Krebs on Security

SEPTEMBER 16, 2020

authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges. million from 158 Poloniex users, and $1.17

Cryptocurrency 363

Cryptocurrency Phishing Accountability Cybercrime 363

eSecurity Planet

FEBRUARY 10, 2025

In a stark warning to organizations and everyday users alike, cybersecurity experts and government agencies have sounded the alarm over a new breed of Gmail-targeted phishing attacks. AI-Enhanced Cyberthreats Recent intelligence indicates that the sophistication of Gmail phishing campaigns has reached new heights.

Phishing 115

Phishing Artificial Intelligence Password Management Accountability 115

Krebs on Security

MARCH 31, 2020

A spear-phishing attack this week hooked a customer service employee at GoDaddy.com , the world’s largest domain name registrar, KrebsOnSecurity has learned. 49 (that domain is hobbled here because it is currently flagged as hosting a phishing site). It was starting to look like someone had gotten phished.

Phishing 351

Phishing DNS Social Engineering Accountability 351

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. government, which is frequently the target of phishing domains ending in.US. US phishing domains.US government overall, nor to the US public.”

Phishing 327

Phishing Telecommunications Government DNS 327

SecureWorld News

FEBRUARY 17, 2025

Cybersecurity governance has undergone a dramatic transformation over the past few decades. From its early days, where security was an afterthought to business operations, to the present, where it has become a board-level discussion, governance has had to adapt to an ever-evolving digital landscape.

Government 97

Government Cybersecurity CISO Risk 97

Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts.

Mobile 349

Mobile Accountability Data breaches Identity Theft 349

Joseph Steinberg

DECEMBER 1, 2020

Social media users’ delight at receiving notification that their accounts have qualified for Verification (that is, receiving the often-coveted “blue check mark” that appears on the social media profiles of public figures) has become the latest target of criminal exploitation.

Media 246

Media Accountability Phishing Scams 246

Tech Republic Security

JANUARY 19, 2022

A phishing campaign seen by email security provider Inky tries to trick its victims by inviting them to submit bids for alleged government projects.

Phishing 187

Phishing Accountability Government 187

eSecurity Planet

JUNE 9, 2025

An organised crime gang has stolen £47 million ($64 million) from the UK’s tax office by hacking into over 100,000 customer accounts and fraudulently claiming government payments. HMRC has already locked down affected accounts, removed incorrect information, and reset login details. billion in other attempted frauds last year.

Scams 86

Scams Phishing Password Management Accountability 86

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Government 137

Government Phishing Malware Banking 137

Krebs on Security

MAY 7, 2025

People who purchased fake certifications were subsequently blackmailed by Axact employees posing as government officials , who would demand additional payments under threats of prosecution or imprisonment for having bought fraudulent unauthorized academic degrees. The Google ads promoting quranmasteronline[.]com

Scams 286

Scams Marketing Advertising Technology 286

Security Affairs

SEPTEMBER 17, 2024

US DoJ charged a Chinese national who used spear-phishing emails to obtain sensitive info from NASA, the U.S. DoJ charged a Chinese national, Song Wu (39), who used spear-phishing emails to target employees of NASA, the U.S. Air Force, Navy, Army, and the FAA. Air Force, Navy, Army, and the FAA.” “According to U.S.

Phishing 132

Phishing Government Identity Theft Engineering 132

SecureWorld News

FEBRUARY 25, 2025

Deepfake phishing, AI-generated malware, and automated spear-phishing campaigns are already on the rise. From the report: "Generative AI is being used to create highly convincing phishing emails, fake voices, and even deepfake videosmaking social engineering attacks more difficult to detect.

Cybersecurity 102

Cybersecurity Social Engineering Artificial Intelligence Cyber threats 102

Schneier on Security

MAY 30, 2025

That’s why meaningful behavioral change requires more than just a pause; it needs cognitive scaffolding and system designs that account for these dynamic interactions. Current phishing attacks have evolved from those older Nigerian scams filled with grammar mistakes and typos. It would guide them through a two-step process.

Cybersecurity 230

Cybersecurity Scams Security Awareness Phishing 230

Security Affairs

JUNE 19, 2025

With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. While many records overlap, the true number of exposed accounts is still unclear. The leaked datasets range from 16 million to 3.5

Data breaches 113

Data breaches Identity Theft Passwords Hacking 113

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. Strategic Cyber Warfare In geopolitical conflicts, access to Telegram accounts and devices could provide military and intelligence advantages, such as intercepting sensitive communications, and identifying informants. continues the announcement.

Government 144

Government Surveillance Hacking Mobile 144

The Last Watchdog

FEBRUARY 4, 2025

Identity security vendors have focused narrowly on securing corporate accounts, leaving organizations vulnerable to cybercriminals exploiting the broader identity exposures of employees, consumers, and suppliers. A shift to an identity-centric perspective is needed, particularly as the scope of identity exposures continues to grow. .

Cybercrime 124

Cybercrime Phishing Accountability Malware 124

Malwarebytes

MAY 27, 2025

They often arrive via phishing emails, malicious websites, or bundled with cracked software. Since one infected system can leak multiple credentials tied to different accounts and services, the number of victims is likely far smaller than the number of exposed credentials but still alarmingly high.

Identity Theft 145

Identity Theft Passwords Accountability Phishing 145

Malwarebytes

DECEMBER 5, 2024

The infrastructure that the US government relies to communicate on is made up of the same private sector systems that everybody else uses. Protect your social media accounts by using Malwarebytes Identity Theft Protection. Among the culprits are four major APT groups: Volt Typhoon, Salt Typhoon, Flax Typhoon, and Velvet Ant.

Encryption 139

Encryption Identity Theft Media Telecommunications 139

Digital Shadows

NOVEMBER 12, 2024

Top MITRE Technique: Spearphishing The construction sector is no stranger to phishing attacks, which topped the list of initial access techniques between October 1, 2023, and September 30, 2024. Phishing is favored by threat actors for its simplicity and effectiveness.

Ransomware 111

Ransomware Phishing Cyber threats Malware 111

The Last Watchdog

DECEMBER 18, 2024

Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. Promoting continuous learning in privacy tech, AI governance, and Zero Trust, alongside partnerships with educational institutions, helps build a skilled workforce to meet evolving regulatory demands.

Risk 173

Risk Threat Detection Technology Phishing 173

Security Affairs

DECEMBER 1, 2024

From generating deepfakes to enhancing phishing campaigns, GAI is evolving into a tool for large-scale cyber offenses GAI has captured the attention of researchers and investors for its transformative potential across industries. GAI is also a boon for attackers seeking financial gain.

Artificial Intelligence 132

Artificial Intelligence Phishing Cybercrime Media 132

Penetration Testing

MAY 13, 2025

A sophisticated phishing campaign has exploited compromised Indiana state government accounts to distribute fraudulent toll collection messages via The post GovDelivery Exploited in TxTag Toll Scam: Indiana Government Sender Account Hacked appeared first on Daily CyberSecurity.

Scams 86

Scams Government Accountability Hacking 86

Malwarebytes

JANUARY 27, 2025

Health insurance information: Details about primary, secondary, or other health plans/policies, insurance companies, member/group ID numbers, and Medicaid-Medicare-government payor ID numbers. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device cant be phished.

Data breaches 121

Data breaches Healthcare Insurance Passwords 121

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. Strengthening identity security Enforce phishing-resistant MFA for all privileged accounts.

Ransomware 113

Ransomware IoT Encryption Social Engineering 113

The Last Watchdog

MARCH 19, 2025

Holistic Identity: The New Cyber Battleground Organizations have traditionally focused on securing individual account credentials, but SpyClouds research indicates that cybercriminals have expanded their tactics beyond conventional account takeover. ” Additional Report Findings: 17.3

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113

Security Affairs

JUNE 21, 2022

Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. 1 – Example of Phishing Page Delivered by Azure Front Door (AFD).

Phishing 145

Phishing Accountability Hacking Scams 145

Security Affairs

JUNE 24, 2025

Russia-linked group APT28 uses Signal chats as an attack vector to phish Ukrainian officials with new malware strains. Russia-linked cyberespionage group APT28 is targeting Ukrainian government officials using Signal chats to deliver two new types of malware, tracked as BeardShell and SlimAgent.

Malware 84

Malware Encryption Phishing Hacking 84

Malwarebytes

NOVEMBER 4, 2024

A ransomware attack against the City of Columbus, Ohio—which drew public scrutiny following the city government’s attempt to silence a researcher who told the public about the attack—has received a little more detail from an unexpected source: The Attorney General for the state of Maine. Watch out for fake vendors. Take your time.

Data breaches 109

Data breaches Passwords Phishing Ransomware 109

Krebs on Security

FEBRUARY 14, 2020

Prompted by assurances that the government would one day afford Liberty Reserve users a chance to reclaim any funds seized as part of the takedown, KrebsOnSecurity filed a claim shortly thereafter to see if and when this process might take place. Attorney for the Southern District of New York — went unanswered.

Identity Theft 302

Identity Theft Government Scams Cybercrime 302

Krebs on Security

JULY 31, 2024

The reason lame domains are problematic is that a number of Web hosting and DNS providers allow users to claim control over a domain without accessing the true owner’s account at their DNS provider or registrar. Other attacks have used hijacked domains in targeted phishing attacks by creating lookalike subdomains. .”

DNS 337

DNS Phishing Internet Internet 337

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. Lured in by similar color schemes, company logos, and familiar layouts, victims log in to their account by entering their username and password.

Small Business 84

Small Business Cybersecurity Scams Passwords 84

SecureList

FEBRUARY 20, 2025

Kaspersky MDR customers by region Distribution of incidents by industry In 2024, the MDR team observed the highest number of incidents in the industrial (25.7%), financial (14.1%), and government (11.7%) sectors. in government, 17.8% User Execution and Phishing remain top threats. in IT, 18.3% in industrial, and 11.9%

Social Engineering 101

Social Engineering Phishing Government Threat Detection 101

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. domains as among the most prevalent in phishing attacks over the past year. US phishing domains.

Phishing 347

Phishing Telecommunications Malware Scams 347

The Hacker News

JUNE 13, 2024

Threat actors linked to North Korea have accounted for one-third of all the phishing activity targeting Brazil since 2020, as the country's emergence as an influential power has drawn the attention of cyber espionage groups.

Phishing 132

Phishing Financial Services Government Accountability 132

Krebs on Security

FEBRUARY 10, 2020

commercial and government interests. “Indeed, about 80 percent of our economic espionage prosecutions have implicated the Chinese government, and about 60 percent of all trade secret thefts cases in recent years involved some connection with China,” he said. “We answer this question all the time. .

Hacking 334

Hacking Identity Theft Government Phishing 334

Jane Frankland

MAY 16, 2025

From AI-generated voices to realistic websites and stolen accounts, scams today are slick, fast, and global. Here’s a breakdown of the most widespread and damaging scams today: Impersonation Scams (51% of fraud cases) where fraudsters pose as: Banks, HMRC, DVLA, or government agencies. Couriers (e.g., Royal Mail, DHL, FedEx).

Scams 130

Scams Password Management Passwords Banking 130