When spear phishing met mass phishing


Bulk phishing email campaigns tend to target large audiences. They use catch-all wordings and simplistic formatting, and typos are not uncommon.

Targeted attacks take greater effort, with attackers sending personalized messages that include personal details and might look more like something you’d get from your employer or a customer. Adopting that approach on a larger scale is a pricey endeavor. Yet, certain elements of spear phishing recently started to be used in regular mass phishing campaigns. This story looks at some real-life examples that illustrate the trend.

Read more…
Source: Kaspersky


Sign up for our Newsletter


Related:

  • Key Group: another ransomware group using leaked builders

    October 1, 2024

    Key Group, or keygroup777, is a financially motivated ransomware group primarily targeting Russian users. The group is known for negotiating with victims on Telegram and using the Chaos ransomware builder. The first public report on Key Group’s activity was released in 2023 by BI.ZONE, a cybersecurity solutions vendor: the attackers drew attention when they left an ...

  • Global Cyber Attacks to Double from 2020 to 2024

    October 1, 2024

    On the first day of Cybersecurity Awareness Month in the U.S., research has revealed that the number of significant global cyber attacks in 2024 will be double that of 2020. A new report from insurer QBE, Connected Business: digital dependency fuelling risk, predicts that organisations will be hit by 211 disruptive and destructive cyber attacks this ...

  • Proactive Visibility Is Foundational to Strong Cybersecurity

    September 30, 2024

    Exposures are more than CVEs, so organizations need to move beyond the traditional thinking of vulnerability management to a holistic view. Part of that view must be greater visibility into devices, users, applications, and all the digital infrastructure connected to an organization’s environment. Gaps in that view create risk exposure. Organizations must proactively identify anything that ...

  • Dutch police leak leaves data of 62,000 officers in hands of hackers

    September 30, 2024

    Police are continuing to investigate the impact of a data leak last week in which hackers obtained the “work-related contact data of all police officers”. The Dutch national police force employs some 62,000 officers. According to an email sent to staff at the weekend, police chief Janny Knol an “office account” was hacked revealing names, email ...

  • China: Rast ransomware gang aiming at domestic government and enterprises

    September 29, 2024

    From December 2023 to the present, QiAnXin Threat Intelligence Center observed that a ransomware written in rust language is very active on the Chinese Internet, and a large number of machines in China have been ransomed, with up to more than 20 victimized units only in the terminals of government and enterprises, which the researchers call ...

  • Millions of Kia vehicles were vulnerable to remote attacks with just a license plate number

    September 27, 2024

    In June of 2024 security researchers uncovered a set of vulnerabilities in the Kia dealer portal that allowed them to remotely take over any Kia vehicle built after 2013—and all they needed was a license plate number. According to the researchers: “These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless ...