Cyber Security and Information Systems Information Analysis Center
Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
The CSIAC has compiled many resources on the topic of Phishing. Please browse the resources below.
"This technique uses AES encryption instead of B64 or simple XOR routines write new content to the page at load time," said a Ring 0 Labs representative in an email to Threatpost. "Since this is a newer technique, it can be fairly effective at avoiding scanning services and crawlers that aim to detect these types of sites. But like anything, these services Read More
It's a phishing scheme that even multifactor authentication and changing your password won't fix. Read More
A phishing attack usually depends on two things: a perfect disguise and somewhat the ignorance of users. But not this one as hackers are now faking popular domains like Apple, Google, or eBay on their own fraudulent websites. Hackers are even able to get the little "Secure" green bar for their fraudulent websites making the attack even more sophisticated. Read More
Avoid falling for phishing attempts with these helpful tips. Read More
The incredibly clever technique involves a fake but convincing and functional Gmail sign-in page. Read More
Some browsers will turn over a user's autofill information - even when the website doesn't ask for it. Read More
Two groups of Russian hackers used a blend of spear phishing, booby-trapped websites, and remote-access malware to worm their way into the Democratic National Committee’s computers and hurt the party’s prospects in last month’s presidential election, experts from the FBI and the Department of Homeland Security say in a 13-page report. Read More
The County of Los Angeles is notifying 756,000 individuals of a breach that occurred five months ago stemming from a phishing scheme that tricked more than 100 county employees. Read More
In the wake of the 2016 United States Presidential Election, not even six hours after Donald Trump became the nation’s President-Elect, an advanced persistent threat (APT) group launched a series of coordinated and well-planned spear phishing campaigns. Read More
A story of and tips on recognizing phishing attempts. Read More
