Credential-Phishing on Daily DMARC Newshttps://news.excello.email/tags/credential-phishing/Recent content in Credential-Phishing on Daily DMARC NewsHugoen-USSat, 20 Jun 2026 08:00:00 +0000SVG Phishing Files Are Now the Third Most Common Malicious Email Attachment -- and DMARC Cannot Filter Themhttps://news.excello.email/posts/2026-06-20-svg-phishing-email-attachment-dmarc-authenticated-gateway-bypass/Sat, 20 Jun 2026 08:00:00 +0000https://news.excello.email/posts/2026-06-20-svg-phishing-email-attachment-dmarc-authenticated-gateway-bypass/<p>On June 2, 2026, SANS Internet Storm Center handler Xavier Mertens published an analysis of a phishing wave that had been landing in his inbox for several consecutive days. The attachment on each message was an SVG file &ndash; a Scalable Vector Graphics image. Each email passed SPF, DKIM, and DMARC checks cleanly. The attachment opened in a browser without any security warning. The malicious payload executed the moment it was clicked.</p>8.3 Billion Phishing Threats in Q1 2026: Why CAPTCHA-Gated Attacks and ClickFix Are Reshaping the Email Security Equationhttps://news.excello.email/posts/2026-05-29-captcha-clickfix-phishing-microsoft-q1-2026-dmarc/Fri, 29 May 2026 09:00:00 +0000https://news.excello.email/posts/2026-05-29-captcha-clickfix-phishing-microsoft-q1-2026-dmarc/<p>Microsoft Threat Intelligence published its Q1 2026 Email Threat Landscape Report in late April, and the headline figure is difficult to absorb: 8.3 billion email-based phishing threats detected in the first three months of 2026. That is roughly 92 million per day, every day of the quarter. The raw volume matters less than what the report reveals about how those threats are being delivered and why the delivery methods are changing so rapidly.</p>