Internet and Phishing - Cyber Security Informer

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

Krebs on Security

JANUARY 16, 2025

Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple U.S. Reports of similar SMS phishing attacks against customers of other U.S. This is by no means a comprehensive list.

Phishing

Phishing Scams Mobile Passwords

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores. An image from one Chinese phishing group’s Telegram channel shows various toll road phish kits available.

Phishing

Phishing Mobile Scams Retail

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

Department of Justice refers to the cybercrime group as Saim Raza , after a pseudonym The Manipulaters communally used to promote their spam, malware and phishing services on social media. ” Manipulaters advertisement for Office 365 Private Page with Antibot phishing kit sold via Heartsender. Image: DomainTools. ” U.S.

Phishing

Phishing Cybercrime Advertising Malware

Why Phishers Love New TLDs Like.shop,top and.xyz

Krebs on Security

DECEMBER 3, 2024

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as.shop ,top ,xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds.

Cybercrime

Cybercrime Phishing Accountability Internet

5 Key Findings From the 2023 FBI Internet Crime Report

The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI).

Identity Theft

AI-Powered Phishing: Defending Against New Browser-Based Attacks

SecureWorld News

JANUARY 22, 2025

The cybersecurity landscape has witnessed a dramatic shift with the rise of AI-powered phishing attacks. The evolution of AI-enhanced phishing Today's phishing attempts are far more sophisticated than ever before. AI-powered phishing campaigns can now adapt in real-time, learning from user interactions to refine their approach.

Phishing

Phishing Threat Detection Social Engineering DNS

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. According to the market share website statista.com , booking.com is by far the Internet’s busiest travel service, with nearly 550 million visits in September. million phishing attempts in 2023.”

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Phish-Friendly Domain Registry “.top” Put on Notice

Krebs on Security

JULY 23, 2024

The Chinese company in charge of handing out domain names ending in “ top ” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. ” Image: Shutterstock. Interisle said.top has roughly 2.76

Phishing

Phishing DNS Scams Technology

Crooks bank on Microsoft’s search engine to phish customers

Malwarebytes

NOVEMBER 4, 2024

We identified a new wave of phishing for banking credentials that targets consumers via Microsoft’s search engine. One particularly interesting detail is how a phishing website created barely two weeks ago is already indexed and displayed before the official one. We have reported the fraudulent sites to Microsoft already.

Engineering

Engineering Phishing Banking Authentication

‘Tis the Season for the Wayward Package Phish

Krebs on Security

NOVEMBER 4, 2021

Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. One of dozens of FedEx-themed phishing sites currently being advertised via SMS spam. ” Attempting to visit the domain in the phishing link — o001cfedeex[.]com

Phishing

Phishing Scams Mobile DNS

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a persistent source of malicious software, botnet controllers, and a torrent of phishing websites. And BEARHOST has been cultivating its reputation since at least 2019. Image: cidr-report.org.

Malware

Malware Antivirus Software DDOS

LLMs and Phishing

Schneier on Security

APRIL 10, 2023

Here’s an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better at persuading victims to respond or click on the link than the usual spam. The impersonations in such scams are no longer just princes offering their country’s riches.

Phishing

Phishing Scams Internet Internet

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

A visual depiction of the attacks by the SMS phishing group known as Scattered Spider, and Oktapus. Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. com and ouryahoo-okta[.]com.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Krebs on Security

AUGUST 18, 2022

” A copy of the phishing message included in the PayPal.com invoice. While the phishing message attached to the invoice is somewhat awkwardly worded, there are many convincing aspects of this hybrid scam. Details of this scam were shared Wednesday with PayPal’s anti-abuse (phish@paypal.com) and media relations teams.

Scams

Scams Phishing Accountability Software

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin , a software package used to administer what’s being called “one of the world’s largest phishing services.” The U-Admin phishing panel interface. Image: fr3d.hk/blog. ” U-Admin, a.k.a.

Phishing

Phishing Scams Banking Mobile

Half of all Phishing Sites Now Have the Padlock

Krebs on Security

NOVEMBER 26, 2018

Maybe you were once advised to “look for the padlock” as a means of telling legitimate e-commerce sites from phishing or malware traps. New research indicates that half of all phishing scams are now hosted on Web sites whose Internet address includes the padlock and begins with “[link].

Phishing

Phishing Scams Cryptocurrency Internet

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Krebs on Security

MARCH 31, 2020

A spear-phishing attack this week hooked a customer service employee at GoDaddy.com , the world’s largest domain name registrar, KrebsOnSecurity has learned. 49 (that domain is hobbled here because it is currently flagged as hosting a phishing site). It was starting to look like someone had gotten phished.

Phishing

Phishing DNS Social Engineering Accountability

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Krebs on Security

APRIL 4, 2024

The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses will be automatically altered to include a different payment address controlled by the scammers. A screenshot of the phishing domain privatemessage dot net.

Phishing

Phishing Cryptocurrency DDOS Internet

Black Hat Fireside Chat: User feedback, AI-infused email security are both required to deter phishing

The Last Watchdog

AUGUST 21, 2024

I recently learned all about the state-of-the art of phishing attacks – the hard way. We discussed just how targeted and contextualized advanced phishing attacks, like the one I experienced, can be. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. (LW

Phishing

Phishing Internet Internet

Padlocks, Phishing and Privacy; The Value Proposition of a VPN

Troy Hunt

SEPTEMBER 17, 2020

I want a "secure by default" internet with all the things encrypted all the time such that people can move freely between networks without ever needing to care about who manages them or what they're doing with them. In the end I broke it down into 3 Ps: padlocks, phishing and privacy.

VPN

VPN Phishing DNS Encryption

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

APRIL 3, 2024

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. Manipulaters advertisement for “Office 365 Private Page with Antibot” phishing kit sold on the domain heartsender,com.

Phishing

Phishing Cybercrime Malware Advertising

Should Failing Phish Tests Be a Fireable Offense?

Krebs on Security

MAY 29, 2019

Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? based firm that helps companies educate and test employees on how not to fall for phishing scams. ” Rohyt Belani , CEO of Leesburg, Va.-based

Phishing

Phishing Scams Education Internet

Tricky Phish Angles for Persistence, Not Passwords

Krebs on Security

JANUARY 7, 2020

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service.

Phishing

Phishing Passwords Accountability Authentication

GUEST ESSAY: Advanced tools, tactics required to defend latest attack variant — ‘DeepSea phishing’

The Last Watchdog

JULY 14, 2022

Phishing itself is not a new or a particularly complicated threat. But the emergence of advanced phishing techniques – “DeepSea Phishing” – poses an entirely new challenge for enterprises. The financial impact of phishing attacks quadrupled over the past six years, with the average cost for U.S. companies rising to $14.8

Phishing

Phishing Education Cybersecurity Threat Detection

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing

Phishing Passwords Internet Internet

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com

Krebs on Security

JUNE 13, 2020

Until recently, I couldn’t quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered to include a different bitcoin address, as long as the Internet addresses of the sender and receiver of the message are not the same. The altered message.

Phishing

Phishing Encryption Internet Internet

FIRESIDE CHAT: Timely employee training, targeted testing needed to quell non-stop phishing

The Last Watchdog

OCTOBER 25, 2022

And this is the fundamental reason phishing persists as a predominant cybercriminal activity. The poll found that security teams are spending one-third of their time handling phishing threats every week. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. (LW

Phishing

Phishing Cloud Migration Small Business Marketing

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse has forced a shift toward more proactive, AI-enhanced defenses. Legacy IAM systems cant keep up as AI-powered phishing and deepfakes grow more sophisticated. The drivers are intensifying.

Cyber threats

Cyber threats CISO IoT Phishing

Report: Recent 10x Increase in Cyberattacks on Ukraine

Krebs on Security

MARCH 11, 2022

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.

DNS

DNS Internet Internet Phishing

Phishing from threat actor TA473 targets US and NATO officials

Tech Republic Security

APRIL 7, 2023

These phishing campaigns are exploiting a Zimbra vulnerability and affecting internet-facing webmail services. The post Phishing from threat actor TA473 targets US and NATO officials appeared first on TechRepublic. Learn how to protect your organization from this security threat.

Phishing

Phishing Internet Internet Government

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

In the United States, when federal, state or local law enforcement agencies wish to obtain information about an account at a technology provider — such as the account’s email address, or what Internet addresses a specific cell phone account has used in the past — they must submit an official court-ordered warrant or subpoena.

Hacking

Hacking Accountability Government Social Engineering

How Phishers Are Slinking Their Links Into LinkedIn

Krebs on Security

FEBRUARY 3, 2022

This search via Urlscan reveals dozens of recent phishing attacks that have leveraged the Slinks feature. A recent phishing site that abused LinkedIn’s marketing redirect. A recent phishing site that abused LinkedIn’s marketing redirect. Urlscan also found this phishing scam from Jan. Image: Urlscan.io.

Phishing

Phishing Marketing Scams Accountability

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Malwarebytes

JANUARY 15, 2025

Table of contents Overview Criminals impersonate Google Ads Lures hosted on Google Sites Phishing for Google account credentials Victimology Who is behind these campaigns? Figure 12: The actual phishing page that follows Finally, all the data is combined with the username and password and sent to the remote server via a POST request.

Advertising

Advertising Accountability Phishing Scams

Black Hat insights: Deploying ‘human sensors’ to reinforce phishing email detection and response

The Last Watchdog

AUGUST 4, 2021

Yet as Black Hat USA 2021 returns today as a live event in Las Vegas, it remains so true that we can always be fooled — and that the prime vehicle for hornswoggling us remains phishing messages sent via business email. For a full drill down on how they’re doing this, please give the accompanying podcast a listen.

Phishing

Phishing Technology Passwords Mobile

RSAC Fireside Chat: IRONSCALES utilizes LLM, superior intel to stay a step ahead of Deep Fakes

The Last Watchdog

MAY 21, 2024

I had the chance to sit down with Eyal Benishti , IRONSCALES founder and CEO, to get a breakdown of how their new Generative Adversarial Network (GAN) technology utilizes a specialized LLM to reinforce anti-phishing mitigation services. For a full drill down, please give the accompanying podcast a listen.

Phishing

Phishing Banking Technology Internet

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Krebs on Security

SEPTEMBER 27, 2023

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. Probably the most active Internet address accessing Snatch’s darknet site is 193.108.114[.]41 top , sntech2ch[.]top

Ransomware

Ransomware Internet Internet Phishing

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers’ networks. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing

Phishing VPN Social Engineering Media

Internet Safety Month: Keep Your Online Experience Safe and Secure

Webroot

MAY 31, 2024

What is Internet Safety Month? Each June, the online safety community observes Internet Safety Month as a time to reflect on our digital habits and ensure we’re taking the best precautions to stay safe online. 4 30% of phishing emails are opened by targeted users. 4 30% of phishing emails are opened by targeted users.

Internet

Internet Internet Identity Theft Passwords

Void Banshee Group Used ‘Windows Relic’ IE in Phishing Campaign

Security Boulevard

JULY 17, 2024

The APT group Void Banshee exploited a now-patched Windows security flaw and the retired Internet Explorer browser to distributed the Atlantida malware to steal system information and sensitive data from victims. The post Void Banshee Group Used ‘Windows Relic’ IE in Phishing Campaign appeared first on Security Boulevard.

Phishing

Phishing Internet Internet Malware

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

One might even say passwords are the fossil fuels powering most IT modernization: They’re ubiquitous because they are cheap and easy to use, but that means they also come with significant trade-offs — such as polluting the Internet with weaponized data when they’re leaked or stolen en masse. TARGETED PHISHING.

Passwords

Passwords Password Management Phishing Scams

Protect Your Home Office and Network With These 5 Tips

Adam Levin

MARCH 23, 2020

You can also create an extra firewall by configuring your router to block unwanted incoming internet traffic. Beware of Phishing Links: Phishing scams are on the rise. Confirm requests for data or personal information with a quick phone call to protect against spear phishing.

Manufacturing

Manufacturing Passwords Phishing Accountability

Microsoft Patch Tuesday, November 2023 Edition

Krebs on Security

NOVEMBER 14, 2023

. “Attackers exploiting this flaw could gain SYSTEM privileges, making it an efficient method for escalating privileges, especially after initial access through methods like phishing.”

Social Engineering

Social Engineering Internet Internet Phishing

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

AI-powered cryptocurrency attacks will automate phishing and exploit vulnerabilities. Dulce Sagie Dulce , VP Research, Zero Networks In 2025, AI will empower both defenders and attackersimproving incident response for the former while accelerating exploits and phishing for the latter.

Risk

Risk Threat Detection Technology Phishing

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

But it’s worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. In a filing with the U.S.

Hacking

Hacking Social Engineering Phishing Scams

Chinese Innovations Spawn Wave of Toll Phishing Via SMS

How Phished Data Turns into Apple & Google Wallets

Trending Sources

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Why Phishers Love New TLDs Like.shop,top and.xyz

5 Key Findings From the 2023 FBI Internet Crime Report

AI-Powered Phishing: Defending Against New Browser-Based Attacks

Booking.com Phishers May Leave You With Reservations

Phish-Friendly Domain Registry “.top” Put on Notice

Crooks bank on Microsoft’s search engine to phish customers

‘Tis the Season for the Wayward Package Phish

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

LLMs and Phishing

Feds Charge Five Men in ‘Scattered Spider’ Roundup

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Half of all Phishing Sites Now Have the Padlock

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Fake Lawsuit Threat Exposes Privnote Phishing Sites

Black Hat Fireside Chat: User feedback, AI-infused email security are both required to deter phishing

Padlocks, Phishing and Privacy; The Value Proposition of a VPN

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Should Failing Phish Tests Be a Fireable Offense?

Tricky Phish Angles for Persistence, Not Passwords

GUEST ESSAY: Advanced tools, tactics required to defend latest attack variant — ‘DeepSea phishing’

Karma Catches Up to Global Phishing Service 16Shop

Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com

FIRESIDE CHAT: Timely employee training, targeted testing needed to quell non-stop phishing

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Report: Recent 10x Increase in Cyberattacks on Ukraine

Phishing from threat actor TA473 targets US and NATO officials

FBI: Spike in Hacked Police Emails, Fake Subpoenas

How Phishers Are Slinking Their Links Into LinkedIn

The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads

Black Hat insights: Deploying ‘human sensors’ to reinforce phishing email detection and response

RSAC Fireside Chat: IRONSCALES utilizes LLM, superior intel to stay a step ahead of Deep Fakes

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Voice Phishers Targeting Corporate VPNs

Internet Safety Month: Keep Your Online Experience Safe and Secure

Void Banshee Group Used ‘Windows Relic’ IE in Phishing Campaign

The Life Cycle of a Breached Database

Protect Your Home Office and Network With These 5 Tips

Microsoft Patch Tuesday, November 2023 Edition

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

When Low-Tech Hacks Cause High-Impact Breaches

Stay Connected