Category: phishing

Auto Added by WPeMatico

Device Code Phishing

Posted on By infossl
authentication, authorization, phishing, russia, Security technology, Uncategorized

This isn’t new, but it’s increasingly popular: The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized in the industry-wide OAuth standard. Authentication through device code flow is designed for logging printers, smart TVs, and similar devices into accounts. These devices typically don’t support browsers, making it … Read More “Device Code Phishing” »

AI Will Increase the Quantity—and Quality—of Phishing Scams

Posted on By infossl
artificial intelligence, LLM, phishing, Security technology, Uncategorized

A piece I coauthored with Fredrik Heiding and Arun Vishwanath in the Harvard Business Review: Summary. Gen AI tools are rapidly making these emails more advanced, harder to spot, and significantly more dangerous. Recent research showed that 60% of participants fell victim to artificial intelligence (AI)-automated phishing, which is comparable to the success rates of … Read More “AI Will Increase the Quantity—and Quality—of Phishing Scams” »

X.com Automatically Changing Link Text but Not URLs

Posted on By infossl
domain names, phishing, Security technology, twitter, Uncategorized

Brian Krebs reported that X (formerly known as Twitter) started automatically changing twitter.com links to x.com links. The problem is: (1) it changed any domain name that ended with “twitter.com,” and (2) it only changed the link’s appearance (anchortext), not the underlying URL. So if you were a clever phisher and registered fedetwitter.com, people would … Read More “X.com Automatically Changing Link Text but Not URLs” »

LLMs and Phishing

Posted on By infossl
ChatGPT, essays, machine learning, phishing, scams, Security technology, Uncategorized

Here’s an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better at persuading victims to respond or click on the link than the usual spam. It’s an interesting experiment, and the results are likely to vary wildly based on the details of the … Read More “LLMs and Phishing” »

Massive Data Breach at Uber

Posted on By infossl
cyberattack, data breaches, hacking, phishing, Security technology, social engineering, uber, Uncategorized

It’s big: The breach appeared to have compromised many of Uber’s internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times. “They pretty much have full access to Uber,” said Sam Curry, a security engineer at Yuga Labs … Read More “Massive Data Breach at Uber” »

SMS Phishing Attacks are on the Rise

Posted on By infossl
phishing, Security technology, sms, Uncategorized

SMS phishing attacks — annoyingly called “smishing” — are becoming more common. I know that I have been receiving a lot of phishing SMS messages over the past few months. I am not getting the “Fedex package delivered” messages the article talks about. Mine are usually of the form: “Thank you for paying your bill, … Read More “SMS Phishing Attacks are on the Rise” »