounts of activists at Free Press and Fight for the Future. The campaign, revealed in an Electronic Frontier Foundation report, used details about the activists’ personal lives and sexually explicit content to try to trick activists into clicking phishing links that would allow the attackers to take over their accounts. Read More >>

How Google Is Stopping Phishing Attacks from Unverified Apps

Google is stepping up its effort to block phishing attempts that use app permissions to gain access to users’ Gmail accounts. These phishing attacks invite users to grant an app permission to manage their Google account—which lots of safe apps do, too—and then exploit those permissions to take over an account or send spam. Read More >>

Hackers Created Fake News Sites in Attempt to Phish Reporters Covering China 

Researchers at Citizen Lab have unearthed a broad campaign aimed at infiltrating Chinese language news sites after discovering a phishing campaign targeting journalists at the US-based China Digital Times. Read More >>

When Are You Most Likely To Fall Victim To A Scam Email?

Do you know what makes you vulnerable to an email scam/phishing attack/malware all up in your computer? It's you. Yep - rather than focusing on software flaws, the most easily exploitable link in your online security chain is the humble human. Read More >>

How Sneaky Hackers Altered Stolen Emails to Attack Putin’s Critics

Cyber espionage operations and leaks of sensitive government data are a regular occurrence these days. In our eagerness to learn hidden truths it is also imperative that we ask ourselves whether we can trust the accuracy of information offered up by unknown actors whose intentions are obscured. Is this information real, or has it been tampered with to further some powerful entity’s shadowy agenda? Should our default position be to treat leaks with the strictest suspicion—perhaps even as the calculated product of digital disinformation—until proven otherwise? Read More >>

A Huge (and Dangerously Convincing) Google Docs Phishing Scam Is Targeting the Media

Oh God, a hacker’s on the loose with a new (but familiar) Google Docs phishing scam, and journalists are in the crosshairs. Read More >>

Half of People Will Click on Random Links

Researchers at Friedrich-Alexander University in Germany conducted a study that sent out 1,700 emails that simulated a phishing scam, and made an unfortunate discovery: around half of the participants, even ones that claimed to be aware of such security risks, clicked on the links. Read More >>

Hilton Hotels Spams Users With Accidental Phishing Soundalike

The Hilton recently group tried to check up on its customers via email, sending out a bland communication that greeted them with "Hello [name]" and asked them to click on a link to hand over their details. Problem was, this resembled phishing methods so perfectly that customers -- and even Hilton staff -- thought it was a fake hunting for personal details. Read More >>

‘The Fappening’ iCloud Hacker Could Serve Just 18 Months

Ryan Collins, aka the guy who leaked those naked pictures you've probably seen of Kate Upton and Jennifer Lawrence (and lots more really, really good-looking celebs), has pled guilty in court. The 36-year-old from Pennsylvania has been charged with felony computer hacking and one count of unauthorised access to a protected computer to obtain information. Read More >>

How to Use a USB Stick to Securely Log in to Gmail

If you’ve configured two-step verification for your Gmail account, rather than checking your mobile for codes you can plug in a verified USB stick instead. You can carry it wherever you go, and of course, it doesn’t lose battery or signal. According to Google, it also offers better protection against phishing attacks. Here’s how you can set it up. Read More >>

Why 30-Year-Old Computer Hacking Methods Still Work

A system is only as secure as the end user, as any grey-haired sysadmin will happily tell you. As a result, all the alphanumeric passwords in the world can’t protect a system if a user is tricked into running malware, something against which there’s very little defence — or so people think. Read More >>

New Chrome Extension Warns You if Your Google Password Gets Phished

Here’s a Chrome extension you should install right now: The new Password Alert extension helps secure your Google account by letting you know when you’ve unwittingly given your credentials away to a website that’s not Google. GO INSTALL IT. Read More >>

The Number of People Who Fall for Phishing Emails is Staggering

It’s tempting to view security breaches as the products of mastermind hackers, but a massive report released today reveals the sad reality. Most of the time, breaches are the result of people falling for plain old trick emails. Read More >>