Troy Hunt

AUGUST 30, 2023

They'd observed a phishing campaign that had collected 68k credentials from unsuspecting victims and asked if HIBP may be used to help alert these individuals to their exposure. Last week I was contacted by CERT Poland. Data accumulated by the malicious activity spanned from October 2022 until just last week.

Phishing 339

Phishing Password Management Passwords Banking 339

Tech Republic Security

MAY 15, 2020

Spoofing government and health organizations, these templates help attackers create and customize their own phishing pages to exploit the COVID-19 pandemic, says Proofpoint.

Phishing 216

Phishing Government 216

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing 192

Phishing Passwords Internet Internet 192

Krebs on Security

NOVEMBER 4, 2021

Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. One of dozens of FedEx-themed phishing sites currently being advertised via SMS spam. ” Attempting to visit the domain in the phishing link — o001cfedeex[.]com

Phishing 311

Phishing Scams Mobile DNS 311

Krebs on Security

NOVEMBER 10, 2021

Smishing messages usually include a link to a site that spoofs a popular bank and tries to siphon personal information. “The person on the phone said they were from the fraud department and they needed to help her secure her account but needed information from her to make sure they were talking to the account owner and not the scammer.”

Banking 358

Banking Phishing Scams Accountability 358

Krebs on Security

AUGUST 4, 2023

One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. The file included in this phishing scam uses what’s known as a “right-to-left override” or RLO character.

Phishing 206

Phishing Scams Computers and Electronics Software 206

Tech Republic Security

JANUARY 25, 2024

Learn how to protect yourself and your sensitive information from phishing attacks by implementing multi-factor authentication.

Authentication 168

Authentication Phishing 168

The Hacker News

APRIL 11, 2024

A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors," Proofpoint said.

Phishing 121

Phishing 121

Schneier on Security

NOVEMBER 6, 2020

Research paper: Rick Wash, “ How Experts Detect Phishing Scam Emails “: Abstract: Phishing scam emails are emails that pretend to be something they are not in order to get the recipient of the email to undertake some action they normally would not.

Phishing 230

Phishing Scams Technology Risk 230

Krebs on Security

AUGUST 9, 2021

In late 2019, BriansClub changed its homepage to include doctored images of my Social Security and passport cards, credit report and mobile phone bill information. That was right after KrebsOnSecurity broke the news that someone had hacked BriansClub and siphoned information on 26 million stolen debit and credit accounts. com, vclub[.]cards,

Phishing 355

Phishing Cybercrime Accountability Advertising 355

Penetration Testing

FEBRUARY 28, 2024

Cisco Talos has discovered a highly targeted and persistent phishing campaign preying on users in Mexico.

Penetration Testing 113

Penetration Testing Phishing 113

Security Affairs

JANUARY 22, 2024

Adaptive phishing campaigns are emerging as an increasingly sophisticated threat in the cybersecurity landscape. The phenomenon This phenomenon represents an evolution of traditional phishing tactics, as attackers seek to overcome defenses using more personalized and targeted approaches.

Phishing 106

Phishing Education Social Engineering Media 106

Bleeping Computer

APRIL 25, 2024

County's Department of Health Services, the second-largest public health care system in the United States, disclosed a data breach after patients' personal and health information was exposed in a data breach resulting from a recent phishing attack impacting over two dozen employees. [.]

Phishing 113

Phishing Data breaches 113

Krebs on Security

MARCH 23, 2021

A phishing attack last week gave attackers access to email and files at the California State Controller’s Office (SCO), an agency responsible for handling more than $100 billion in public funds each year. And spear-phishing others that frequently interact with the SCO via email could land the bad guys even more access to state systems.

Phishing 284

Phishing Data breaches Accountability Technology 284

The Hacker News

MARCH 27, 2024

A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024.

Banking 126

Banking Phishing Malware 126

SecureWorld News

APRIL 1, 2024

A new Phishing-as-a-Service (PhaaS) threat called "darcula" is taking advantage of encrypted mobile messaging services to unleash a wave of sophisticated smishing attacks targeting organizations across more than 100 countries. If an executive's phone gets hacked, it will open a new gateway into highly valuable information," Savolainen said.

Phishing 100

Phishing Mobile Encryption Technology 100

Security Affairs

APRIL 18, 2024

An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost. An international law enforcement operation, codenamed Nebulae and coordinated by Europol, led to the disruption of LabHost, which is one of the world’s largest phishing-as-a-service platforms.

Phishing 97

Phishing Cybercrime Passwords Banking 97

The Hacker News

APRIL 4, 2024

An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector.

Phishing 114

Phishing Malware 114

Security Affairs

MAY 13, 2024

Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware. Phishing Reporting : Report phishing emails and other malicious cyber activities to relevant authorities like the FBI’s IC3 and the NJCCIC.

Phishing 100

Phishing Ransomware Security Awareness Authentication 100

Malwarebytes

DECEMBER 26, 2023

Phishing is the art of sending an email with the aim of getting users to open a malicious file or click on a link to then steal credentials. But most phishers aren’t very good, and the success rate is relatively low: In 2021, the average click rate for a phishing campaign was 17.8%. So how do you recognize AI phishing emails?

Phishing 122

Phishing Software Risk Cybersecurity 122

The Hacker News

NOVEMBER 21, 2023

Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and steganography.

Phishing 129

Phishing Software 129

Malwarebytes

SEPTEMBER 22, 2023

Some T-Mobile customers logged into their accounts on Wednesday to find another customer’s billing and account information showing on their online dashboards. It said a "temporary system glitch" had misplaced some subscriber account information, causing it to appear on other subscribers’ profile pages. So, stay tuned!

Mobile 114

Mobile Data breaches Accountability Passwords 114

Security Affairs

OCTOBER 12, 2023

This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Phishing can also be used as a precursor attack to drop malware.

Phishing 113

Phishing Scams Education Passwords 113

Bleeping Computer

JANUARY 11, 2024

Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack. [.]

Data breaches 118

Data breaches Phishing Accountability 118

Identity IQ

FEBRUARY 14, 2024

What Is Spear Phishing and How to Avoid It IdentityIQ Have you ever clicked a suspicious link or opened an unexpected attachment, only to realize it was a scam? The internet, brimming with information and opportunity, can also be dangerous. That’s where spear phishing comes in – a particularly cunning form of online deception.

Phishing 94

Phishing Identity Theft Social Engineering Scams 94

Identity IQ

FEBRUARY 8, 2024

How to Spot an Email Phishing Attempt at Work IdentityIQ In the modern workplace, technology is just as common as the typical morning cup of coffee. Among these ever-present threats is phishing, which is a deceptively simple yet effective method cybercriminals use to compromise both business and personal accounts. What Is Phishing?

Phishing 98

Phishing Scams Education Firewall 98

The Hacker News

MARCH 22, 2024

Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report published today.

Phishing 124

Phishing Cybersecurity 124

Security Affairs

APRIL 24, 2024

The individuals launched spear-phishing and malware attacks. Iranian cyber actors persist in targeting the United States through various malicious cyber activities, including ransomware attacks on critical infrastructure and spear phishing campaigns against individuals, companies, and government entities.

Government 89

Government Phishing Social Engineering Hacking 89

SecureList

SEPTEMBER 27, 2023

People use them to share information, promote various online resources, pay for their goodies, and pass verification. Unlike phishing links that are easy to check and block, QR code is a headache for security solutions. It will first identify the code’s location by the squares and then read the information encoded in the dots.

Phishing 107

Phishing Passwords Scams Accountability 107

SecureList

APRIL 5, 2023

They have become adept at using Telegram both for automating their activities and for providing various services — from selling phishing kits to helping with setting up custom phishing campaigns — to all willing to pay. ” Links to the channels are spread via YouTube, GitHub and phishing kits they make.

Phishing 115

Phishing Marketing Scams Accountability 115

Security Affairs

APRIL 18, 2024

carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S.

Phishing 104

Phishing Cybercrime Manufacturing Hacking 104

Identity IQ

FEBRUARY 7, 2023

What is Phishing? They learn new security measures quickly and find new ways to steal sensitive information. One of the most common techniques used to exploit web users is the phishing scam. This article will cover what phishing is, cybercriminals’ different approaches, and how to prevent yourself from becoming a victim.

Phishing 98

Phishing Identity Theft Scams Banking 98

The Hacker News

SEPTEMBER 12, 2023

A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and RedLine Clipper, to gather a wide range of information from compromised Windows machines. "A

Phishing 128

Phishing 128

Identity IQ

AUGUST 31, 2023

How to Identify and Avoid Holiday Phishing Scams IdentityIQ The holiday season brings joy, celebrations, and… a surge in online scams. While you’re shopping for gifts or booking flights, hackers are plotting to trick you into revealing your personal details and financial information. What Is a Phishing Scam? Their goal?

Scams 98

Scams Phishing Identity Theft Banking 98

Tech Republic Security

NOVEMBER 5, 2021

Impersonating an Amazon order notification, the attackers end up calling victims to try to obtain their credit card details, says Avanan.

Phishing 213

Phishing 213

Penetration Testing

MAY 7, 2024

Protecting private information and personal data has become a preference in today’s digital world. A random click on the Internet may lead to a URL... The post What is URL Phishing and How to Avoid It appeared first on Penetration Testing. Cybersecurity has become more compulsory than it ever was.

Phishing 55

Phishing Penetration Testing Internet Internet 55

Security Boulevard

APRIL 28, 2024

In episode 327 Tom, Scott, and Kevin discuss the findings from Mandiant’s M-Trends 2024 report, highlighting a significant rise in traditional vulnerability exploitation by attackers while observing a decline in phishing. Despite phishing’s decreased prevalence, it remains the second most popular method for gaining initial network access.

Phishing 72

Phishing Data privacy Passwords Technology 72