Top

Category: Phishing


Cyber-crime, Phishing

Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors

April 2, 2024

Via: The Hacker News

The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, […]


Cyber-crime, Phishing

Cyberespionage Campaign Targets Government, Energy Entities in India

March 28, 2024

Via: Security Week

As part of the campaign, tagged to as Operation FlightNight, phishing lures masquerading as an invitation letter from the Indian Air Force were sent to various Indian government entities, including agencies for electronic communications, IT governance, and national defense. The […]


Cyber-crime, Phishing

New York AG Sues Citibank for Poor Phishing Protections

January 30, 2024

Via: DataBreach Today

The New York attorney general sued the third-largest bank in the United States over its alleged failure to protect consumers from scammers and its refusal to make victims whole after online thieves have plundered their life savings. Manhattan-based Citibank, state […]


Cyber-crime, Phishing

Microsoft 365 users need to be on their guard — new phishing campaign could cause some serious damage, and it’s being offered for sale for barely nothing to lure new criminals in

January 29, 2024

Via: Tech Xplore

A new report from Trustwave cybersecurity researchers SpiderLabs has claimed hackers are increasingly turning to the Greatness phishing kit due to its advanced features, simplicity in use, and relatively low cost. Greatness was developed by a threat actor going by […]


Cyber-crime, Phishing

Five Eyes nations warn Moscow’s mates at the Star Blizzard gang have new phishing targets

December 8, 2023

Via: The Register

Russia-backed attackers have named new targets for their ongoing phishing campaigns, with defense-industrial firms and energy facilities now in their sights, according to agencies of the Five Eyes alliance. In a joint security alert issued on Thursday, seven agencies* from […]


Cyber-crime, Phishing

Ingenious Phishing Tactics in the Modern Scammer’s Toolbox

October 30, 2023

Via: SecureWorld

When it comes to impactful types of internet-borne crime, phishing is the name of the game. And for good reason. It serves as a vessel for various strains of malware, including ransomware, and underlies data-stealing campaigns that target large organizations […]


Cyber-crime, Phishing

W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts

September 6, 2023

Via: The Hacker News

A previously undocumented “phishing empire” has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years. “The threat actor created a hidden underground market, named W3LL Store, that served a closed community […]


Cyber-crime, Malware, Phishing

New SuperBear Trojan Emerges in Targeted Phishing Attack on South Korean Activists

September 1, 2023

Via: The Hacker News

A new phishing attack likely targeting civil society groups in South Korea has led to the discovery of a novel remote access trojan called SuperBear. The intrusion singled out an unnamed activist, who was contacted in late August 2023 and […]


Cyber-crime, Phishing

Interpol Busts Phishing-as-a-Service Platform ’16Shop,’ Leading to 3 Arrests

August 10, 2023

Via: The Hacker News

Interpol has announced the takedown of a phishing-as-a-service (PhaaS) platform called 16Shop, in addition to the arrests of three individuals in Indonesia and Japan. 16Shop specialized in the sales of phishing kits that other cybercriminals can purchase to mount phishing […]


Cyber-crime, Phishing

Cybercriminals Increasingly Using EvilProxy Phishing Kit to Target Executives

August 10, 2023

Via: The Hacker News

Threat actors are increasingly using a phishing-as-a-service (PhaaS) toolkit dubbed EvilProxy to pull off account takeover attacks aimed at high-ranking executives at prominent companies. According to Proofpoint, an ongoing hybrid campaign has leveraged the service to target thousands of Microsoft […]


Cyber-crime, Phishing

Phishers Exploit Salesforce’s Email Services Zero-Day in Targeted Facebook Campaign

August 2, 2023

Via: The Hacker News

A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce’s email services, allowing threat actors to craft targeted phishing messages using the company’s domain and infrastructure. “Those phishing campaigns cleverly evade conventional detection methods by chaining […]


Cyber-crime, Phishing

BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities

July 28, 2023

Via: The Hacker News

The Russian nation-state actor known as BlueBravo has been observed targeting diplomatic entities throughout Eastern Europe with the goal of delivering a new backdoor called GraphicalProton, exemplifying the continuous evolution of the threat. The phishing campaign is characterized by the […]


Cyber-crime, Phishing

Microsoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial Giants

June 9, 2023

Via: The Hacker News

Banking and financial services organizations are the targets of a new multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) attack, Microsoft has revealed. “The attack originated from a compromised trusted vendor and transitioned into a series of AiTM attacks […]


Cyber warfare, Cyber-crime, Phishing

Trojan-Rigged Phishing Attacks Pepper China-Taiwan Conflict

May 18, 2023

Via: Dark Reading

Cyber espionage attacks against organizations in Taiwan have surged against the backdrop of recent political tensions, new research shows. Trellix this week cited a fourfold rise in malicious phishing emails targeting Taiwanese companies between April 7 and 10 of this […]


Cyber-crime, Phishing

Google Uncovers APT41’s Use of Open Source GC2 Tool to Target Media and Job Sites

April 17, 2023

Via: The Hacker News

A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google’s infrastructure for malicious ends. The tech giant’s Threat Analysis Group […]


Cyber-crime, Phishing

Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks

April 5, 2023

Via: The Hacker News

A North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea and the U.S. Google’s Threat Analysis Group (TAG) is tracking the cluster under the […]


Cyber warfare, Cyber-crime, Phishing

Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam

March 31, 2023

Via: The Hacker News

The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users. Two of the apprehended affiliates are believed to be organizers, […]


Cyber-crime, Phishing

How scammers employ IPFS for email phishing

March 27, 2023

Via: Securelist

The idea of creating Web 3.0 has been around since the end of 2000s. The new version of the world wide web should repair the weak points of Web 2.0., some of which are: featureless content, prevalence of proprietary solutions, […]


Cyber-crime, Phishing

7 guidelines for identifying and mitigating AI-enabled phishing campaigns

March 20, 2023

Via: CSO Online

The emergence of effective natural language processing tools such as ChatGPT means it’s time to begin understanding how to harden against AI-enabled cyberattacks. The natural language generation capabilities of large language models (LLMs) are a natural fit for one of […]


Cyber-crime, Phishing

AI is taking phishing attacks to a whole new level of sophistication

March 8, 2023

Via: Help Net Security

92% of organizations have fallen victim to successful phishing attacks in the last 12 months, while 91% of organizations have admitted to experiencing email data loss, according to Egress. Not surprisingly, 99% of cybersecurity leaders confess to being stressed about […]