Security News

Cloud communications company Twilio has announced that some of it employees have been phished and that the attackers used the stolen credentials to gain access to some internal company systems and customer data.Apparently, Twilio employees were not the only ones targeted by these attackers.

Cloud communications company Twilio says some of its customers' data was accessed by attackers who breached internal systems after stealing employee credentials in an SMS phishing attack. "On August 4, 2022, Twilio became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials," Twilio said over the weekend.

Attackers abused open redirects on the websites of Snapchat and American Express in a series of phishing attacks to steal Microsoft 365 credentials. Open redirects are web app weaknesses that allow threat actors to use the domains of trusted organizations and websites as temporary landing pages to simplify phishing attacks.

In this video for Help Net Security, Nick Ascoli, VP of Threat Research, PIXM, discusses a multilayered phishing campaign targeting cryptocurrency exchange Coinbase. Attackers are sending out spoofed Coinbase emails to harvest personal credentials and use them to log into users' legitimate accounts in real-time.

A new large-scale phishing campaign targeting credentials for Microsoft email services use a custom proxy-based phishing kit to bypass multi-factor authentication. The phishing campaign's targets include fin-tech, lending, accounting, insurance, and Federal Credit Union organizations in the US, UK, New Zealand, and Australia.

To successfully run a phishing operation, cybercriminals do generally need to host phishing pages online. Phishing pages sitting on IPFS are trickier to take down, compared to usual phishing pages hosted on the clear web.

An ongoing, large-scale phishing campaign is targeting owners of business email accounts at companies in the FinTech, Lending, Insurance, Energy and Manufacturing sectors in the US, UK, New Zealand and Australia, Zscaler researchers are warning. The attackers are using a variety of tecniques and tactics to evade corporate email security solutions and a custom phishing kit that allows them to bypass multi-factor authentication protection to hijack enterprise Microsoft accounts.

The decentralized file system solution known as IPFS is becoming the new "Hotbed" for hosting phishing sites, researchers have warned. Cybersecurity firm Trustwave SpiderLabs, which disclosed specifics of the attack campaigns, said it identified no less than 3,000 emails containing IPFS phishing URLs as an attack vector in the last three months.

Vade announced its H1 2022 Phishers' Favorites report, a ranking of the top 25 most impersonated brands in phishing attacks. With 11,041 unique phishing URLs, Microsoft is the top target for brand impersonation.

Threat groups are increasingly turning to InterPlanetary File System peer-to-peer data sites to host their phishing attacks because the decentralized nature of the sharing system means malicious content is more effective and easier to hide. Threat analysts with cybersecurity vendor Trustwave this week said the InterPlanetary File System is becoming the "New hotbed of phishing" after seeing an increase in the number of phishing emails that contain IPFS URLs.