NPAV Logo

Shopping Cart My Cart 0
₹0.00
Currency
INR
Currency
INR

Phishing

  1. SnakeKeylogger Phishing: Fake Remittance Emails Steal Credentials via PowerShell and ISO Attachments

    SnakeKeylogger Phishing: Fake Remittance Emails Steal Credentials via PowerShell and ISO Attachments

    Posted: October 10, 2025
    Categories: Data Breach, Phishing, Email And Password
    Tags: fp-3b, fp-3a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 20
    New SnakeKeylogger campaign spoofs CPA Global/Clarivate emails with ISO/ZIP lures containing BAT/PowerShell payloads to log keystrokes, hijack clipboard, and exfiltrate data. Persists via "SysUpdate" tasks—train users, sandbox attachments, and monitor PowerShell for defense.
    Read more
  2. Fake HR Emails via Zoom: Phishing Scam Steals Gmail Credentials from Job Seekers

    Fake HR Emails via Zoom: Phishing Scam Steals Gmail Credentials from Job Seekers

    Posted: October 10, 2025
    Categories: Phishing, Email And Password
    Tags: fp-2d, fp-1b, fp-1a
    Author: Npav Lab
    Views: 13
    Sophisticated phishing uses legit-looking Zoom Docs invites from "HR" to lure job hunters into fake Gmail login pages, exfiltrating credentials in real-time via WebSocket on overflow.qyrix.com.de. Discovered by Himanshu Anand—verify emails directly and use password managers to avoid account takeovers.
    Read more
  3. OpenAI Bans ChatGPT Accounts of Chinese Hackers Using AI for Malware Refinement and Phishing Attacks

    OpenAI Bans ChatGPT Accounts of Chinese Hackers Using AI for Malware Refinement and Phishing Attacks

    Posted: October 08, 2025
    Categories: Malware Alerts, Phishing, Hacker, AI
    Tags: fp-3b, fp-3a, fp-1a
    Author: Npav Lab
    Views: 19
    OpenAI's October 2025 report reveals bans on ChatGPT accounts linked to PRC-affiliated groups like UNKDROPPITCH, who leveraged AI to debug malware (GOVERSHELL, HealthKick), craft targeted phishing, and build surveillance tools—disrupting 40+ networks; models block direct threats but highlight efficiency risks in cyber ops.
    Read more
  4. Hackers Weaponize AI-Generated Code to Obfuscate Phishing Payloads in SVG Files, Bypassing Traditional Defenses

    Hackers Weaponize AI-Generated Code to Obfuscate Phishing Payloads in SVG Files, Bypassing Traditional Defenses

    Posted: September 26, 2025
    Categories: Phishing, Hacker, AI
    Tags: fp-3b, fp-3a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 15
    Microsoft exposes AI-driven phishing campaign targeting US organizations: attackers use AI to craft verbose, business-jargon code in SVG attachments disguised as PDFs, hiding credential-stealing payloads behind invisible dashboards and evading antivirus detection.
    Read more
  5. Rise of AI-Generated Fake CAPTCHAs: Cybercriminals' New Tool for Sophisticated Phishing Attacks

    Rise of AI-Generated Fake CAPTCHAs: Cybercriminals' New Tool for Sophisticated Phishing Attacks

    Posted: September 22, 2025
    Categories: Bank Phishing, Cyber Attack, Phishing, Email And Password, AI
    Tags: fp-3c, fp-3a, fp-2-d, fp-1b, fp-1a, f-3b
    Author: Npav Lab
    Views: 14
    Trend Micro warns of cybercriminals using AI to create fake CAPTCHA pages that trick users into revealing sensitive data, boosting phishing success rates and challenging cybersecurity defenses.
    Read more
  6. New Phishing Campaign Targets Facebook Users Using Redirected Fake Login Pages

    New Phishing Campaign Targets Facebook Users Using Redirected Fake Login Pages

    Posted: September 19, 2025
    Categories: Phishing, Facebook
    Tags: fp-3c, fp-3b, fp-3a, fp-1b, fp-1a
    Author: Npav Lab
    Views: 34
    A sophisticated phishing attack uses Facebook’s URL redirect service to trick users into entering login credentials on fake pages, stealing emails, phone numbers, and passwords.
    Read more
  7. SpamGPT: AI-Powered Phishing Toolkit Enabling Massive Email Attacks

    SpamGPT: AI-Powered Phishing Toolkit Enabling Massive Email Attacks

    Posted: September 09, 2025
    Categories: Phishing, Email And Password, AI
    Tags: fp-3d, fp-3c, fp-3b, fp-3a, fp-2d, fp-1b
    Author: Npav Lab
    Views: 64
    SpamGPT is a dark web “spam-as-a-service” platform using AI to automate large-scale phishing campaigns. Learn how KaliGPT and SMTP cracking training empower cybercriminals.
    Read more
  8. Hackers Exploit Amazon SES to Send Over 50,000 Malicious Emails Daily in Large-Scale Phishing Campaign

    Hackers Exploit Amazon SES to Send Over 50,000 Malicious Emails Daily in Large-Scale Phishing Campaign

    Posted: September 09, 2025
    Categories: Phishing, Email And Password, Hacker, Amazon
    Tags: fp-3b, fp-3a, fp-2d, fo-2b
    Author: Npav Lab
    Views: 24
    Cybercriminals abused compromised AWS credentials to hijack Amazon SES, sending 50,000+ phishing emails daily by bypassing sandbox limits. Learn how to detect and prevent SES abuse.
    Read more
  9. OneDrive Phishing Attack Targets Corporate Executives for Credential Theft

    OneDrive Phishing Attack Targets Corporate Executives for Credential Theft

    Posted: September 03, 2025
    Categories: Cyber Attack, Data Breach, Phishing
    Tags: fp-6d, fp-4b, fp-1b
    Author: Npav Lab
    Views: 25
    A sophisticated OneDrive spearphishing campaign targets corporate executives with fake HR emails and Microsoft Office 365 login pages to steal credentials. Learn how to recognize and prevent this threat.
    Read more
  10. Mobile Phishing Attacks Target Brokerage Customers in ‘Ramp and Dump’ Schemes

    Mobile Phishing Attacks Target Brokerage Customers in ‘Ramp and Dump’ Schemes

    Posted: August 20, 2025
    Categories: Phishing
    Tags: fp-2e, fp-2d, fp-2c, fp-2b, fp-2a, fp-1a
    Author: Npav Lab
    Views: 14
    Discover how cybercriminals are exploiting brokerage accounts in sophisticated ‘ramp and dump’ schemes using mobile phishing tactics. Learn about the risks and how to protect yourself.
    Read more
Page
Categories
Recent Posts
Cyber alert infographic: Telegram app icon with hacktivist masks and DDoS bomb symbols, arrows showing 11,000 posts and hashtags spreading globally; protective shield for monitoring tools, warning "Track Your Threats" banner over world map of attack vecto
Telegram: The Hacktivist Hub for Coordinated Global Cyber Attacks
October 15, 2025
Fraud alert graphic: Email chain with red flags on Forex contracts and ALCO mentions, money flow showing inflated profits; RBI probe icon, protective audit shield, and warning "Review Your Practices" banner over banking network.
IndusInd's Hidden Fraud: 2017 Emails Expose Early Treasury Risks
October 15, 2025
Cyber fraud alert graphic: Skype call with fake NCB badge stealing OTPs from phone, money flow to hacker accounts; handcuffed suspects and police symbols, 2FA shield and 1930 helpline icon, warning "Don't Share OTPs" banner over cityscape.
Delhi's Fake NCB Scam: How Cybercriminals Stole ₹20.89 Lakh and Got Caught
October 14, 2025
Security alert graphic: Yomani XR terminal with red debug port arrow leading to hacker accessing root shell, malware icons infiltrating system; protective shield for firmware updates and network segmentation, warning "Audit Your Devices Now" over retail e
Payment Terminal Flaw: Hackers Gain Root Access via Hidden Debug Port
October 14, 2025
“NPAV Diwali greetings – glowing diyas and digital shield symbolizing online safety and light over darkness”
This Diwali, Let’s Light Up Our Digital World with Safety and Positivity
October 14, 2025
Back to Top