phishing – Computer Security Articles

An ongoing malvertising campaign steals Google advertiser accounts via fraudulent ads for Google Ads itself.

Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces

December 19, 2024 admin CloudFlare, Featured, flowerstorm, legitimate service abuse, phishing, phishing-as-a-service, rockstar, rockstar2fa, security operations, threat research

Credit to Author: gallagherseanm| Date: Thu, 19 Dec 2024 15:11:48 +0000

A sudden disruption of a major phishing-as-a-service provider leads to the rise of another…that looks very familiar

Independent Krebs

Why Phishers Love New TLDs Like .shop, .top and .xyz

December 3, 2024 admin @chenlun, A Little Sunshine, and mobile anti-abuse working group, Anti-Phishing Working Group, coalition against unsolicited commercial email, ICANN, interisle consulting, Internet Corporation for Assigned Names and Numbers, John Levine, Latest Warnings, malware, messaging, new gtlds, phishing, spam, The Coming Storm, U.S. Postal Service

Credit to Author: BrianKrebs| Date: Tue, 03 Dec 2024 13:27:31 +0000

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees the domain name industry is moving forward with plans to introduce a slew of new gTLDs.

Security Sophos

Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”

November 20, 2024 admin atera, legitimate service abuse, muddywater, phishing, RMM, security operations, stac 1171, ta450, threat research

Credit to Author: gallagherseanm| Date: Wed, 20 Nov 2024 17:12:12 +0000

Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to an Iranian threat actor commonly referred to as MuddyWater or TA450. Earlier […]

Security Sophos

Cybercrime-Trend im Aufwind: Phishing mit QR-Codes

November 18, 2024 admin Featured, phishing, threat research

Credit to Author: Jörg Schindler| Date: Thu, 07 Nov 2024 12:30:42 +0000

In Anlehnung an Albert Einstein ließe sich wohl sagen, dass der kriminelle Einfallsreichtum der Menschen unendlich ist. Der neueste Trend Quishing beweist jedenfalls einmal wieder, dass die Cyberkriminellen keine Möglichkeit auslassen. Die Experten von Sophos X-Ops haben sich den neuesten Hype der Infiltration über QR-Codes genauer angesehen. Wenn Cyberkriminelle ihre Phishing-Methoden mit eigentlich ganz harmlosen […]

MalwareBytes Security

Crooks bank on Microsoft’s search engine to phish customers

November 4, 2024 admin bank, Bing, phishing, scams, search engine

If you searched for your bank’s login page via Bing recently, you may have visited a fraudulent website enabling criminals to get your credentials and even your two-factor security code.

Independent Krebs

Booking.com Phishers May Leave You With Reservations

November 1, 2024 admin A Little Sunshine, booking.com, Latest Warnings, phishing, secureworks, spear phishing, The Coming Storm, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Fri, 01 Nov 2024 21:12:38 +0000

A number of cybercriminal innovations are making it easier for scammers to cash in on your upcoming travel plans. This story examines a recent spear-phishing campaign that ensued when a California hotel had its booking.com credentials stolen. We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website.

MalwareBytes Security

LinkedIn bots and spear phishers target job seekers

October 23, 2024 admin cybercrime, Jobs, LinkedIn, phishing, SCAM

The #opentowork hashtag may attract the wrong crowd as criminals target LinkedIn users to steal personal information, or scam them.

← Previous