Digital Shadows

JANUARY 22, 2025

Phishing Remains Top Tactic, Fueled by Teams Abuse Figure 1: Top attack techniques in true-positive customer incidents for finance & insurance sector, H2 2024 vs H2 2023 Phishing dominated cyber attacks in H2 2024, accounting for over 90% of incidents across industries due to its simplicity and effectiveness.

Insurance 64

Insurance Phishing Social Engineering Engineering 64

Krebs on Security

AUGUST 9, 2019

A ransomware outbreak that hit QuickBooks cloud hosting firm iNSYNQ in mid-July appears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. And that posed risks based on what we did say publicly while the ransom negotiations were going on.

Phishing 231

Phishing Backups Ransomware Encryption 231

Malwarebytes

SEPTEMBER 20, 2023

The dangers of cryptocurrency phishing are back in the news, after tech investor Mark Cuban was reported to have lost around $870k via a phishing link. As for the specifics of the phishing tactic deployed, Cuban is reported as saying he may have downloaded a bogus wallet tool via a search engine query.

Cryptocurrency 127

Cryptocurrency Scams Phishing Engineering 127

Security Affairs

FEBRUARY 3, 2025

Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. “Targeting of Cryptocurrency Users and Influencers: Crazy Evil explicitly victimizes the cryptocurrency space with bespoke spearphishing lures.”

Scams 83

Scams Media Cryptocurrency Cybercrime 83

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. 2, and Aug.

Mobile 341

Mobile Phishing Authentication Accountability 341

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing 363

Phishing VPN Social Engineering Media 363

Heimadal Security

JANUARY 4, 2023

Members of the security community are at risk. A new phishing campaign is taking advantage of the community’s growing interest in Flipper Zero to steal both their personal data and cryptocurrencies. The tool gives pen-testers and hacking enthusiasts, and researchers the ability to tinker with a wide range of hardware.

Phishing 125

Phishing Cryptocurrency Hacking Risk 125

SecureList

JULY 5, 2023

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. This story covers two fundamentally different methods of email attacks on the two most popular ways of storing cryptocurrency: hot and cold wallets.

Scams 131

Scams Phishing Cryptocurrency Social Engineering 131

Krebs on Security

AUGUST 25, 2023

Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. ” A phishing message targeting FTX users that went out en masse today.

Mobile 235

Mobile Cyber Risk Data breaches Cryptocurrency 235

SecureWorld News

FEBRUARY 26, 2025

On February 21, 2025, the cryptocurrency world was rocked by the largest crypto heist in history. billion theft from Bybit is set to drastically reshape the cryptocurrency sector, most likely leading to a new era of regulatory scrutiny and security practices. billion in crypto assets.

Hacking 82

Hacking Cryptocurrency Cyber threats Malware 82

SecureList

JANUARY 13, 2022

Also, we have previously reported on cryptocurrency-focused BlueNoroff attacks. It appears that BlueNoroff shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency businesses as the main source of the group’s illegal income. Malware infection. cmd.exe /c “mkdir %public%MM >%temp%TMPF522.tmp

Cryptocurrency 145

Cryptocurrency Malware Accountability Banking 145

Digital Shadows

MARCH 12, 2025

Figure 1: Top attack techniques in true-positive customer incidents for the hospitality and recreation sector compared to all sectors, September 1, 2024February 28, 2025 Threat actors exploited stolen or brute-forced credentials, often obtained through phishing, data leaks, or purchased from Initial Access Brokers (IABs).

Cyber threats 64

Cyber threats Cryptocurrency IoT Ransomware 64

Malwarebytes

AUGUST 26, 2021

In August of 2021, a thief stole about $600 million in cryptocurrencies from The Poly Network. Slightly more than one week later, Japanese cryptocurrency exchange Liquid was hacked and lost $97 million worth of digital coins. But we can explain the terminology, the methods, and the risks. I wish I knew.

Cryptocurrency 120

Cryptocurrency Banking Hacking Engineering 120

Krebs on Security

JANUARY 30, 2024

authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. ” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials.

Social Engineering 357

Social Engineering Mobile Passwords Cybercrime 357

eSecurity Planet

NOVEMBER 18, 2022

This involved using an “unsecured group email account as the root user to access confidential private keys and critically sensitive data for the FTX Group companies around the world…” About $740 million in cryptocurrency has been placed into new cold wallets. One way is through hijacking computer resources to mine cryptocurrencies.

Risk 143

Risk Cybersecurity Cryptocurrency Social Engineering 143

SecureList

DECEMBER 6, 2022

There are two main types of online fraud aimed at stealing user data and money: phishing and scams. The history of scams and phishing. The term “phishing” was coined back in 1996, when cybercriminals attacked users of America Online (AOL), the largest internet provider at that time. Phishing site with chat support.

Scams 134

Scams Phishing Social Engineering Banking 134

Malwarebytes

DECEMBER 20, 2022

If you’re a user of the Gemini cryptocurrency exchange, it’s time to be on your guard against phishing attacks. Gemini is now offering security advice and tips to guard against phishing attacks for anyone contained in the data. Breaches in cryptocurrency land are always a major issue.

Cryptocurrency 88

Cryptocurrency Phishing Scams Accountability 88

Anton on Security

JULY 7, 2022

In many instances, these were targeted due to fewer security controls being placed in non-production environments due to their perceived lower risk.” [A.C.?—?this Now, go and read the report!

Cybersecurity 246

Cybersecurity Cryptocurrency Ransomware Education 246

SecureList

FEBRUARY 16, 2023

Short-lived phishing sites often offered to see the premieres before the eagerly awaited movie or television show was scheduled to hit the screen. Soccer fans chasing merchandise risked compromising their bank cards or just losing some money. Those who just could not wait were in for a disappointment and a waste of cash.

Phishing 118

Phishing Scams Accountability Energy and Utilities 118

SecureList

AUGUST 5, 2021

A fake notification about a Microsoft Teams meeting or a request to view an important document traditionally takes the victim to a phishing login page asking for corporate account credentials. or cryptocurrency secured by these resources. Statistics: phishing. In phishing terms, Q2 2021 was fairly uneventful.

Phishing 135

Phishing Banking Scams Computers and Electronics 135

Centraleyes

DECEMBER 16, 2024

Tools like ChatGPT and Bard, powered by large language models, showcase how generative AI transforms business processesbut they also pose new risks. In a recent survey, 93% of respondents admitted to knowingly increasing their companys cybersecurity risks. The challenge? Securing these AI models and the data they generate.

Cybersecurity 98

Cybersecurity Insurance Cyber Insurance Risk 98

Krebs on Security

SEPTEMBER 30, 2024

Also known as “ Assad Faiq” and “ The Godfather ,” Iza is the 30-something founder of a cryptocurrency investment platform called Zort that advertised the ability to make smart trades based on artificial intelligence technology. cryptocurrency holdings online. I pay him 280k a month for complete resources.

Cryptocurrency 313

Cryptocurrency Government Internet Internet 313

SecureList

MAY 1, 2023

Can ChatGPT detect phishing links? We work on applying machine learning technologies to cybersecurity tasks, specifically models that analyze websites to detect threats such as phishing. live/login.php Yes, it is likely a phishing attempt. Is it phishing? Please explain why.

Phishing 134

Phishing DNS Cybersecurity Internet 134

Security Boulevard

JULY 16, 2024

DeFAIL: Cryptocurrency fans lose their worthless tokens via phishing attacks on decen­tral­ized finance sites. The post Squarespace Hacked — DeFi Wallets Drained (Imaginary Money Stolen) appeared first on Security Boulevard.

Hacking 131

Hacking Cryptocurrency Phishing Social Engineering 131

The Last Watchdog

SEPTEMBER 28, 2022

Phishing attacks are nothing new, but scammers are getting savvier with their tactics. Other Iranian-based cyberattacks have included hackers targeting Albanian government systems and spear phishing scams. Here are four new phishing trends keeping businesses on their toes. Spear phishing. Phishing via texting.

Phishing 124

Phishing Scams Cybercrime Passwords 124

The Last Watchdog

APRIL 14, 2022

This type of targeted phishing or whaling (executive-level) attack tricks email recipients into believing someone they know and trust is asking them to carry out a specific financial task. Today’s BEC attempts aren’t the easy-to-spot, typo-laden phishing campaigns of the past. The short answer: Not always. Scenario 3.

Phishing 247

Phishing Accountability Scams Social Engineering 247

IT Security Guru

MARCH 13, 2025

Cryptocurrency isnt just a buzzword anymore. By December 2024, the number of global cryptocurrency owners reached approximately 659 million, marking a 13% increase from January 2024. Phishing attacks are a known threat, where someone might trick you into giving away personal details or private keys.

Cryptocurrency 62

Cryptocurrency Internet Internet Risk 62

SecureList

MAY 6, 2024

A significant share of scam, phishing and malware attacks is about money. Amid the current threat landscape, Kaspersky has conducted a comprehensive analysis of the financial risks, pinpointing key trends and providing recommendations to effectively mitigate risks and enhance security posture. million detections compared to 5.04

Phishing 134

Phishing Banking Mobile Scams 134

Security Boulevard

AUGUST 2, 2022

Current threat actor activity is incentivized by a broad attack surface represented through high volumes of users and systems, and high potential profits represented through the variety of cryptocurrency offerings. It is easy to detect and block things like malicious cryptocurrency apps or crypto-phishing websites.

Cryptocurrency 98

Cryptocurrency Ransomware Government Risk 98

Security Affairs

MAY 10, 2022

“Frappo” acts as a Phishing-as-a-Service and enables cybercriminals the ability to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online-services to steal customer data.

Phishing 101

Phishing Banking Retail Financial Services 101

Malwarebytes

DECEMBER 5, 2022

In January of 2022 the Malwarebytes Intelligence Team uncovered a campaign where Lazarus conducted spear phishing attacks weaponized with malicious documents that used a familiar job opportunities theme. One of the group's preferred tactics is to use trojanized cryptocurrency related apps, like AppleJeus. The new campaign. Be careful.

Cryptocurrency 90

Cryptocurrency Malware Scams Cybercrime 90

SecureList

FEBRUARY 23, 2022

We look at phishing threats commonly encountered by users and companies as well as the prevalence of various Windows and Android-based financial malware. Phishing: In 2021, 8.2% of users were hit by phishing. E-commerce-related phishing continued to exceed banking-related phishing, as it did in 2020, making up 17.6%

Banking 140

Banking Phishing Cryptocurrency Malware 140

eSecurity Planet

JULY 27, 2021

The LemonDuck malware that for the past couple of years has been known for its cryptocurrency mining and botnet capabilities is evolving into a much broader threat, moving into new areas of cyber attacks, targeting both Linux and Microsoft systems and expanding its geographical reach, according to security researchers with Microsoft.

Malware 144

Malware Risk Cryptocurrency Ransomware 144

SecureWorld News

FEBRUARY 14, 2025

Avoid phishing emails and messages You may receive emails or texts with fake Valentine's Day deals, electronic greeting cards (e-cards), or delivery notifications. Use secure payment methods Avoid wire transfers, prepaid gift cards, or cryptocurrency for online purchases for Valentine's Day.

Scams 73

Scams Cybercrime Social Engineering Phishing 73

Malwarebytes

JULY 4, 2024

Nexo is a crypto platform where users can buy, exchange, and store Bitcoin and other cryptocurrencies. Gemini is another cryptocurrency exchange which has suffered several breaches in the past years. If you are an Authy user we advise you to update at your earliest convenience and keep an eye out for any potential phishing messages.

Cryptocurrency 125

Cryptocurrency Phishing Authentication Data breaches 125

Krebs on Security

SEPTEMBER 17, 2020

The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. Image: DOJ.

Antivirus 363

Antivirus Hacking Software Government 363