Top

Category: Phishing


Cyber-crime, Phishing

W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts

September 6, 2023

Via: The Hacker News

A previously undocumented “phishing empire” has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years. “The threat actor created a hidden underground market, named W3LL Store, that served a closed community […]


Cyber-crime, Malware, Phishing

New SuperBear Trojan Emerges in Targeted Phishing Attack on South Korean Activists

September 1, 2023

Via: The Hacker News

A new phishing attack likely targeting civil society groups in South Korea has led to the discovery of a novel remote access trojan called SuperBear. The intrusion singled out an unnamed activist, who was contacted in late August 2023 and […]


Cyber-crime, Phishing

Interpol Busts Phishing-as-a-Service Platform ’16Shop,’ Leading to 3 Arrests

August 10, 2023

Via: The Hacker News

Interpol has announced the takedown of a phishing-as-a-service (PhaaS) platform called 16Shop, in addition to the arrests of three individuals in Indonesia and Japan. 16Shop specialized in the sales of phishing kits that other cybercriminals can purchase to mount phishing […]


Cyber-crime, Phishing

Cybercriminals Increasingly Using EvilProxy Phishing Kit to Target Executives

August 10, 2023

Via: The Hacker News

Threat actors are increasingly using a phishing-as-a-service (PhaaS) toolkit dubbed EvilProxy to pull off account takeover attacks aimed at high-ranking executives at prominent companies. According to Proofpoint, an ongoing hybrid campaign has leveraged the service to target thousands of Microsoft […]


Cyber-crime, Phishing

Phishers Exploit Salesforce’s Email Services Zero-Day in Targeted Facebook Campaign

August 2, 2023

Via: The Hacker News

A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce’s email services, allowing threat actors to craft targeted phishing messages using the company’s domain and infrastructure. “Those phishing campaigns cleverly evade conventional detection methods by chaining […]


Cyber-crime, Phishing

BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities

July 28, 2023

Via: The Hacker News

The Russian nation-state actor known as BlueBravo has been observed targeting diplomatic entities throughout Eastern Europe with the goal of delivering a new backdoor called GraphicalProton, exemplifying the continuous evolution of the threat. The phishing campaign is characterized by the […]


Cyber-crime, Phishing

Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants

June 9, 2023

Via: The Hacker News

Banking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) attack, Microsoft has revealed. “The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks […]


Cyber warfare, Cyber-crime, Phishing

Trojan-Rigged Phishing Attacks Pepper China-Taiwan Conflict

May 18, 2023

Via: Dark Reading

Cyber espionage attacks against organizations in Taiwan have surged against the backdrop of recent political tensions, new research shows. Trellix this week cited a fourfold rise in malicious phishing emails targeting Taiwanese companies between April 7 and 10 of this […]


Cyber-crime, Phishing

Google Uncovers APT41’s Use of Open Source GC2 Tool to Target Media and Job Sites

April 17, 2023

Via: The Hacker News

A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google’s infrastructure for malicious ends. The tech giant’s Threat Analysis Group […]


Cyber-crime, Phishing

Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks

April 5, 2023

Via: The Hacker News

A North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea and the U.S. Google’s Threat Analysis Group (TAG) is tracking the cluster under the […]


Cyber warfare, Cyber-crime, Phishing

Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam

March 31, 2023

Via: The Hacker News

The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users. Two of the apprehended affiliates are believed to be organizers, […]


Cyber-crime, Phishing

How scammers employ IPFS for email phishing

March 27, 2023

Via: Securelist

The idea of creating Web 3.0 has been around since the end of 2000s. The new version of the world wide web should repair the weak points of Web 2.0., some of which are: featureless content, prevalence of proprietary solutions, […]


Cyber-crime, Phishing

7 guidelines for identifying and mitigating AI-enabled phishing campaigns

March 20, 2023

Via: CSO Online

The emergence of effective natural language processing tools such as ChatGPT means it’s time to begin understanding how to harden against AI-enabled cyberattacks. The natural language generation capabilities of large language models (LLMs) are a natural fit for one of […]


Cyber-crime, Phishing

AI is taking phishing attacks to a whole new level of sophistication

March 8, 2023

Via: Help Net Security

92% of organizations have fallen victim to successful phishing attacks in the last 12 months, while 91% of organizations have admitted to experiencing email data loss, according to Egress. Not surprisingly, 99% of cybersecurity leaders confess to being stressed about […]


Cyber-crime, Phishing

Major new crypto wallet phishing campaign targets Trezor users

March 2, 2023

Via: Tech Radar

A new phishing campaign hs been discovered targeting cryptocurrency hardware wallet firm Trezor. These wallets allow crypto users to store their funds offline, rather than in a “hot wallet” (a mobile or desktop app), or with a third party (an […]


Cyber-crime, Phishing

Know Your Enemy: Following a Seasoned Phisher’s Train of Thought

March 1, 2023

Via: SecureWorld

When it comes to cybersecurity, the use of automatic protection tools is half the battle. The human element plays an increasingly important role, as well, and for good reason. Scammers like to take shortcuts and know that it’s easier to […]


Cyber-crime, Phishing

Coinbase Employee Falls for SMS Scam in Cyber Attack, Limited Data Exposed

February 21, 2023

Via: The Hacker News

Popular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees. The company said its “cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer […]


Cyber-crime, Phishing

Spam and phishing in 2022

February 16, 2023

Via: Securelist

Figures of the year In 2022: 48.63% of all emails around the world and 52.78% of all emails in the Russian segment of the internet were spam As much as 29.82% of all spam emails originated in Russia Kaspersky Mail […]


Cyber-crime, Phishing

DHL, MetaMask phishing emails target Namecheap customers

February 13, 2023

Via: Help Net Security

A surge of phishing emails impersonating DHL and MetaMask have started hitting inboxes of Namecheap customers last week, attempting to trick recipients into sharing personal information or sharing their crypto wallet’s secret recovery phrase. How did it happen? According to […]


Cyber-crime, Phishing

Reddit Suffers Security Breach Exposing Internal Documents and Source Code

February 10, 2023

Via: The Hacker News

Popular social news aggregation platform Reddit has disclosed that it was the victim of a security incident that enabled unidentified threat actors to gain unauthorized access to internal documents, code, and some unspecified business systems. The company blamed it on […]