Phishing
-
Read moreHackers are exploiting QR codes in a new scam called “quishing”, tricking users into scanning fake QR codes that lead to phishing sites, malware downloads, or financial fraud. These attacks are bypassing traditional security measures, making individuals and businesses vulnerable. -
Read moreCybercriminals are using fake Microsoft Active Directory Federation Services (ADFS) login pages to steal usernames, passwords, and MFA codes from employees in education, healthcare, and government organizations. The stolen credentials allow hackers to access corporate email accounts, send phishing emails, and commit financial fraud. -
Read moreCybercriminals are pretending to be IT support using Microsoft Teams to trick employees. They use spam emails, fake calls, and phishing tactics to gain access to company systems and install ransomware. -
Read moreRussian hacking group Star Blizzard is targeting high-value diplomats and officials with a phishing campaign that exploits WhatsApp. By deceiving victims into linking their WhatsApp accounts to the hackers' devices, the group gains unauthorized access to private messages. -
Read moreHackers are hiding malicious software in images to deliver dangerous malware like VIP Keylogger and 0bj3ctivity Stealer. These tools are used to steal sensitive data, such as passwords, keystrokes, and screenshots, in separate phishing campaigns. -
Read moreCybercriminals are using Google Search ads to trick advertisers into entering their credentials on fake Google Ads login pages. These phishing attacks are stealing account details to misuse them, affecting advertisers worldwide. -
Read moreA dangerous Android malware called FireScam is disguising itself as "Telegram Premium" to steal sensitive data and remotely control infected devices. Distributed via phishing sites mimicking legitimate platforms, FireScam demonstrates advanced techniques to evade detection and maintain control over devices. -
Read moreThe Horns and Hooves campaign, active since March 2023, has targeted over 1,000 victims with phishing emails containing JavaScript payloads that deploy sophisticated RAT malware like NetSupport RAT and BurnsRAT. This attack primarily targets private users, retailers, and service businesses in Russia, leveraging remote access tools for data theft, ransomware, and malware deployment. -
Read moreA new fraud campaign led by the Chinese threat actor SilkSpecter is leveraging 4,700 fake e-commerce websites to steal payment card details and personal information. These sites mimic popular brands and utilize legitimate payment processors like Stripe to deceive victims. -
Read moreCybersecurity researchers have identified a significant rise in phishing attacks utilizing Webflow, a legitimate website builder. These attacks target sensitive login information for various cryptocurrency wallets and corporate webmail platforms. With a tenfold increase in phishing traffic between April and September 2024, the campaigns highlight the growing sophistication of cybercriminals leveraging legitimate tools to deceive users.
Recent Posts
