Discover the latest articles published by the SUCURILABS team about CTI, DFIR, Human risk management and more.
Learn how Business Email Compromise attacks abuse trusted identities, urgent business requests, and compromised mailboxes to manipulate payments, payroll changes, credentials, and sensitive data.
A deeper look at how attackers use compromised mailboxes to bypass trust controls, hijack conversations, and launch BEC and VEC attacks against employees, customers, and vendors.
Learn how infostealers steal passwords, session cookies, and tokens that can give attackers access to real mailboxes, real conversations, and the business context needed for BEC, VEC, internal phishing, and invoice fraud.
Learn how generative AI is making phishing emails more personalized, scalable, grammatically clean, and harder to detect and why modern email security must focus on intent, behavior, context, and anomalies.
Fake domains are used to impersonate trusted brands, steal credentials, mislead customers, and launch phishing attacks. Learn how typosquatting works and why companies need to detect it early.
Learn how ClickFix attacks use fake errors, CAPTCHAs, and technical instructions to convince users to run malicious commands and compromise data.
Learn how ICS phishing attacks use calendar invites and .ics files to steal credentials, bypass email filters, and manipulate your team.
Learn how OAuth App Abuse attacks exploit cloud application permissions to access emails, files, and financial data without directly stealing passwords.
Discover how artificial intelligence is making financial phishing attacks more realistic, personalized, and harder for Finance teams to detect.
Learn how CEO Fraud attacks fake approvals from CEOs, CFOs, and senior managers to manipulate payments, bypass internal controls, and deceive finance teams.
Understand the difference between Business Email Compromise and Vendor Email Compromise, how these attacks are connected, and how to protect your company from financial fraud.
Discover how thread hijacking attacks use legitimate email conversations to manipulate payments, change financial instructions, and deceive finance teams.
Learn how Payment Redirection Fraud works, a scam that manipulates invoices, suppliers, and financial processes to divert business payments.
Learn how Vendor Email Compromise attacks exploit trusted suppliers to steal money, credentials, and business data.
Introducing CyberHook a new approach to stopping financial email fraud before it impacts your business.
Sucurilabs Threat Insights is a summary of the past week's phishing campaigns and malware threats, delivered to you every Monday.
Sucurilabs Threat Insights is a summary of the past week's phishing campaigns and email threats, delivered to you every Monday.
Sucurilabs Threat Insights is a summary of the past week's live phishing campaigns and email threats, delivered to you every Monday.
This website uses cookies
sucurilabs.com relies on cookies to improve your experience.
