messengersMessengers 101: safety and privacy advice
A dozen short and simple tips on how to use WhatsApp, Telegram, Signal, iMessage, WeChat, and other messaging apps safely and hassle-free.
phishing
236 articles
archiversSecurity measures for handling archive files in organizations
Archives are being used in targeted phishing and other attacks on organizations. What tools, settings, and policies can mitigate the threat?
e-mailScammers exploiting GetShared for phishing attacks
Scammers are exploiting GetShared to bypass email security.
Lessons from the Bybit hack: how to store crypto safely
Takeaways for regular crypto holders from the biggest crypto heist in history.
phishingChecking QR codes in emails
We’ve added technology that checks QR codes in emails for phishing links.
What to do if your WhatsApp account gets hacked
Eight signs your WhatsApp account has been stolen — and steps to recover and protect it.
cryptocurrenciesMeme coins and NFTs: How not to lose your shirt
Everything you wanted to know about meme cryptocurrencies — such as TRUMP and DOGE — and ways to win or lose big.
WhatsApp and Telegram account hijacking: How to protect yourself against scams
We look into every method of hijacking WhatsApp, Telegram, and other messaging accounts – from quishing to fake gifts and viruses, and ways to protect yourself against them.
Metadata: Uncovering what’s hidden inside
Every file, video, etc. we share contains a lot of hidden additional information — metadata. What’s it for, and is it really necessary?
Passwords 101: don’t enter your passwords just anywhere they’re asked for
How to avoid giving away your password to scammers when logging in to third-party sites or viewing “encrypted” or “confidential” documents.
You found a seed phrase from someone else’s cryptowallet: what could go wrong?
Scammers have invented a new trick — they post cryptowallet seed phrases in YouTube comments using newly created accounts. Here’s how it works
Message boards hit by new video-call scam
Scammers posing as buyers snatch one-time codes during online product demos.
You’ve been sent a “gift” — a Telegram Premium subscription
Cybercriminals are enticing Telegram users with free subscriptions. Is this an unexpected act of generosity or just another scam?
Two-minute guide to cybersafety
Five dead simple tips to greatly improve your defenses against cybercriminals.
How (not) to play tanks and catch a backdoor
Cybercriminals have devised a new ruse: luring gamers to a modish crypto tank-game to gain full access to their computers.
Phishing emails and Docusign electronic signature
Phishers have adopted another trick: they send emails pretending to be from Docusign with a fake link to a document that the recipient must sign.
Overcooking the phish
This phishing campaign incorporates ghost spoofing, embedded text in images, a PDF file, a QR code, DocuSign imitation, and Cloudflare verification — yet it still completely misses the mark.
SambaSpy: a new remote access Trojan
We’ve discovered a new Trojan that’s very selective about its victims.
Automated phishing
Telegram bot sells subscriptions to phishing tools to hack Microsoft 365 accounts, including 2FA bypass.
2FAHow the adversary-in-the-middle technique is used in spearphishing attacks
Cybercriminals are using AitM techniques to compromise accounts of company executives. How do they do this, and how to protect against it?