From novice hackers to complex cybercriminal networks, see how attackers build detailed profiles of their social engineering attack targets.
Phishing attacks are typically initiated via email, text/SMS messages, or instant messages which drive unsuspecting victims to phishing websites designed to deceive them into thinking they are visiting a legitimate site and allows the malicious cyber actors to steal user data, including login credentials and credit card numbers.
A curated threat intelligence approach, in which aging data is managed based on current attack status, is crucial to preventing cybercrime.
Attackers are turning up the heat with advanced TTPs like Adversary-in-the-Middle (AiTM) phishing attacks to steal session cookies and bypass MFA security.
Active Threat Alert: Protect against active phishing campaigns serving up personalized and uniquely randomized URL paths or subdomains.
Threat Alert: zvelo’s PhishBlocklist identifies a very active USPS phishing attack using personalized URLs that target USPS customers.
zvelo announced predictive phishing detection enhancements that will help cyber defenders to predict and block phishing campaigns.
The Browser-in-the-Browser (BitB) attack technique makes it easier for attackers to mount social engineering campaigns for credential harvesting.
zvelo takes you behind the scenes of a phishing attack to show you the TTPs attackers use to gain network access and establish persistence. There is far more than meets the eye.
This is the first article of a three-part series where we examine phishing attacks that faded from popularity but are now resurging — in particular, malicious Office documents.
The adoption of single-use phishing URLs is driving new demand for zero-second detections to keep up with the dwindling lifespan of phishing sites.