Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 200

Phishing Passwords Internet Internet 200

Troy Hunt

NOVEMBER 18, 2019

You know how banks really, really want to avoid their customers falling victim to phishing scams? And how they put a heap of effort into education to warn folks about the hallmarks of phishing scams? banks will never do things that look like a phish? Isn't this what NAB was warning us about - "download of data"?

Banking 236

Banking Phishing Scams Accountability 236

The Hacker News

APRIL 8, 2024

A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice," Trustwave SpiderLabs researcher Karla Agregado said.

Phishing 144

Phishing 144

SecureList

APRIL 5, 2023

They have become adept at using Telegram both for automating their activities and for providing various services — from selling phishing kits to helping with setting up custom phishing campaigns — to all willing to pay. ” Links to the channels are spread via YouTube, GitHub and phishing kits they make.

Phishing 143

Phishing Marketing Scams Accountability 143

Security Affairs

JULY 30, 2024

Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a sophisticated phishing campaign targeting Microsoft OneDrive users. exe”), and executes script.a3x using AutoIt3.exe.

Phishing 144

Phishing DNS Social Engineering Engineering 144

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Government 142

Government Phishing Malware Banking 142

SecureList

JULY 11, 2024

Introduction Bulk phishing email campaigns tend to target large audiences. Yet, certain elements of spear phishing recently started to be used in regular mass phishing campaigns. Spear phishing vs. mass phishing Spear phishing is a type of attack that targets a specific individual or small group.

Phishing 121

Phishing Technology DNS Education 121

SecureList

MARCH 27, 2023

technologies — the distributed file system IPFS — for email phishing attacks. The file itself resides on the computer of the user who had “uploaded” it to IPFS, and is downloaded directly from that computer. By default, uploading a file to IPFS or downloading it requires special software (IPFS client). What is IPFS?

Phishing 140

Phishing Technology Internet Internet 140

The Hacker News

OCTOBER 22, 2024

Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Tracked under the names BlackWidow, IceNova, Lotus,

Phishing 140

Phishing Malware 140

The Hacker News

MARCH 11, 2024

Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that's propagated via phishing emails bearing PDF attachments. This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said.

Banking 141

Banking Phishing Malware 141

Malwarebytes

DECEMBER 26, 2023

Phishing is the art of sending an email with the aim of getting users to open a malicious file or click on a link to then steal credentials. But most phishers aren’t very good, and the success rate is relatively low: In 2021, the average click rate for a phishing campaign was 17.8%. So how do you recognize AI phishing emails?

Phishing 139

Phishing Software Risk Cybersecurity 139

Malwarebytes

FEBRUARY 13, 2024

By convincing employees to download and run these seemingly benign RMM applications under the guise of fixing non-existent issues, these fraudsters gain unfettered access to the company’s network. Attackers could trick them by sending them to a typical phishing page or making them download malware, all of which are good options.

Phishing 135

Phishing Software Scams Banking 135

SecureList

JUNE 10, 2024

This article examines methods that rely on social engineering, where attackers manipulate the victim into giving away the OTP, and tools that they use to automate the manipulations: so-called OTP bots and administration panels to control phishing kits. Phishing is typically how they get the most up-to-date credentials.

Phishing 141

Phishing Banking Social Engineering Accountability 141

SecureList

SEPTEMBER 27, 2023

Unlike phishing links that are easy to check and block, QR code is a headache for security solutions. Malevolent uses of QR codes in email Fraudsters use QR codes to encode links to phishing and scam pages. Use of IPFS in QR phishing Statistics From June through August 2023, we detected 8,878 phishing emails containing QR codes.

Phishing 142

Phishing Passwords Accountability Scams 142

The Last Watchdog

NOVEMBER 6, 2023

QR code phishing attacks started landing in inboxes around the world about six months ago. Related: ‘BEC’ bilking on the rise These attacks prompt the target to scan a QR code and trick them into downloading malware or sharing sensitive information.

Phishing 202

Phishing Scams Education Malware 202

Krebs on Security

DECEMBER 1, 2022

ConnectWise , which offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link.

Phishing 284

Phishing Architecture Passwords Accountability 284

Security Affairs

DECEMBER 29, 2023

Ukraine’s CERT (CERT-UA) warned of a new phishing campaign by the APT28 group to deploy previously undocumented malware strains. CERT-UA discovered multiple phishing attacks aimed at government organizations between December 15 and December 25. file classified as MASEPIE.

Phishing 144

Phishing Malware Computers and Electronics Internet 144

Krebs on Security

FEBRUARY 28, 2024

The file that Doug ran is a simple Apple Script (file extension “ scpt”) that downloads and executes a malicious trojan made to run on macOS systems. But Doug does still have a copy of the malicious script that was downloaded from clicking the meeting link (the online host serving that link is now offline).

Malware 309

Malware Cryptocurrency Software Phishing 309

Malwarebytes

FEBRUARY 13, 2024

By convincing employees to download and run these seemingly benign RMM applications under the guise of fixing non-existent issues, these fraudsters gain unfettered access to the company’s network. Attackers could trick them by sending them to a typical phishing page or making them download malware, all of which are good options.

Phishing 125

Phishing Software Scams Banking 125

Malwarebytes

MAY 16, 2024

A type of phishing we’re calling authentication-in-the-middle is showing up in online media. It works like this: A user gets lured to a phishing site masquerading as a site they normally use, such as a bank, email or social media account. Keep threats off your devices by downloading Malwarebytes today.

Authentication 145

Authentication Phishing Password Management Scams 145

SecureList

JUNE 22, 2023

For this post, we selected three private reports, namely those related to LockBit and phishing campaigns targeting businesses, and prepared excerpts from these. Phishing and a kit Recently we stumbled upon a Business Email Compromise (BEC) case, active since at least Q3 2022.

Phishing 140

Phishing Encryption Cybercrime Ransomware 140

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. com”, which in turn redirected them to an attacker-owned Dropbox that downloaded the malicious executable WsTaskLoad.exe onto their systems.

Phishing 138

Phishing Cybercrime Manufacturing Hacking 138

Krebs on Security

SEPTEMBER 27, 2023

According to DomainTools.com , this address also hosts or else recently hosted the usual coterie of Snatch domains, as well as quite a few domains phishing known brands such as Amazon and Cashapp. But it appears multiple crime groups may be using these domains to phish people and disseminate all kinds of information-stealing malware.

Ransomware 293

Ransomware Internet Internet Phishing 293

SecureList

DECEMBER 17, 2024

The link directed users to a phishing site offering to download Mamont for Android ( 12936056e8895e6a662731c798b27333 ). The phishing link sent by the manager We have to give it to the operators: the scam was quite convincing. Avoid downloading apps from anywhere but official sources.

Scams 72

Scams Malware Social Engineering Banking 72

SecureList

MAY 1, 2023

Can ChatGPT detect phishing links? We work on applying machine learning technologies to cybersecurity tasks, specifically models that analyze websites to detect threats such as phishing. live/login.php Yes, it is likely a phishing attempt. Is it phishing? Please explain why.

Phishing 141

Phishing DNS Cybersecurity Internet 141

Schneier on Security

APRIL 6, 2020

Before this, the threat actors used the stolen credentials to deliver phishing emails to other Fabrikam employees, as well as to their external contacts, with more and more systems getting infected and downloading additional malware payloads. The infection mechanism was one employee opening a malicious attachment to a phishing email.

Malware 229

Malware Phishing Authentication Internet 229

Security Affairs

AUGUST 3, 2024

A Russia-linked APT used a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. The campaign began around March 2024, the attackers leveraged phishing tactics that have been effective against diplomats for years, exploiting themes that prompt targets to engage with malicious content.

Phishing 140

Phishing Malware Advertising Authentication 140

Krebs on Security

AUGUST 30, 2022

A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their mobile devices. 2, and Aug.

Mobile 329

Mobile Phishing Authentication Accountability 329

Schneier on Security

FEBRUARY 7, 2023

In the past, these families typically relied on phishing and malicious spam that attached Microsoft Word documents with booby-trapped macros. The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader.

Malware 262

Malware Phishing Cybercrime 262

Malwarebytes

SEPTEMBER 13, 2023

The consequences of last year's LastPass breach continue to be felt, with the latest insult to users coming in the form of a highly convincing phishing email. Armed with this data, attackers can send targeted phishing emails that attempt to steal the passwords needed to unlock the stolen password vaults. Use a password manager.

Phishing 145

Phishing Accountability Passwords Password Management 145

Security Affairs

SEPTEMBER 25, 2023

A phishing campaign targets Ukrainian military entities using drone manuals as lures to deliver the post-exploitation toolkit Merlin. Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin.

Phishing 139

Phishing Cyber Attacks Malware Internet 139

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware. “Figure 3, shown below, depicts how the first additional file downloaded is a heavily obfuscated VBS file.

Malware 139

Malware Phishing Spyware Cyber threats 139

SecureList

JULY 5, 2023

Hence, cybercriminals have little motivation to invest heavily into phishing campaigns, and so, techniques used in email attacks on hot wallets are hardly ever original or complex. Sample phishing email that targets Coinbase users After the user clicks the link, they are redirected to a page where they are asked to enter their seed phrase.

Scams 137

Scams Phishing Cryptocurrency Social Engineering 137

Schneier on Security

MAY 5, 2020

Unlike most of the shady apps found in Play Store malware, Kaspersky's researchers say, PhantomLance's hackers apparently smuggled in data-stealing apps with the aim of infecting only some hundreds of users; the spy campaign likely sent links to the malicious apps to those targets via phishing emails. "In

Malware 239

Malware Spyware Phishing Government 239

Security Affairs

JULY 30, 2024

The phishing emails include a malicious document which contains a plain text URL linking to a site controlled by the attacker. When the document is opened, it accesses this URL to download the next stage of the malware. They attempt to target endpoints within these organizations that remained unpatched, thus vulnerable to attack.

Phishing 130

Phishing Malware Hacking Information Security 130

Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. Among the new Fin7 domains Silent Push found are several sites phishing people seeking tickets at the Louvre.

Phishing 294

Phishing Cybercrime Malware Software 294

Security Boulevard

SEPTEMBER 10, 2024

Introduction Following the 2024 ThreatLabz Phishing Report, Zscaler ThreatLabz has been closely tracking domains associated with typosquatting and brand impersonation - common techniques used by threat actors to proliferate phishing campaigns. Among the analyzed phishing domains, 48.4%

Phishing 111

Phishing Accountability Malware Encryption 111