Facebook’s New Tool Outs Phishing Sites Posing as ‘Secure’

Phishing attacks, which sucker unsuspecting users into clicking malicious links or giving up their login credentials, often rely on domain names that appear similar to a site they’re trying to imitate. For example, an attacker might register a domain like faceb00k[.]com and use it to steal users’ Facebook credentials. Unless a user is carefully examining the link, they might not notice that the O’s have been replaced with zeros. Read More >>

Microsoft Warns That Tech Support Scams Are Still on the Rise

People using social engineering to runs scams posing as tech support isn’t exactly new, but that doesn’t mean you can let your guard down. In fact, it seems this is a problem that’s only getting worse after multiple organisations revealed that last year the number of tech support victims had risen between 24 and 86 per cent. Read More >>

US Government Science Site Becomes Prime Real Estate for Fake Movie Pirates 

The US National Center for Biotechnology Information website is an invaluable resource for finding scientific studies and papers. Recently, it also became a promotional vector for a potential phishing site offering pirated movie streams. Read More >>

There’s a Reddit Clone Phishing People Who Type Too Fast

People make mistakes, and that’s why Gooogle.com, Yaho.com, and Amazan.com redirect to the websites you’d hope they would point to. Reddit.co? We don’t recommend you visit it. Read More >>

How Google Fights Password Thieves

Google and researchers at the University of California, Berkeley, teamed up to study how Google accounts become compromised, shedding light on how the company finds new ways to fight back. Read More >>

Rare Malware Targeting Uber’s Android App Uncovered

Malware discovered by Symantec researchers sneakily spoofs Uber’s Android app and harvests users’ passwords, allowing attackers to take over the affected users’ accounts. The malware isn’t widespread, though, and most Uber users are not effected. Read More >>

A Bunch of Twitter Users Got Punked With a ‘Baby Poops His Onesie’ Video

A good rule of thumb is that if a random website tries to trick you into giving it access to your Twitter account in order for you to watch a video titled “Baby Poops In His Onesie, But Dog’s Response Leaves Millions Of People In Hysterics,” you shouldn’t do it. You absolutely should not do it. Read More >>

Google Makes It Easier for At-Risk Users to Lock Down Their Accounts

Google is rolling out a fancy new security feature today that’s designed to protect users who face significant risk of having their accounts hacked—election and campaign officials, victims of intimate partner violence, and others seeking additional security. Read More >>

Net Neutrality Activists Targeted in Phishing Campaign

Several prominent net neutrality advocacy groups were targeted in a spearphishing campaign, with around 70 attempts made to break into the accounts of activists at Free Press and Fight for the Future. The campaign, revealed in an Electronic Frontier Foundation report, used details about the activists’ personal lives and sexually explicit content to try to trick activists into clicking phishing links that would allow the attackers to take over their accounts. Read More >>

How Google Is Stopping Phishing Attacks from Unverified Apps

Google is stepping up its effort to block phishing attempts that use app permissions to gain access to users’ Gmail accounts. These phishing attacks invite users to grant an app permission to manage their Google account—which lots of safe apps do, too—and then exploit those permissions to take over an account or send spam. Read More >>

Hackers Created Fake News Sites in Attempt to Phish Reporters Covering China 

Researchers at Citizen Lab have unearthed a broad campaign aimed at infiltrating Chinese language news sites after discovering a phishing campaign targeting journalists at the US-based China Digital Times. Read More >>

When Are You Most Likely To Fall Victim To A Scam Email?

Do you know what makes you vulnerable to an email scam/phishing attack/malware all up in your computer? It's you. Yep - rather than focusing on software flaws, the most easily exploitable link in your online security chain is the humble human. Read More >>

How Sneaky Hackers Altered Stolen Emails to Attack Putin’s Critics

Cyber espionage operations and leaks of sensitive government data are a regular occurrence these days. In our eagerness to learn hidden truths it is also imperative that we ask ourselves whether we can trust the accuracy of information offered up by unknown actors whose intentions are obscured. Is this information real, or has it been tampered with to further some powerful entity’s shadowy agenda? Should our default position be to treat leaks with the strictest suspicion—perhaps even as the calculated product of digital disinformation—until proven otherwise? Read More >>

A Huge (and Dangerously Convincing) Google Docs Phishing Scam Is Targeting the Media

Oh God, a hacker’s on the loose with a new (but familiar) Google Docs phishing scam, and journalists are in the crosshairs. Read More >>

Half of People Will Click on Random Links

Researchers at Friedrich-Alexander University in Germany conducted a study that sent out 1,700 emails that simulated a phishing scam, and made an unfortunate discovery: around half of the participants, even ones that claimed to be aware of such security risks, clicked on the links. Read More >>