Media, Password Management and Phishing

Phishing evolves beyond email to become latest Android app threat

Malwarebytes

FEBRUARY 11, 2025

There are plenty of phish in the sea, and the latest ones have little interest in your email inbox. In 2024, Malwarebytes detected more than 22,800 phishing apps on Android, according to the recent 2025 State of Malware report. These Android phishing apps may sound high-tech, but they are not.

Phishing

Phishing Passwords Authentication Mobile

68k Phishing Victims are Now Searchable in Have I Been Pwned, Courtesy of CERT Poland

Troy Hunt

AUGUST 30, 2023

They'd observed a phishing campaign that had collected 68k credentials from unsuspecting victims and asked if HIBP may be used to help alert these individuals to their exposure. Last week I was contacted by CERT Poland. Data accumulated by the malicious activity spanned from October 2022 until just last week.

Phishing

Phishing Password Management Passwords Banking

Fake Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware

Malwarebytes

MARCH 26, 2025

A new phishing campaign that uses the fake CAPTCHA websites we reported about recently is targeting hotel staff in a likely attempt to access customer data, according to research from ThreatDown. Our free Digital Footprint scan searches the dark web, social media, and other online sources, to tell you where your data has been exposed.

Phishing

Phishing Malware Passwords Password Management

Billions of logins for Apple, Google, Facebook, Telegram, and more found exposed online

Malwarebytes

JUNE 19, 2025

Take the 184 million logins for social media accounts we reported about recently. But that doesn’t take away from the fact that these credentials are in the hands of cybercriminals who can use them for: Account takeovers : Cybercriminals can use stolen credentials to hijack social media, banking, or corporate accounts.

Identity Theft

Identity Theft Passwords Phishing Accountability

Level Up Your Security: Embrace Passkeys and Phishing-Resistant 2FA

Thales Cloud Protection & Licensing

JANUARY 31, 2025

Level Up Your Security: Embrace Passkeys and Phishing-Resistant 2FA andrew.gertz@t Fri, 01/31/2025 - 15:17 Celebrate Change Your Password Day and 2FA Day by embracing passkeys and phishing-resistant 2FA. Redefining Change Your Password Day Well start with Change Your Password Day because, frankly, its a little complicated.

Phishing

Phishing Passwords Password Management Authentication

The 3 biggest cybersecurity threats to small businesses

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In reality, those usernames and passwords are delivered directly to cybercriminals on the other side of the website.

Small Business

Small Business Cybersecurity Scams Passwords

As Seen on Channel 5’s Vanessa (Feltz) Show: What to Do if You’re Targeted by a Scam

Jane Frankland

MAY 16, 2025

Shopping Scams Fake online shops, social media ads, or marketplace listings. MFA Bypass Methods: SIM swaps, malware, or phishing sites that trick you into revealing or approving access. Auto-fill Exploits: A small but critical sign when your password manager doesnt autofill it might be a scam site.

Scams

Scams Password Management Passwords Banking

How to enhance the security of your social media accounts

Pen Test Partners

AUGUST 29, 2024

TL;DR Strong passwords : Use a password manager. This makes it harder for unauthorised users to gain access even if they have your password. Phishing awareness : Stay alert to phishing attempts by scrutinising emails and messages that request personal information or direct you to suspicious websites.

Media

Media Accountability Password Management Passwords

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

Common attacks to consumer protection Identity theft and fraud Some common types of identity theft and fraud include account takeover fraud , when criminals use stolen personal information such as account numbers, usernames, or passwords to hijack bank accounts, credit cards, and even email and social media accounts.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it

Malwarebytes

MAY 16, 2024

A type of phishing we’re calling authentication-in-the-middle is showing up in online media. It works like this: A user gets lured to a phishing site masquerading as a site they normally use, such as a bank, email or social media account. Use a password manager. Use security software.

Authentication

Authentication Phishing Password Management Scams

AI-enabled phishing attacks on consumers: How to detect and protect

Webroot

MAY 5, 2025

Phishing attacks are a significant threat to consumers, with cybercriminals constantly evolving their tactics to deceive unsuspecting individuals. The integration of artificial intelligence (AI) into phishing schemes has made these attacks even more sophisticated and challenging to detect. How AI enhances phishing attacks 1.

Phishing

Phishing Antivirus Education Artificial Intelligence

City of Columbus breach affects around half a million citizens

Malwarebytes

NOVEMBER 4, 2024

Later, a security researcher disclosed information about the content of the stolen data with the media. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you. Some forms of two-factor authentication (2FA) can be phished just as easily as a password.

Data breaches

Data breaches Passwords Ransomware Phishing

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

0KTAPUS In August 2022, KrebsOnSecurity wrote about peering inside the data harvested in a months-long cybercrime campaign by Scattered Spider involving countless SMS-based phishing attacks against employees at major corporations. A Scattered Spider phishing lure sent to Twilio employees.

Hacking

Hacking Cybercrime Phishing Passwords

BayMark Health Services sends breach notifications after ransomware attack

Malwarebytes

JANUARY 10, 2025

But they chose the path of destroying their reputation, publishing sensitive data and publicizing it in the media. Choose a strong password that you dont use for anything else. Better yet, let a password manager choose one for you. Some forms of two-factor authentication (2FA) can be phished just as easily as a password.

Ransomware

Ransomware Data breaches Passwords Phishing

Digital life protection: How Webroot keeps you safe in a constantly changing world

Webroot

FEBRUARY 21, 2025

Phishing scams, ransomware attacks, data breaches, and identity theft are part of a growing list of online dangers that are a daily reality. Password Manager Ensures your passwords are strong and secure, while also making them easy to access and manage. Anti-phishing protection Shields you from phishing attempts.

Antivirus

Antivirus Identity Theft Cyber threats Phishing

How social media mistakes can impact cybersecurity

Malwarebytes

OCTOBER 26, 2021

Users of social media and Facebook in particular tend to forget how many people can see the “public” part of their profile and posts. Social media and scams. Social media is a perfect way for scammers to reach a lot of people, and we often see them using this to round up victims. Letting browsers save their passwords.

Media

Media Cybersecurity Advertising Passwords

10 Behaviors That Will Reduce Your Risk Online

Daniel Miessler

MAY 14, 2020

Use unique, strong passwords, and store them in a password manager. Many people get hacked from having guessable or previously compromised passwords. Good passwords are long, random, and unique to each account, which means it’s impossible for a human to manage them on their own.

Risk

Risk Password Management Passwords Accountability

Sperm bank breach deposits data into hands of cybercriminals

Malwarebytes

MARCH 19, 2025

The Breach Notification Rule requires the provision of a notification to affected individuals, the Secretary of Health and Human Services, and, in certain circumstances, to the media, in the event of a breach of unsecured PHI. Choose a strong password that you dont use for anything else. Enable two-factor authentication (2FA).

Banking

Banking Data breaches Computers and Electronics Insurance

16 billion passwords leaked across Apple, Google, more: What to know and how to protect yourself

Zero Day

JUNE 22, 2025

In the headline for a recent story published by Cybernews , the cybersecurity media outlet said that 16 billion passwords were exposed in a record-breaking data breach, opening access to Facebook, Google, Apple, and any other service imaginable. Take the latest report of a major breach. Sounds scary, right?

Passwords

Passwords Data breaches Password Management Accountability

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Zero Day

JUNE 20, 2025

In the headline for a recent story published by Cybernews , the cybersecurity media outlet said that 16 billion passwords were exposed in a record-breaking data breach, opening access to Facebook, Google, Apple, and any other service imaginable. Take the latest report of a major breach. Sounds scary, right?

Passwords

Passwords Data breaches Password Management Identity Theft

Drained Wallets: How to Protect Your Assets From Advanced Phishing Scams

IT Security Guru

APRIL 25, 2025

Phishing is a great example of this, with it evolving from simple email scams to more malicious and carefully thought-out attacks. As more people shift to online financial platforms or cryptocurrencies, digital wallets have become a common target for phishing scams.

Scams

Scams Phishing Cryptocurrency Cyber threats

Qantas: Breach affects 6 million people, “significant” amount of data likely taken

Malwarebytes

JULY 2, 2025

But it’s noteable that this weekend the FBI put out a warning on social media about ransomware attacks targeting airlines. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you. 2FA that relies on a FIDO2 device can’t be phished. Take your time.

Social Engineering

Social Engineering Cyber Risk Data breaches Passwords

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

” Group-IB dubbed the gang by a different name — 0ktapus — which was a nod to how the criminal group phished employees for credentials. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. On July 28 and again on Aug. According to an Aug.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

Your Android phone just got a big upgrade for free - these Pixel models included

Zero Day

JUNE 17, 2025

It protects your device from a variety of attacks, including scam calls, harmful apps, unsafe websites, phishing attempts, malicious links, and more.

Password Management

Password Management Small Business Artificial Intelligence Software

Facebook's new passkey support could let you ditch your password once and for all

Zero Day

JUNE 19, 2025

PT NurPhoto / Contributor/Getty For all of us who hate passwords, passkeys represent a simpler and safer way of authenticating online accounts. But adoption has been slow, with many companies and websites still relying on passwords. Now the world's biggest social media platform is jumping on the bandwagon.

Passwords

Passwords Password Management Small Business Mobile

5 things to teach your kids about social media

Malwarebytes

SEPTEMBER 21, 2022

With children now back at school, it’s time to think about social media, and their use of it. Now is the time to consider giving your kids some security and privacy tips for all their social media needs. Tales of empty houses being broadcast to the world at large on social media may not end well. The value of anonymity.

Media

Media Scams Accountability Advertising

Strengthen your digital defenses on World Password Day

Webroot

APRIL 30, 2025

Lets explore password-based attacks, and some steps you can take to lock down your logins, once and for all. Threats to your passwords Managing all your passwords can be a hassle. Theyre easy to forget and hard to keep track of, so people tend to use and reuse simple passwords they can remember. Did you know?

Passwords

Passwords Password Management Accountability Malware

Personal data of 1.3 million Clubhouse users leaked online

Security Affairs

APRIL 11, 2021

Leak data could be abused by threat actors to carry out malicious activities, such as phishing/spear-phishing attacks, identity theft, and scams. With that said, even a profile name, with connections to the user’s other social media profiles identified and established, can be enough for a competent cybercriminal to cause real damage.”

Identity Theft

Identity Theft Phishing Password Management Media

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

That’s a crazy long time for an independent media outlet these days, but then again I’m bound to keep doing this as long as they keep letting me. Tank, seen here performing as a DJ in Ukraine in an undated photo from social media. KrebsOnSecurity turns 13 years old today.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

How to Use A Password Manager: Setup, Benefits & Best Practices in 2024

eSecurity Planet

SEPTEMBER 6, 2024

We need secure and unique passwords to use business applications , access e-mail, and social media securely, and even watch movies on a streaming service. Password managers take some strain from generating, associating, and remembering those passwords. Table of Contents Toggle What Is a Password Manager?

Password Management

Password Management Passwords Accountability Social Engineering

5 Signs a Cyberattack Is Under Way and 5 Things You Need to Do Before It Happens

Adam Levin

FEBRUARY 10, 2020

More Phishing Attacks. Phishing may seem like an ordinary part of online life, but it could also be the initial volley in a major cyberattack. Phishing here is shorthand for the Pantheon of Ishings: generic, spearphishing (personalized), vishing (phone based), and SMishing (text based). Consider using a password manager.

Passwords

Passwords Phishing Password Management Accountability

News alert: SquareX shows how Google’s MV3 standard falls short, putting millions at risk

The Last Watchdog

OCTOBER 3, 2024

The extensions are capable of hooking into login events to redirect users to a page disguised as a password manager login. Media contact: Junice Liew, Head of PR, SquareX, junice@sqrx.com The post News alert: SquareX shows how Google’s MV3 standard falls short, putting millions at risk first appeared on The Last Watchdog.

Risk

Risk Password Management Malware Media

Macs targeted by info stealers in new era of cyberthreats

Malwarebytes

FEBRUARY 19, 2025

With stolen passwords, the impact is even broader; hackers could wire funds from a breached online banking account into their own, or masquerade as someone on social media to ask friends and family for money. With stolen credit card details, hackers can attempt fraudulent purchases online.

Malware

Malware Software Passwords Cryptocurrency

Hackers take over 1.1 million accounts by trying reused passwords

Malwarebytes

JANUARY 6, 2022

Credential stuffing is the automated injection of stolen username and password pairs in to website login forms, in order to fraudulently gain access to user accounts. Using a forum or social media account to send phishing messages or spam. Start using a password manager.

Passwords

Passwords Accountability Identity Theft Password Management

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

The Last Watchdog

OCTOBER 24, 2022

Employees are the first line of defense against cybercrime and should understand how to recognize phishing emails and what to do if they suspect them. One of the best ways to increase employee security awareness is to provide frequent training and communication about the risks of phishing and other cyberattacks.

Security Awareness

Security Awareness Passwords Data breaches Cybersecurity

How Most Cyber Attacks Begin: The Hidden Dangers of Credential-Based Threats

Hacker's King

MAY 24, 2025

Credential-based attacks include usernames, passwords, and tokens. In simpler terms, phishing scams, brute force attacks, and MFA bypass techniques. Phishing attacks Phishing so far makes for the most dangerous aspect of cybersecurity. Recently, phishing scams have expanded and come out of emails.

Cyber Attacks

Cyber Attacks Passwords Education Phishing

Tips to make your summer travels cyber safe

Webroot

JUNE 17, 2025

Phishing scams: Phishing scams that target travel-related platforms are on the rise. In 2024, the travel website booking.com reported a 500%-900% increase in travel-related phishing scams. Other features include Wi-Fi security monitoring, secure browsing, and password management. Looking for more information?

VPN

VPN Scams Computers and Electronics Phishing

The danger of data breaches — what you really need to know

Webroot

APRIL 22, 2025

Phishing and social engineering : Using your personal information, scammers can craft more convincing phishing emails or messages to trick you into giving up even more sensitive details, like passwords and PIN numbers. Use strong, unique passwords: Strong, unique passwords are a simple, yet powerful security tool.

Data breaches

Data breaches Identity Theft Passwords eCommerce

A 3-Tiered Approach to Securing Your Home Network

Daniel Miessler

MAY 8, 2020

Most home networks get broken into through either phishing or some random device they have with a bad password. It’s usually a password that was never configured or never changed from the default. Use a password manager to make and store good passwords that are different for every account/device.

Passwords

Passwords DNS Accountability IoT

How to Take Control of Your Online Presence

Security Through Education

MARCH 18, 2025

Social media provides us with a fast, efficient, and exciting way to share our interests and experiences with our friends, but who outside of our sphere REALLY needs to know all this information about us? Unfortunately, this can put us at risk for spear phishing attacks, identity theft , and other forms of data compromise.

Accountability

Accountability Social Engineering Media Password Management

Cybersecurity Tips to Avoid Fouls During March Madness

SecureWorld News

MARCH 21, 2024

"March Madness is a prime opportunity for cybercriminals to deploy phishing lures, malicious apps, and social engineering tactics," warns Krishna Vishnubhotla, VP of Product Strategy at mobile security firm Zimperium. The emotional investment and spike in online activity create a perfect storm that organizations need to protect against."

Cybersecurity

Cybersecurity Social Engineering Phishing Mobile

Instagram Hacked: Steps to Prevent Data Breaches

Hacker's King

DECEMBER 28, 2024

Instagram is a top social media platform with over 2 billion active users, making it a prime target for hackers. Using the same password across multiple platforms increases your risk of a data breach. Consider using a password manager to securely store and manage unique passwords for each of your accounts.

Data breaches

Data breaches Hacking Passwords Accountability

8 Ways to Protect Yourself against Scams on Black Friday and Cyber Monday

Adam Levin

NOVEMBER 23, 2020

If you’re planning to skip in-store holiday shopping, or if your state is already in lockdown, it’s important to be on the lookout for the online scams that will undoubtedly show up in people’s email, texts and social media feeds. Here are eight ways you can make your holiday season safer: 1. Still, it’s important to be wary. Bottom line.

Scams

Scams Banking Retail Consumer Protection

Your Android phone just got a major feature upgrade for free - including these Pixel models

Zero Day

JUNE 13, 2025

It protects your device from a variety of attacks, including scam calls, harmful apps, unsafe websites, phishing attempts, malicious links, and more.

Password Management

Password Management Small Business Artificial Intelligence Software

Phishing evolves beyond email to become latest Android app threat

68k Phishing Victims are Now Searchable in Have I Been Pwned, Courtesy of CERT Poland

Trending Sources

Fake Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware

Billions of logins for Apple, Google, Facebook, Telegram, and more found exposed online

Level Up Your Security: Embrace Passkeys and Phishing-Resistant 2FA

The 3 biggest cybersecurity threats to small businesses

As Seen on Channel 5’s Vanessa (Feltz) Show: What to Do if You’re Targeted by a Scam

How to enhance the security of your social media accounts

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it

AI-enabled phishing attacks on consumers: How to detect and protect

City of Columbus breach affects around half a million citizens

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

BayMark Health Services sends breach notifications after ransomware attack

Digital life protection: How Webroot keeps you safe in a constantly changing world

How social media mistakes can impact cybersecurity

10 Behaviors That Will Reduce Your Risk Online

Sperm bank breach deposits data into hands of cybercriminals

16 billion passwords leaked across Apple, Google, more: What to know and how to protect yourself

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Drained Wallets: How to Protect Your Assets From Advanced Phishing Scams

Qantas: Breach affects 6 million people, “significant” amount of data likely taken

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Your Android phone just got a big upgrade for free - these Pixel models included

Facebook's new passkey support could let you ditch your password once and for all

5 things to teach your kids about social media

Strengthen your digital defenses on World Password Day

Personal data of 1.3 million Clubhouse users leaked online

Happy 13th Birthday, KrebsOnSecurity!

How to Use A Password Manager: Setup, Benefits & Best Practices in 2024

5 Signs a Cyberattack Is Under Way and 5 Things You Need to Do Before It Happens

News alert: SquareX shows how Google’s MV3 standard falls short, putting millions at risk

Macs targeted by info stealers in new era of cyberthreats

Hackers take over 1.1 million accounts by trying reused passwords

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

How Most Cyber Attacks Begin: The Hidden Dangers of Credential-Based Threats

Tips to make your summer travels cyber safe

The danger of data breaches — what you really need to know

A 3-Tiered Approach to Securing Your Home Network

How to Take Control of Your Online Presence

Cybersecurity Tips to Avoid Fouls During March Madness

Instagram Hacked: Steps to Prevent Data Breaches

8 Ways to Protect Yourself against Scams on Black Friday and Cyber Monday

Your Android phone just got a major feature upgrade for free - including these Pixel models

Stay Connected