Security News
An ongoing phishing campaign delivering fake Office 365 password expiration reports has managed to compromise tens of C-Suite email accounts to date, according to a warning from anti-malware vendor Trend Micro. The phishers were able to compromise 40 legitimate email addresses of CEOs, directors, company founders, and owners, as well as those of other enterprise employees.
Loading remotely hosted images instead of embeedding them directly into emails is one of the latest tricks employed by phishers to bypass email filters. Images have also been used for ages as a way to circumvent an email's textual content analysis but, as security technologies became more adept at extracting and analyzing content from images, phishers began trying out several tricks to make the process more difficult and time-consuming for security scanners.
A rising onslaught of phishing messages delivered via SMS has been hitting mobile users around the world in the last few months. The messages take the form of alerts about recipients being eligible to apply for the COVID-19 vaccine, fake notifications about missed deliveries and/or requirements to pay for specific deliveries, messages offering financial help from the government, prizes won.
A domain spoofing email phishing campaign that very convincingly impersonates Microsoft and successfully tricks legacy secure email gateways has recently been spotted by Ironscales. Spoofed the sender's domain to make it look like the email comes from Microsoft.
Check out this series to understand the phisher’s perspective and better defend your organization from cyber threats. In this series of videos, BitDam’s cyber expert, Roy Rashti, will share some...
As America counts down to the November 3 elections, things are tense for political campaigns. The Republican Party of Wisconsin, a key battleground state which President Trump won in 2016 by less than 1 per cent, has admitted that it lost $2.3m earlier this month to business email deception - where phishing emails harvest credentials and use these to submit fake or altered invoices for services rendered.
Marking a pivot from COVID-19 scams, researchers track a single threat actor through the evolution from the pandemic to PayPal, and on to more timely voter scams - all with the same infrastructure. "The range of information credential-phishing themes - PayPal, COVID-19, voting - illustrate how actors often simply pivot from one theme to the next, all while using similar infrastructure and backend functionality," Sherrod DeGrippo, senior director of threat research and detection for Proofpoint, told Threatpost.
UPDATE. Barnes & Noble is warning that it has been hacked, potentially exposing personal data for shoppers - and offering phishers an early holiday gift. In any event, Barnes & Noble said that its IT team "Doesn't know" yet if customer info was exposed, but the systems that were hit contained personal data, so it may have been.
Or the imposter pages may be part of a short-lived web hosting account - perhaps set up just a day or two before as a "Free trial" that will probably be shut down quickly, but not before the crooks will have cut and run anyway. Usually, the fake login form that performs the password-stealing part of a phishing scam appears somewhere in the phoney web page on website.
Phishers are using a bogus GDPR compliance reminder to trick recipients - employees of businesses across several industry verticals - into handing over their email login credentials. "The attacker lures targets under the pretense that their email security is not GDPR compliant and requires immediate action. For many who are not versed in GDPR regulations, this phish could be merely taken as more red tape to contend with rather than being identified as a malicious message," Area 1 Security researchers noted.