phishing
LogoKit update: The phishing kit leveraging open redirect vulnerabilities
Resecurity identified threat actors leveraging open redirect vulnerabilities in online services and apps to bypass spam filters to ultimately deliver phishing content. Using …
Phishing campaign targets Coinbase wallet holders to steal cryptocurrency in real-time
In this video for Help Net Security, Nick Ascoli, VP of Threat Research, PIXM, discusses a multilayered phishing campaign targeting cryptocurrency exchange Coinbase. Attackers …
Phishers use custom phishing kit to hijack MFA-protected enterprise Microsoft accounts
An ongoing, large-scale phishing campaign is targeting owners of business email accounts at companies in the FinTech, Lending, Insurance, Energy and Manufacturing sectors in …
The most impersonated brand in phishing attacks? Microsoft
Vade announced its H1 2022 Phishers’ Favorites report, a ranking of the top 25 most impersonated brands in phishing attacks. Microsoft came in at #1 on the list, followed by …
Targeted campaign uses infostealer to hijack Facebook Business accounts
WithSecure researchers have discovered an ongoing operation, dubbed “DUCKTAIL”, that targets individuals and organizations operating on Facebook’s Ads and …
The rise and continuing popularity of LinkedIn-themed phishing
Phishing emails impersonating LinkedIn continue to make the bulk of all brand phishing attempts; according to Check Point, 45% of all email phishing attempts in Q2 2022 …
PayPal-themed phishing kit allows complete identity theft
Sometimes phishers are just after your username and password, but other times they are after every scrap of sensitive information they can extract from you. To do that, they …
Phishers steal Office 365 users’ session cookies to bypass MFA, commit payment fraud
A massive phishing campaign has been targeting Office 365 (i.e., Microsoft 365) users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor …
How phishing attacks are becoming more sophisticated
The latest APWG’s Phishing Activity Trends Report reveals that in the first quarter of 2022 there were 1,025,968 total phishing attacks—the worst quarter for phishing observed …
Cybercriminals use Azure Front Door in phishing attacks
Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in …
How to keep your NFTs safe from scammers
According to Wikipedia, the first known non fungible token (NFT) was created in 2014 and the first NFT project was launched in late 2015. It took a few more years and more …
Fake voicemail notifications are after Office365, Outlook credentials
A phishing campaign using fake voicemail notifications has been and is still targeting various US-based organizations, in an attempt to grab employees’ Office365 and …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users