The 6 Latest Phishing Emails to Avoid in 2018

Despite increased user awareness, phishing remains one of the biggest security threats to the enterprise. Of 1,450 data breach incidents in 2017, Verizon found that the majority — 1,192 — involved phishing, and email was the most common vector used (in 96 percent of incidents).

Consumers are not off the hook either, even if they seem like small fish compared to businesses. After all, the average loss per victim is only around $140, according to Norton. However, those numbers add up fast — to the tune of $172 billion that was stolen by scammers globally in 2017 from 978 million consumers.

As hackers are always retooling their methods, phishing emails are becoming harder and harder to detect. Gone are the days when bad grammar was a dead giveaway, and many of these emails now look flawless (at least until you start digging deeper).

So far this year, we’ve seen many new, sophisticated phishing campaigns, including various ones impersonating global brands, in what is known as “brandjacking.” Here’s a look at some of the latest phishing emails to avoid in 2018.

EOS initial coin offering: Cryptocurrency is all the rage right now, and it didn’t take scammers long to jump on the bandwagon. Hot platform EOS, developed by startup block.one, had an initial coin offering (ICO) in May. Scammers didn’t lose a beat — they sent out phishing emails with subject lines like “The most anticipated event has arrived.”

The sleek email, with spoofed EOS branding and several legitimate links to the startup’s website, described accurate details about the blockchain platform. It included a link to “claim” unsold tokens, and users who typed in their digital cryptocurrency wallet key on the malicious site essentially gave the scammers full access to their accounts.

It wasn’t the first phishing (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Rodika Tollefson. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/l-eTP4uUe4U/