Security News

A recently uncovered phishing campaign, targeting PayPal users, pulls out all the stops and asks victims for the complete spectrum of personal data - even going so far as to ask for social security numbers and uploaded photos of their passports. Some parts of the phishing email make strange use of exclamation points - For instance, the top of the email says "PayPal Notifications Center !" and the phishing link button reads, "Secure and update my account now !".

Last week, IBM and Kaspersky caught hackers in Japan trying to spread malware through emails with links about the coronavirus outbreak that started in Wuhan, China, in January. Now, Kaspersky and Sophos have found phishing emails from cybercriminals purporting to be from the Centers for Disease Control and Prevention and the World Health Organization that are attempts to steal email credentials and other information.

A new phishing campaign is attempting to deliver sophisticated malware that can completely hijack an Android mobile device to steal user credentials, install a keylogger and even hold a device's data for ransom. Researchers at Cofense, who discovered the campaign, said the malware targets more than 250 Android apps with tailored login overlay screens used to capture credentials inputted into the apps.

The newly detailed phishing attack, Certfa Lab says, is related to previously observed activity targeting a U.S. presidential candidate, government officials, media targets, and prominent expatriate Iranians, where the hackers employed an updated spear phishing technique. As part of the campaign, the threat actor created a fake account impersonating New York Times journalist Farnaz Fassihi journalist), to send fake interview invitations to victims and trick them into accessing phishing websites.

The study does not say whether the phishing emails that targeted Kasraie and others were successful in compromising their passwords and other credentials, and a spokesperson for Certfa says that the campaign has not been successful, although not all victims may have come forward yet. One of the tipoffs that these emails were phishing lures is that Fassihi recently moved to the New York Times and wouldn't be seeking interviews with subjects for the Journal, according to the report.

Sadly, cybercrooks love a crisis, because it gives them a believable reason to contact you with a phishing scam. Of course, if you put in your email address or your password and click through, you'll be submitting the filled-in web form to the crooks.

The Gone Phishing Tournament tested how susceptible people are to opening fraudulent emails and entering their login information. To prepare organizations for an attack, TerraNova Security held the Gone Phishing Tournament over five days in October, testing people at companies in 76 countries and 27 languages on how likely they were to open a malicious email and enter their information into a dangerous website.

The Wuhan coronavirus continues to spread and create anxiety across the globe, allowing malicious individuals and groups to exploit the situation to spread fake news, malware and phishing emails. IBM X-Force says that Japanese users have been receiving fake notifications about the coronavirus spreading in several prefectures, purportedly sent by a disability welfare service provider and a public health center.

A spear-phishing campaign targeted a U.S. government agency for several months last year using emails with content about North Korea geopolitics as a lure, according to an analysis from Palo Alto Networks' Unit 42. It targeted five employees at a U.S. government agency - which the report did not identify - as well as two foreign nationals who had professional ties to North Korea, according to the Unit 42 report.

The campaign was using the heightened tension in the region following the killing of Iranian general Qasem Suleimani at a Baghdad airport, and used emails purporting to come from the Ministry of Foreign Affairs of the Kingdom of Bahrain, Saudi Arabia, and the United Arab Emirates. The use of legitimate public services in malware attacks is a growing trend among attackers.