Krebs on Security

MAY 22, 2019

Some of the most convincing email phishing and malware attacks come disguised as nastygrams from a law firm. Our {legal team | legal council | legal departement} has prepared a document explaining the {litigation | legal dispute | legal contset}. Please download and read the attached encrypted document carefully.

Phishing 280

Phishing Antivirus Scams Malware 280

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses.

Phishing 108

Phishing Identity Theft Cryptocurrency Cybercrime 108

Malwarebytes

JANUARY 17, 2025

Once a relationship had been established, the target would receive a phishing link or a document that contained a phishing link. How to stay safe These spear phishing campaigns are highly targeted and youll probably never see an invite to this group. Always hover over links before clicking them.

Phishing 141

Phishing Accountability Mobile Risk 141

SecureList

APRIL 21, 2025

With each passing year, phishing attacks feature more and more elaborate techniques designed to trick users and evade security measures. However, attackers are exploiting this by embedding scripts with links to phishing pages within the image file. Sample SVG file with embedded HTML code.

Phishing 95

Phishing Software 95

The Hacker News

MAY 14, 2025

Cybersecurity researchers have discovered a new phishing campaign that's being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina.

Phishing 89

Phishing Malware Cybersecurity 89

SecureWorld News

APRIL 28, 2025

The phishing game has evolved into synthetic sabotage a hybrid form of social engineering powered by AI that can personalize, localize, and scale attacks with unnerving precision. The quiet revolution of phishing-as-a-service (PhaaS) If you haven't noticed by now, phishing has gone SaaS. For phishing, this is a gold mine.

Phishing 103

Phishing Social Engineering Engineering Data breaches 103

Tech Republic Security

FEBRUARY 1, 2023

A new phishing campaign abuses OneNote documents to infect computers with the infamous AsyncRAT malware, targeting users in the U.K., The post OneNote documents spread malware in several countries appeared first on TechRepublic. Canada and the U.S.

Malware 174

Malware Phishing Ransomware 174

Krebs on Security

DECEMBER 18, 2024

But when the thieves tried to move $100,000 worth of cryptocurrency out of his account, Coinbase sent an email stating that the account had been locked, and that he would have to submit additional verification documents before he could do anything with it. I put my seed phrase into a phishing site, and that was it.”

Cryptocurrency 363

Cryptocurrency Accountability Authentication Phishing 363

The Hacker News

MARCH 19, 2024

Threat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet for carrying out phishing, credential harvesting, and session token theft, once again underscoring how threat actors are repurposing legitimate services for malicious ends.

Phishing 131

Phishing 131

Krebs on Security

AUGUST 4, 2023

One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. The file included in this phishing scam uses what’s known as a “right-to-left override” or RLO character.

Phishing 246

Phishing Scams Computers and Electronics Software 246

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. 16Shop documentation instructing operators on how to deploy the kit. Image: Akamai.com. Image: Akamai. Image: ZeroFox.

Phishing 243

Phishing Passwords Hacking Internet 243

Joseph Steinberg

DECEMBER 1, 2020

As such, scammers sending bogus Verification messages request that recipients do the same, and exploit the fact that so many people both expect to be asked for copies of such documents as part of the Verification process, and are willing to share such documents in order to become Verified.

Media 246

Media Accountability Phishing Scams 246

Krebs on Security

APRIL 30, 2025

Buchanan was arrested in Spain last year on a warrant from the FBI, which wanted him in connection with a series of SMS-based phishing attacks in the summer of 2022 that led to intrusions at Twilio, LastPass, DoorDash, Mailchimp, and many other tech firms. A Scattered Spider/0Ktapus SMS phishing lure sent to Twilio employees in 2022.

Identity Theft 197

Identity Theft Phishing Cryptocurrency Cybercrime 197

Security Boulevard

FEBRUARY 2, 2025

Attackers are capitalizing on public interest in these historical documents to launch potential malware campaigns, phishing schemes, and exploit attempts. The post Hackers Hijack JFK File Release: Malware & Phishing Surge appeared first on Security Boulevard.

Phishing 72

Phishing Malware Cyber threats 72

Malwarebytes

APRIL 30, 2025

Your document is now ready for download: Please download the attachment and follow the provided instructions. NOTE: Statements & Documents are only compatible with PC/Windows systems. This includes running scripts, executing commands, transferring files, and even installing malwareall potentially without you realizing.

Computers and Electronics 144

Computers and Electronics Identity Theft Phishing Banking 144

Security Affairs

MAY 1, 2025

Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6.

Malware 98

Malware Phishing Telecommunications Retail 98

Security Affairs

NOVEMBER 11, 2024

Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a new variant of the Remcos RAT. Threat actors use Remcos to steal sensitive information and control victims’ computers for malicious activities.

Phishing 138

Phishing Malware Banking Encryption 138

Malwarebytes

APRIL 8, 2025

Brand impersonation: from Google ad to phishing page Accounting and tax preparation software has traditionally been a common lure for scammers, particularly those related to online support operating out of large call centres in India and surrounding areas.

Phishing 84

Phishing Scams Accountability Passwords 84

Malwarebytes

MARCH 4, 2025

PayPal scammers are using an old Docusign trick to enhance the trustworthiness of their phishing emails. Also, it seems weird that Docusign has been used to send a document that doesnt require a signature. If you get an error message, that means the document was removed or never even existed. It doesnt even exist. What can I do?

Scams 139

Scams Accountability Phishing Banking 139

Malwarebytes

APRIL 3, 2025

Recently weve been seeing quite a few phishing campaigns using QR codes in email attachments. The lure and the targets are varied, but the use of a QR code to get someone to visit the phishing site is fast becoming a preferred method for cybercriminals. DocuSign , Adobe), which increases the perceived legitimacy of the phish.

Phishing 141

Phishing Banking Mobile Accountability 141

The Hacker News

MAY 26, 2025

The Russia-aligned threat actor known as TAG-110 has been observed conducting a spear-phishing campaign targeting Tajikistan using macro-enabled Word templates as an initial payload. The attack chain is a departure from the threat actor's previously documented use of an HTML Application (.HTA)

Government 114

Government Phishing 114

Security Affairs

NOVEMBER 24, 2023

North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware. FortiGuard Labs researchers observed the North Korea-linked Konni APT group using a weaponized Russian-language Word document in an ongoing phishing campaign. The Word document seems to be in the Russian language.

Encryption 141

Encryption Malware Phishing Hacking 141

Krebs on Security

FEBRUARY 3, 2022

This search via Urlscan reveals dozens of recent phishing attacks that have leveraged the Slinks feature. 31 that uses Linkedin.com links to redirect anyone who clicks to a site that spoofs Adobe , and then prompts users to log in to their Microsoft email account to view a shared document. Here’s one example from Jan.

Phishing 359

Phishing Marketing Scams Accountability 359

Malwarebytes

APRIL 22, 2025

Recently I was targeted by an extremely sophisticated phishing attack, and I want to highlight it here. Attackers increasingly use Google Sites to host phishing pages because the domain appears trustworthy to most users and can bypass many security filters. Forward the message untouched which keeps the DKIM signature valid.

Risk 145

Risk Accountability Scams Phishing 145

Schneier on Security

MAY 30, 2025

And third, using flawed mental shortcuts, like believing PDFs to be safer than Microsoft Word documents, or that mobile devices are safer than computers for opening suspicious emails. Current phishing attacks have evolved from those older Nigerian scams filled with grammar mistakes and typos. This is all hard.

Cybersecurity 227

Cybersecurity Scams Security Awareness Phishing 227

Security Affairs

NOVEMBER 7, 2024

The initial attack vector is a phishing email containing a link to a malicious application disguised as a link to a PDF document relating to a cryptocurrency topic such as “Hidden Risk Behind New Surge of Bitcoin Price”, “Altcoin Season 2.0-The The attackers exploit a unique, novel persistence method via the zshenv configuration file.

Malware 134

Malware Risk Architecture Cryptocurrency 134

Krebs on Security

AUGUST 14, 2020

The “RCM” portion of its name refers to “revenue cycle management,” an industry which tracks profits throughout the life cycle of each patient, including patient registration, insurance and benefit verification, medical treatment documentation, and bill preparation and collection from patients.

Ransomware 363

Ransomware Healthcare Insurance Phishing 363

SecureList

MARCH 10, 2025

Infection flow The attacker sends spear-phishing emails with a DOCX file attached. The document uses the remote template injection technique to download an RTF file stored on a remote server controlled by the attacker. The documents used various themes to deceive victims into believing they are legitimate. pro document-viewer[.]info

Energy and Utilities 120

Energy and Utilities Malware Government Phishing 120

Schneier on Security

FEBRUARY 28, 2020

It's challenging to tell the difference between legitimate documents in all their infinite variations and those that have specifically been manipulated to conceal something dangerous. Google says that 63 percent of the malicious documents it blocks each day are different than the ones its systems flagged the day before.

Phishing 354

Phishing Malware 354

Security Affairs

MARCH 31, 2025

Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Armageddon , Primitive Bear , ACTINIUM , Callisto ) targets Ukraine with a phishing campaign. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a.

Phishing 125

Phishing Antivirus Encryption Hacking 125

Malwarebytes

MAY 27, 2025

They often arrive via phishing emails, malicious websites, or bundled with cracked software. The stolen credentials fuel credential stuffing attacks (where an attacker uses reused logins stolen from one service to access another), account takeovers, identity theft, corporate espionage, and targeted phishing campaigns.

Identity Theft 145

Identity Theft Passwords Accountability Phishing 145

The Hacker News

MARCH 17, 2024

The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America.

Phishing 140

Phishing Government 140

Security Affairs

JULY 30, 2024

The domains and documents employed in the campaign as part of the first stage of the attack suggest threat actors are targeting of Pakistan, Egypt and Sri Lanka. In recent campaign, the threat actors used meticulously crafted documents that appear to be legitimate and familiar to the target.

Phishing 133

Phishing Malware Hacking Information Security 133

The Hacker News

FEBRUARY 28, 2025

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow's content delivery network (CDN) to deliver the Lumma stealer malware.

Phishing 129

Phishing Malware Cybersecurity 129

Security Affairs

JULY 30, 2024

Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a sophisticated phishing campaign targeting Microsoft OneDrive users. ” reads the report published by Trellix.

Phishing 145

Phishing DNS Social Engineering Engineering 145

Penetration Testing

AUGUST 29, 2024

Fortinet’s FortiGuard Labs has unearthed a new variant of the notorious Snake Keylogger, delivered through a malicious Excel document in a phishing campaign. This keylogger, also known as “404 Keylogger”... The post New Snake Keylogger Variant Slithers Into Phishing Campaigns appeared first on Cybersecurity News.

Phishing 116

Phishing Cybersecurity Malware 116

SecureList

MAY 15, 2025

The main categories of threats from the internet are denylisted internet resources, malicious scripts and phishing pages. The main categories of threats spreading via email are malicious documents, spyware, malicious scripts and phishing pages. times more than in the previous quarter) and malicious documents (1.1

Spyware 91

Spyware Phishing Internet Internet 91