Phishing
-
Read moreA new phishing attack is targeting Amazon Prime users, tricking them with fake renewal notifications to steal login credentials, personal details, and payment information. Discovered by the Cofense Phishing Defense Center on February 18, 2025, this attack uses advanced social engineering techniques and multiple layers of deception. -
Read moreA new phishing campaign is targeting industrial organizations in the Asia-Pacific (APAC) region using a dangerous malware called FatalRAT. Hackers are using Chinese cloud services to deliver the malware, making it harder to detect. The attack mainly targets government agencies, manufacturing, IT, telecommunications, healthcare, energy, and logistics companies in countries like Taiwan, Malaysia, China, Japan, and more. -
Read moreCybercriminals are abusing PayPal’s address settings to send scam emails that look like official notifications. These emails claim a new shipping address has been added to your PayPal account and include a fake purchase confirmation for a MacBook M4. The goal is to trick users into calling a fake PayPal support number, where scammers try to gain remote access to their devices. -
Read moreA new phishing attack has been discovered where hackers use Webflow’s CDN and fake CAPTCHAs to trick users into entering their credit card details. The attackers manipulate search results to lure victims into clicking malicious PDFs that lead to phishing websites. -
Read moreCybercriminals are creating fake Valentine’s Day-themed websites using words like “love,” “gift,” and “Valentine” to steal personal and financial information. These scams include phishing emails, fake online stores, and romance frauds, tricking people into revealing sensitive data or downloading malware. -
Read moreHackers are exploiting QR codes in a new scam called “quishing”, tricking users into scanning fake QR codes that lead to phishing sites, malware downloads, or financial fraud. These attacks are bypassing traditional security measures, making individuals and businesses vulnerable. -
Read moreCybercriminals are using fake Microsoft Active Directory Federation Services (ADFS) login pages to steal usernames, passwords, and MFA codes from employees in education, healthcare, and government organizations. The stolen credentials allow hackers to access corporate email accounts, send phishing emails, and commit financial fraud. -
Read moreCybercriminals are pretending to be IT support using Microsoft Teams to trick employees. They use spam emails, fake calls, and phishing tactics to gain access to company systems and install ransomware. -
Read moreRussian hacking group Star Blizzard is targeting high-value diplomats and officials with a phishing campaign that exploits WhatsApp. By deceiving victims into linking their WhatsApp accounts to the hackers' devices, the group gains unauthorized access to private messages. -
Read moreHackers are hiding malicious software in images to deliver dangerous malware like VIP Keylogger and 0bj3ctivity Stealer. These tools are used to steal sensitive data, such as passwords, keystrokes, and screenshots, in separate phishing campaigns.
