putilov_denis - stock.adobe.com
News brief: Email scams highlight need for employee vigilance
Check out the latest security news from the Informa TechTarget team.
A workday for many employees involves sorting through a seemingly endless flow of emails and meeting invitations. Some are important. Some are not. Some are downright dangerous.
As this week's featured news shows, bad actors won't let up on inserting phishing attempts or prompt injections into those routine messages and invitations. An occasional visit to an email account's spam folder is a good reminder that cyberdefense tools filter out many malicious messages -- but not all of them. The last line of defense is often the judgment of the recipient.
Knowing how to spot phishing attempts is the foundation of most cybersecurity awareness training programs. It's also what organizations use to build a strong cybersecurity culture.
While there's debate about the effectiveness of awareness training, it's impossible to overstate the importance of an individual employee's vigilance. That in-the-moment decision to click or not matters. According to the "Microsoft Digital Defense Report 2025," 28% of breaches can be traced back to phishing and social engineering campaigns.
Email trickery remains an inviting entry point for attackers, even though the threat is well-understood and organizations strive to guard against it. And the threat is only growing stronger. Experts warn that deepfake phishing tactics and other sophisticated techniques are exacerbating the problem.
This week's featured headlines provide fresh evidence that every inbox should be considered an attack vector.
Filters don't catch legit-looking relay spam emails
Users have reported a surge in spam emails originating from Zendesk domains, exploiting legitimate company instances from Live Nation, Capcom, Tinder and more. The content of these emails, which often bypass spam filters, varies. Common themes include bogus lawsuits from major companies or legal notifications from government agencies intended to steal credentials or gain access.
Zendesk characterized the problem as relay spam, where attackers exploit misconfigured email servers to send scam messages. While Zendesk denied a breach, it has implemented enhanced safety measures and increased monitoring.
Holiday phishing emails target password manager
LastPass warned this week of a phishing campaign falsely claiming that the company is conducting maintenance and urging customers to back up their vaults within 24 hours. The campaign, which began on the Martin Luther King Jr. holiday in the U.S., exploited urgency to deceive users. Targeting users during holidays, when security staffing is often scaled back, is a common tactic for attackers.
LastPass emphasized it would never ask users for master passwords or impose tight deadlines. The alert included details of fake emails, malicious URLs and IP addresses. The company said it is working with partners to shut down the malicious domain.
Gemini AI flaw invites calendar attacks
Researchers have identified a prompt injection vulnerability in Google's Gemini AI that enables attackers to exploit Google Calendar to access sensitive data. By embedding malicious prompts in calendar event descriptions, attackers can manipulate Gemini to exfiltrate private meeting details or create deceptive events without user interaction.
This flaw highlights a structural limitation in AI systems, where vulnerabilities arise from language and context rather than code. The attack bypasses traditional security measures, demonstrating the need for advanced defenses that analyze semantics and intent.
Experts emphasized the need for interdisciplinary efforts, including runtime policy enforcement and continuous monitoring, to secure AI-powered applications against such threats.
Read the full story by Elizabeth Montalbano on Dark Reading.
Editor's note: An editor used AI tools to aid in the generation of this news brief. Our expert editors always review and edit content before publishing.
Phil Sweeney is an industry editor and writer focused on cybersecurity topics.
