Security News

Phishing emails impersonating LinkedIn continue to make the bulk of all brand phishing attempts; according to Check Point, 45% of all email phishing attempts in Q2 2022 imitated the style of communication of the professional social media platform, with the goal of directing targets to a spoofed LinkedIn login page and collecting their account credentials. To compare: In Q4 2021, LinkedIn-themed phishing attempts were just 8 percent of the total brand phishing attacks flagged by Check Point.

The Google Workspace team announced today that it started rolling out a new method to block Google Calendar invitation spam, available to all customers, including legacy G Suite Basic and Business users."To help keep your Google Calendar free from spam, you can now select an option to display events on your calendar only if they come from a sender you know," the Google Workspace team said today.

LinkedIn is holding the top spot for the most impersonated brand in phishing campaigns observed during the second quarter of 2022. Compared to the first quarter of the year, LinkedIn impersonation dropped from 52% to 45%. However, it maintains a considerable distance from the second most imitated brand by fraudsters, Microsoft, currently at 13%. The central theme in spoofed Microsoft emails is requests to verify Outlook accounts to steal usernames and passwords.

LinkedIn and Microsoft are the most impersonated brands in phishing attacks. LinkedIn and Microsoft took top spots as the most exploited brands in phishing attacks last quarter, Check Point Research reported on Tuesday.

Taiwan, South Korea, Japan, the US, and the U.K. the Roaming Mantis operation moved to targeting Android and iOS users in France, likely compromising tens of thousands of devices. Roaming Mantis is believed to be a financially-motivated threat actor that started targeting European users in February.

A newly discovered phishing kit targeting PayPal users is trying to steal a large set of personal information from victims that includes government identification documents and photos. The kit is hosted on legitimate WordPress websites that have been hacked, which allows it to evade detection to a certain degree.

By misusing the PayPal logo and general design, the phishing kit leads users through a set of pages and forms aimed at collecting information that can later be used to steal the victims' identity and perform money laundering, open cryptocurrency accounts, make fraudulent tax return claims, and much more. The attackers using the kit are targeting legitimate WordPress sites.

Microsoft on Tuesday disclosed that a large-scale phishing campaign targeted over 10,000 organizations since September 2021 by hijacking Office 365's authentication process even on accounts secured with multi-factor authentication. The intrusions entailed setting up adversary-in-the-middle phishing sites, wherein the adversary deploys a proxy server between a potential victim and the targeted website so that recipients of a phishing email are redirected to lookalike landing pages designed to capture credentials and MFA information.

Uniswap, a popular decentralized cryptocurrency exchange, lost close to $8 million worth of Ethereum in a sophisticated phishing attack yesterday. 1/ Yesterday, some Uniswap LPs unfortunately fell for a phishing scam, a problem far too common in crypto today.

AiTM phishing steals the session cookie, so the attacker gets authenticated to a session on the user's behalf regardless of the sign-in method the latter uses, researchers said. Attackers are getting wise to organizations' increasing use of MFA to better secure user accounts and creating more sophisticated phishing attacks like these that can bypass it, noted a security professional.