Security News

Office 365 Users Targeted By ‘Coronavirus Employee Training’ Phish
2020-06-25 13:09

Researchers are warning of a new phishing attack that purports to send coronavirus training resources to employees who are returning to the workplace, as COVID-19 lockdowns lift. The recent phishing campaign leverages novel training programs that are required for employees in the workplace to comply with coronavirus regulations.

BofA Phish Gets Around DMARC, Other Email Protections
2020-06-18 13:00

A credential-phishing attempt that relies on impersonating Bank of America has emerged in the U.S. this month, with emails that get around secure gateway protections and heavy-hitting protections like DMARC. The campaign involves emails that ask recipients to update their email addresses, warning users that their accounts could be recycled if this isn't done. "This ensured that the email wasn't caught in the bulk email filters provided by native Microsoft email security or the Secure Email Gateway."

Supreme Court Phish Targets Office 365 Credentials
2020-05-21 13:00

The phishing emails spoof the U.S. Supreme Court, aiming to capitalize on scare tactics to convince targets to click on an embedded link. "The sender name impersonated the Supreme Court, making the email likely to get past eye tests when people glanced through it amidst hundreds of other emails in their overflowing mailboxes. The email language was terse and authoritative, including a CTA in the email - View Subpoena - clearly describing the purpose of the email."

News Wrap: Microsoft Sway Phish, Malicious GIF and Spyware Attacks
2020-05-01 16:47

A Microsoft vulnerability found in Microsoft Teams that could have allowed an inside attacker to weaponize a single GIF image and use it to pilfer data from targeted systems and take over all of an organization's Teams accounts. The phishing campaign used a ton of different Microsoft file sharing platforms including Microsoft Sway, which if you guys don't know what that is, it's basically Microsoft's platform for newsletters and presentations.

Warning! Fake Zoom “HR meeting” emails phish for your password
2020-04-28 08:30

Example CEO and Management Board Meeting for all staffs on Zoom Meeting This is a reminder that your zoom meeting appointment with H.R and Audit Head will start in few minutes. Your presence is crucial to this meeting and equally required to commence this Q1 perfomance review meeting Join this Live Meeting Meeting Purpose: Contract Suspension / Termination Trial.

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others
2020-04-01 03:30

The incident gave the phisher the ability to view and modify key customer records, access that was used to change domain settings for a half-dozen GoDaddy customers, including transaction brokering site escrow.com. In a statement shared with KrebsOnSecurity, GoDaddy acknowledged that on March 30 the company was alerted to a security incident involving a customer's domain name.

There Are Plenty of Phish in the Sea
2020-03-16 16:23

Today, for modest amounts of money, would-be scammers can buy high-quality phishing tools online, through the Dark Web, enabling them to skip all the fuss and bother of actually learning how to code or do graphics or any of the other steps required to successfully scam someone. There the price of a phishing page averaged $338. Phishing - essentially stealing sensitive information like passwords, credentials, reset notifications and other forms of access through trickery - is the single most common form of online attack.

Fresh phish! Stripe scam baked and delivered in under an hour
2020-03-02 12:24

For anyone who is a Stripe user - even if they haven't logged in for a while - the email seems pretty genuine. OK, the button didn't head to a Stripe domain, but the link didn't look particularly out of place, either - it was an HTTPS link to a regular-looking.com domain.

Tricky Phish Angles for Persistence, Not Passwords
2020-01-07 21:35

First, while the most recent versions of this stealthy phish targeted corporate users of Microsoft's Office 365 service, the same approach could be leveraged to ensnare users of many other cloud providers. In early December, security experts at PhishLabs detailed a sophisticated phishing scheme targeting Office 365 users that used a malicious link which took people who clicked to an official Office 365 login page - login.

News Wrap: APTs, Office 365 Voicemail Phish and Bed Bath & Beyond Breach
2019-11-01 19:32

Threatpost editors discuss this week's biggest news - from a data breach of Bed Bath & Beyond, a tricky phishing attack and widespread APT activity.