Tag: phishing


Oct 13, 2020
Responding to the rising wave of social engineering attacks against remote workers
By now, it’s clear the pandemic has provided perfect conditions for many types of social engineering attacks. We’ve seen plenty of reports and warnings from the FBI, CISA, Interpol, and other reputable organizations about the growth in coronavirus-related attacks, from spear-phishing to vishing, ransomware, and more, as the world adapts to remote working and its associated risks. In many ways, social …

Sep 30, 2020
Minecraft or math lessons: which one could be the cause of your company’s next social engineering attack?
Your child’s math lesson is a clear and present threat to your company data, and believe it or not, their Minecraft addiction could very well be the cause of your next enterprise-grade social engineering attack. In the past few weeks, millions of children returned to online learning, and simultaneously — and perhaps unknowingly — your company’s cyber …

Sep 30, 2020
How Modern Phishing Defeats Basic Multi-Factor Authentication
Two years ago, at the internet security conference Black Hat US, the Yubico team was invited to speak about how advanced phishing works and how FIDO authentication standards and YubiKeys can help mitigate these attacks. Today’s hackers increasingly hijack one-time use codes and push notifications during the brief window when they are valid, and the …

Oct 18, 2019
Staying safe online beyond national cybersecurity awareness month
Last week, we talked about access management and its role in securing businesses from cyber threats as part of our National Cybersecurity Awareness Month (NCSAM) campaign. Today, we will take you through what’s putting your personal accounts at risk, and share tips from our partners on how to stay better protected. So let’s start by …

Mar 20, 2018
The Anatomy of a Phishing Email: 5 Things to Look For Before You Click
Phishing attacks are now considered the main source of data breaches. 91% of cyber attacks start with a phishing email * Ten years ago, if you asked someone what ‘phishing’ was, they probably would have no idea. Since then, times have changed considerably; phishing attacks are now responsible for a significant number of major data …

Jan 10, 2018
5 Surprisingly Easy Ways Your Online Account Credentials Can Be Stolen
This month, Yubico is partnering with the National Cybersecurity Alliance (NCSA) to support and promote Data Privacy Day, an initiative to empower individuals and encourage businesses to respect privacy, safeguard data, and enable trust. While Data Privacy Day is a one-day event taking place on January 28, security is our focus at Yubico every day, …

Nov 14, 2017
Why email security is mission critical to FastMail
According to the Verizon 2017 Data Breach Investigations Report, gaining access to a user’s personal or professional data through a malicious email is a cyber criminal’s weapon of choice. While many users might consider that there is nothing worth taking inside their inbox, they are most likely overlooking how connected their email is to other …

Oct 3, 2017
Creating the Unphishable Security Key
How the FIDO U2F security key and YubiKey stop phishing and man-in-the-middle attacks Security is never stronger than its weakest link, and that weakest link is often the user. Not surprisingly, phishing attacks that target users are increasing not only in volume, but also in sophistication. Google knows that. Recently, the search giant updated their …

Sep 12, 2017
First US e-Government Services Protected with FIDO U2F Unphishable Security Keys
Today, at the 2017 Federal Identity Forum (FedID), we are taking an important step towards a more secure internet for everyone by introducing the first US federal services to offer identity proofing protection with an unphishable FIDO U2F security key. This solution is enabled through identity proofing provider ID.me, and marks the first roll out …

Jun 5, 2017
How Millions of Websites Can Eliminate Account Takeover from Phishing
Creating accounts online just got a whole lot easier. Now anyone can log in to or register a new account using their existing credentials from social networking services, such as Facebook and Google. With social logins, users won’t have to rack their brain for another password, saving time and securely authenticating their identity. Websites that …