By

iZOOlogic
DNS Hijacking and DNS Spoofing
DNS hijacking and spoofing DNS is the underlying directory framework of the Internet. It turns a web address into an IP address that ultimately directs the user to legitimate website. If this DNS gets hijacked or taken over by a hacker group, the web address can be redirected to a completely different website. This malicious...
Continue Reading
Spear-phishing attack
Business Email Compromise (BEC) attacks Business Email Compromise (BEC), formerly known as Man-in-the-Email scams are a blended Spear-phishing attack. BEC attacks follow similar traits to phishing, technical subterfuge with social engineering. BEC threats actually compromise legitimate business email accounts in order to conduct unauthorised transfer of funds to criminal controlled bank accounts. Essentially the employee...
Continue Reading
Banking Malware
Banking malware families and variants are constantly evolving, bank transaction authentication methods are also evolving. It is a cat and mouse game where the user expects convenience and with an ease of use. As malware flavors continue to chart new territory from the days of Spyeye, Zeus & Citadel to the likes of Prime,Dridex, Gozi,...
Continue Reading
Puddle Phishing, not of Spear Phishing, is a resurgent threat a variant
Puddle Phishing, a variant of Spear Phishing, is a resurgent threat. Phishing is a broad term to describe the type of attack that combines some technological components with social engineering. Traditional or classical phishing has been previously discussed in this blog, and is well documented across security blogs and research whitepapers. Let us take a...
Continue Reading
Domain Name Monitoring
gTLDs Phishing, Fraud, Abuse Observations – Top Level Domains (TLDs), such as .com, .org, .biz, .net, a part of the domain name that is installed in the root zone, now come in many different variations and flavours – such as generic TLDs (gTLDS), Country-Code TLDs (ccTLDS). These new TLDS have opened up the Domain Name...
Continue Reading
Spear Phishing attacks
Spear phishing is a variant of the traditional phishing attack that is highly targeted. The phishing message, usually an email, is sent to a discrete audience, a small group of employees, a specific individual or a high profile executive within a targeted business. Similar to classic and traditional based phishing attacks spear phishing leverages social...
Continue Reading
SMiShing
SMiShing – a phishing based threat against the Mobile Channel. SMiShing is a phishing based attack that leverages the Short Message Service (SMS) or phone based text message. SMiShing or Smishing has been around for many years now so it is not a new threat but a persistent threat that is evolving. With SMiShing the...
Continue Reading
APWG Phishing Solution
Phishing Crimeware APWG Quarter 1 2016 Report The following is an extract of the most recent APWG Report Q1 2016. The full APWG report can be viewed at – http://docs.apwg.org/reports/apwg_trends_report_q1_2016.pdf Phishing Report Scope The APWG Phishing Activity Trends Report analyzes phishing attacks reported to the APWG by its member companies, its Global Research Partners, through...
Continue Reading
Phishing Solution
Domain shadowing provides the cybercriminal a series of methodologies to manipulate a genuine domain registrant account allowing the creation of fake subdomains and disrupting DNS configurations for malicious purposes. Our resources show that domain shadowing has now become a greater challenge amongst our client’s and their peers over the previous 12 months. This is a...
Continue Reading
Spear phishing scams
Spear phishing scams have been around for decades and despite all our best efforts in terms of user education, we continue to see a rise this kind of phishing in terms of volumes and sophistication – it is only the high-profile phishing make headlines. Spear phishing has evolved and continues to evolve. Cybercriminals are using...
Continue Reading
1 36 37 38 39