Security Affairs

NOVEMBER 4, 2024

for phishing scams that stole millions by hacking email accounts. for phishing scams that resulted in the compromise of millions of email accounts. for phishing scams that resulted in the compromise of millions of email accounts. Nigerian Kolade Ojelade gets 26 years in U.S. million in restitution.

Scams 121

Scams Phishing Identity Theft Accountability 121

Krebs on Security

MARCH 27, 2025

Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life. The text has been machine-translated from Russian.

Phishing 201

Phishing Government Engineering Internet 201

Security Boulevard

JANUARY 27, 2025

A large-scale phishing campaign is using PDF files and hidden malicious links, as well as posing at the U.S. Postal Service, in phishing campaign targeting mobile device users in hope that victims will divulge credentials and personal information, Zimperium researchers say.

Mobile 116

Mobile Scams Phishing Social Engineering 116

Security Boulevard

FEBRUARY 12, 2025

As Valentines Day approaches, cybercriminals are ramping up their efforts to exploit consumers through romance scams, phishing campaigns and fraudulent e-commerce offers. The post Cybercriminals Exploit Valentines Day with Romance Scams, Phishing Attacks appeared first on Security Boulevard.

Scams 114

Scams Phishing Security Awareness Cybercrime 114

Schneier on Security

JUNE 3, 2024

Recent research showed that 60% of participants fell victim to artificial intelligence (AI)-automated phishing, which is comparable to the success rates of non-AI-phishing messages created by human experts. Here’s the full text.

Phishing 339

Phishing Artificial Intelligence Scams 339

Schneier on Security

SEPTEMBER 1, 2022

Brian Krebs is reporting on a clever PayPal phishing scam that uses legitimate PayPal messaging. Basically, the scammers use the PayPal invoicing system to send the email. The email lists a phone number to dispute the charge, which is not PayPal and quickly turns into a request to download and install a remote-access tool.

Scams 284

Scams Phishing 284

Security Boulevard

JANUARY 17, 2025

The post California Wildfires Spark Phishing Scams Exploiting Chaos appeared first on Security Boulevard. As Southern California continues to battle devastating wildfires, cybercriminals have seized the opportunity to exploit the chaos, targeting vulnerable individuals and organizations.

Scams 108

Scams Phishing Security Awareness Cybersecurity 108

Malwarebytes

MARCH 26, 2025

Internet security expert and educator Troy Hunt disclosed this week that he had been hit by one of the oldestand most provenscams in the online world: A phishing attack. As such, readers should be the lookout for any scams or phishing attempts in the coming weeks. But Hunts immediate disclosure of the attack should be commended.

Phishing 122

Phishing Data breaches Password Management Scams 122

Malwarebytes

APRIL 7, 2025

Back in August 2024, we warned about a relatively new type of SMS phishing (or smishing ) scam that was doing the rounds. Now a new wave of toll fee scams are working their way round the US. The phishing sites are typically out to steal personal information and/or payment details. E.g. e-zpass.com- roadioe[.]cc.

Scams 110

Scams Phishing Mobile Internet 110

Schneier on Security

APRIL 10, 2023

Here’s an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better at persuading victims to respond or click on the link than the usual spam. By using an obvious scam email, the scammer can focus on the most potentially profitable people.

Phishing 336

Phishing Scams Internet Internet 336

eSecurity Planet

OCTOBER 22, 2024

One of the most concerning tactics currently on the rise is the ClickFix campaign — a sophisticated phishing scheme targeting unsuspecting Google Meet users. These malware scams lure individuals with fake conference invitations designed to mimic legitimate meeting requests and exploit users’ trust. What Are ClickFix Campaigns?

Scams 123

Scams Malware Phishing Social Engineering 123

Penetration Testing

NOVEMBER 5, 2024

LastPass, a leading password management platform, has issued a critical warning to users about a social engineering campaign targeting its customer base through deceptive reviews on its Chrome Web Store... The post Warning: LastPass Alerts Users to Phishing Scam Using Fake Support Reviews on Chrome Web Store appeared first on Cybersecurity (..)

Scams 87

Scams Phishing Social Engineering Password Management 87

SecureWorld News

DECEMBER 4, 2024

The United States retail sector faced an especially aggressive wave of cyber threats, with phishing attacks mimicking major holiday brands [3] including Walmart, Target, and Best Buy increasing by more than 2,000% during peak shopping periods.

Retail 116

Retail Scams Phishing Cyber threats 116

Krebs on Security

NOVEMBER 10, 2021

Most of us have probably heard the term “smishing” — which is a portmanteau for traditional ph ishing scams sent through SMS text messages. ” The remarkable aspect of these phone-based phishing scams is typically the attackers never even try to log in to the victim’s bank account.

Banking 363

Banking Phishing Scams Accountability 363

Krebs on Security

NOVEMBER 4, 2021

Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. One of dozens of FedEx-themed phishing sites currently being advertised via SMS spam. ” Attempting to visit the domain in the phishing link — o001cfedeex[.]com

Phishing 339

Phishing Scams Mobile DNS 339

SecureWorld News

FEBRUARY 3, 2025

and Dutch law enforcement agencies have dismantled 39 domains and their associated servers in an effort to disrupt a Pakistan-based network of online marketplaces selling phishing and fraud-enabling tools. In a significant victory against cybercrime, U.S. According to the U.S.

Phishing 112

Phishing Cybercrime Scams Authentication 112

Krebs on Security

NOVEMBER 1, 2024

This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. KrebsOnSecurity last week heard from a reader whose close friend received a targeted phishing message within the Booking mobile app just minutes after making a reservation at a California.

Phishing 264

Phishing Accountability Artificial Intelligence Cybercrime 264

Krebs on Security

MARCH 14, 2025

In this scam, dubbed “ ClickFix ,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. Some of those lures worked, and allowed thieves to gain control over booking.com accounts.

Phishing 272

Phishing Malware Scams Passwords 272

Malwarebytes

JANUARY 13, 2025

A smishing (SMS phishing) campaign is targeting iMessage users, attempting to socially engineer them into bypassing Apple’s built in phishing protection. How to avoid smishing scams Never reply to suspicious messages, even if its only a Y or 1.

Phishing 137

Phishing Social Engineering Scams Mobile 137

Malwarebytes

MARCH 4, 2025

PayPal scammers are using an old Docusign trick to enhance the trustworthiness of their phishing emails. We’ve received several reports of this recently, so we dug into how the scam works. If you know this is a scam, youll likely see some red flags. We appreciate your immediate attention to this alert.

Scams 139

Scams Accountability Phishing Banking 139

Security Boulevard

DECEMBER 10, 2024

SpartanWarrioz, whose prolific phishing kit business took a hit when the group's Telegram channel was shut down in November, is rebounding quickly, creating a new channel and courting former subscribers as it rebuilds its operations, Forta researchers say.

Scams 120

Scams Phishing Social Engineering Engineering 120

Krebs on Security

NOVEMBER 19, 2021

Naturally, a great deal of phishing schemes that precede these bank account takeovers begin with a spoofed text message from the target’s bank warning about a suspicious Zelle transfer. What follows is a deep dive into how this increasingly clever Zelle fraud scam typically works, and what victims can do about it.

Scams 362

Scams Banking Passwords Authentication 362

Krebs on Security

JULY 23, 2024

The Chinese company in charge of handing out domain names ending in “ top ” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. ” Image: Shutterstock. Interisle said.top has roughly 2.76

Phishing 322

Phishing DNS Scams Technology 322

Malwarebytes

APRIL 8, 2025

Brand impersonation: from Google ad to phishing page Accounting and tax preparation software has traditionally been a common lure for scammers, particularly those related to online support operating out of large call centres in India and surrounding areas.

Phishing 85

Phishing Scams Accountability Passwords 85

Krebs on Security

FEBRUARY 8, 2021

Cyber cops in Ukraine carried out an arrest and several raids last week in connection with the author of a U-Admin , a software package used to administer what’s being called “one of the world’s largest phishing services.” The U-Admin phishing panel interface. Image: fr3d.hk/blog. ” U-Admin, a.k.a.

Phishing 332

Phishing Scams Banking Mobile 332

Krebs on Security

MARCH 28, 2024

Here’s the story of a recent thread hijacking attack in which a journalist was copied on a phishing email from the unwilling subject of a recent scoop. Instead, he forwarded the messages to LancasterOneline’s IT team, which quickly flagged them as phishing attempts. “We were just perplexed,” Murse said.

Phishing 312

Phishing Scams Accountability Passwords 312

Krebs on Security

NOVEMBER 21, 2024

A visual depiction of the attacks by the SMS phishing group known as Scattered Spider, and Oktapus. The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page. Image: Amitai Cohen twitter.com/amitaico. com and ouryahoo-okta[.]com. Click to enlarge.

Identity Theft 255

Identity Theft Phishing Cryptocurrency Accountability 255

Troy Hunt

FEBRUARY 23, 2024

I've been getting a lot of those "your parcel couldn't be delivered" phishing attacks lately and if you're a human with a phone, you probably have been too. And so, when I received the following SMS earlier this week I was expecting a parcel and I was expecting phishing attacks: So. Parcel or phish?

Phishing 363

Phishing Scams Banking Social Engineering 363

Krebs on Security

SEPTEMBER 19, 2024

Many GitHub users this week received a novel phishing email warning of critical security holes in their code. While it’s unlikely that many programmers fell for this scam, it’s notable because less targeted versions of it are likely to be far more successful against the average Windows user.

Phishing 328

Phishing Scams Malware Passwords 328

eSecurity Planet

MARCH 11, 2025

cities are alerting residents to a widespread phishing scam involving fraudulent text messages about unpaid parking violations. Phishing scam details The scam involves text messages that appear to be official notices from city parking authorities. .” A growing number of U.S. Is your city affected?

Scams 70

Scams Phishing Consumer Protection Authentication 70

Security Boulevard

OCTOBER 29, 2024

Halloween-themed spam has risen sharply this season, with Bitdefender reporting that 40% of these emails contain malicious content designed to scam users or harvest personal data. The post Spooky Spam, Scary Scams: Halloween Threats Rise appeared first on Security Boulevard.

Scams 127

Scams Cybercrime Security Awareness Phishing 127

Schneier on Security

AUGUST 25, 2022

Here’s a phishing campaign that uses a man-in-the-middle attack to defeat multi-factor authentication: Microsoft observed a campaign that inserted an attacker-controlled proxy site between the account users and the work server they attempted to log into.

Phishing 353

Phishing Authentication Passwords Accountability 353

Malwarebytes

NOVEMBER 4, 2024

We identified a new wave of phishing for banking credentials that targets consumers via Microsoft’s search engine. One particularly interesting detail is how a phishing website created barely two weeks ago is already indexed and displayed before the official one. We have reported the fraudulent sites to Microsoft already.

Engineering 129

Engineering Phishing Banking Authentication 129

Krebs on Security

AUGUST 9, 2021

The payment message displayed by the carding site phishing domain BriansClub[.]com. However, upon registering at the phishing site and clicking to fund my account, I was presented with the exact same Bitcoin address that Mitch said he paid. Shortly after it came online as a phishing site last year, BriansClub[.]com com, vclub[.]cards,

Phishing 362

Phishing Cybercrime Accountability Advertising 362

Security Boulevard

MARCH 31, 2025

The question is no longer whether AI-driven scams will target your business, but how prepared you are to counter them. The post Online Scams in the Age of AI appeared first on Security Boulevard.

Scams 90

Scams Media Security Awareness Phishing 90

eSecurity Planet

MARCH 31, 2025

Streaming giant Netflix is at the center of a rising wave of online scams, cybersecurity experts warn. Karin Zilberstein, vice president of Product at cybersecurity company Guardio, says the platform consistently ranks among the top 10 most imitated companies in phishing schemes. If necessary, contact your bank and report the scam.

Scams 107

Scams Artificial Intelligence Phishing Passwords 107

Krebs on Security

AUGUST 28, 2024

Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. Some people interviewed who received the messages said they figured it was a scam because they knew for a fact they were registered to vote in their state.

Phishing 315

Phishing Scams Mobile Advertising 315