Category

Phishing protection
2017 | iZOOlogic
It may be a new year but we can be sure that phishing will again be upon us. So far in the first two days of 2017 we have seen the usual suspects being targeted, Apple, PayPal, Amazon, Scotia Bank, ANZ, HSBC, Facebook, the list of targeted phishing is endless…. Phishing first came to light...
Continue Reading
istock izoologic
SMiShing attacks often leverage a trusted brand to route the victim to a phishing site. An alternative variant of SMiShing is where the spam message contains only a call back number. The message maybe as simple as “Please urgently call back xxxx xxxx xxxx to update your account details” and there is no mention of...
Continue Reading
vishing-arm izoologic
Vishing, a term that relates to “Voice – Phishing” is a type of social engineering attack that has a high degree of variety.  Vishing takes the form of a criminal using a telephone to make a social engineering attempt against the victim to conduct fraud. Vishing maybe as simple as criminal A – speaking to...
Continue Reading
Sending Spoofed Emails for Spear Phishing and Advanced Persistent Threat (APT) attacks.
Criminals use spoofed email domain from addresses to launch Spear Phishing and Advanced Persistent Threat malware attacks. The “FROM” address of the sender’s email is maliciously changed to the victim’s domain. From the recipients point of view the email looks and feels like an internal email. Cybercriminals can easily send an email to anyone within...
Continue Reading
How effective is browser blocking against phishing sites
Browser blocking of phishing sites – does the browser provide a phishing solution?  iZOOlogic threat detection and analysis engines are sifting through vast amounts of phishing intelligence and malicious data – sourcing literally thousands of new phishing sites each day. All day and every day. iZOOlogic provides a swift response to those phishing sites that...
Continue Reading
WHALING – Big Game Spear Phishing
Whaling is a type of spear phishing that targets high-profile end users such as C-level corporate executives. Similar to traditional based phishing, whaling leverages social engineering against the victim and uses some technological play in the background. Whaling content – messaging and website are very personalised – this is personal – one on one –...
Continue Reading
DNS Hijacking and DNS Spoofing
DNS hijacking and spoofing DNS is the underlying directory framework of the Internet. It turns a web address into an IP address that ultimately directs the user to legitimate website. If this DNS gets hijacked or taken over by a hacker group, the web address can be redirected to a completely different website. This malicious...
Continue Reading
Spear-phishing attack
Business Email Compromise (BEC) attacks Business Email Compromise (BEC), formerly known as Man-in-the-Email scams are a blended Spear-phishing attack. BEC attacks follow similar traits to phishing, technical subterfuge with social engineering. BEC threats actually compromise legitimate business email accounts in order to conduct unauthorised transfer of funds to criminal controlled bank accounts. Essentially the employee...
Continue Reading
Puddle Phishing, not of Spear Phishing, is a resurgent threat a variant
Puddle Phishing, a variant of Spear Phishing, is a resurgent threat. Phishing is a broad term to describe the type of attack that combines some technological components with social engineering. Traditional or classical phishing has been previously discussed in this blog, and is well documented across security blogs and research whitepapers. Let us take a...
Continue Reading
Phishing Solution
gTLDs Phishing, Fraud, Abuse Observations – Top Level Domains (TLDs), such as .com, .org, .biz, .net, a part of the domain name that is installed in the root zone, now come in many different variations and flavours – such as generic TLDs (gTLDS), Country-Code TLDs (ccTLDS). These new TLDS have opened up the Domain Name...
Continue Reading
1 2 3 4

Categories