Security News

Hundreds of eBike phishing sites abuse Google Ads to push scams
2022-03-01 15:00

A large-scale campaign involving over 200 phishing and scam sites has tricked users into giving their personal data to fake investments schemes impersonating genuine brands. The fraudulent operation relies upon the abuse of Google Ads and SEO to draw victims to hundreds of fake websites targeting the Indian audience.

Top 5 things to know about consent phishing
2022-02-25 18:38

Remember when phishing was a funny new term for tricking people into giving up information? Now there are so many variants, spear phishing, clone phishing, and even whaling! Here are five things to know about Consent Phishing.

Ukraine links Belarusian hackers to phishing targeting its military
2022-02-25 14:18

The Computer Emergency Response Team of Ukraine warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. The phishing emails are being sent from two domains, the former trying to impersonate the i.ua free Internet portal providing email services to Ukrainians since 2008.

Ukraine links phishing targeting military to Belarusian hackers
2022-02-25 14:18

The Computer Emergency Response Team of Ukraine warned today of a spearphishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. The phishing emails are being sent from two domains, the former trying to impersonate the i.ua free Internet portal providing email services to Ukrainians since 2008.

Cloudflare buys anti-phishing business Area 1 for $162m
2022-02-24 14:31

Krazy Glue of the internet Cloudflare has buffed up its email security with the purchase of anti-phishing firm Area 1. Area 1 Security is all about pre-emptively tracking phishing campaigns and preventing customer mailboxes being troubled thanks to its INBOX.CLEAN product.

Citibank phishing baits customers with fake suspension alerts
2022-02-24 14:00

An ongoing large-scale phishing campaign is targeting customers of Citibank, requesting recipients to disclose sensitive personal details to lift alleged account holds. The campaign uses emails that feature CitiBank logos, sender addresses that look genuine at first glance, and content that is free of typos.

Devious phishing method bypasses MFA using remote access software
2022-02-22 21:57

One of the biggest obstacles to successful phishing attacks is bypassing multi-factor authentication configured on the targeted victim's email accounts. D0x set up a phishing attack using the Evilginx2 attack framework that acts as a reverse proxy to steal credentials and MFA codes.

Police bust phishing group that used 40 sites to steal credit cards
2022-02-22 09:49

The Ukrainian cyberpolice have arrested a group of phishing actors who managed to steal payment card data from at least 70,000 people after luring them to fake mobile service top up sites. According to the announcement from law enforcement, the actors used the stolen information to empty their victims' bank accounts.

NFT Investors Lose $1.7M in OpenSea Phishing Attack
2022-02-22 03:12

Over the weekend, hackers stole millions of dollars worth of non-fungible tokens belonging to 17 members of the OpenSea NFT marketplace. On Saturday, a small number of OpenSea users noticed their NFTs were missing.

OpenSea users lose $2 million worth of NFTs in phishing attack
2022-02-21 13:12

The non-fungible token marketplace OpenSea is investigating a phishing attack that left 17 of its users without more than 250 NFTs worth around $2 million. Phishing actors are always looking for ways to take advantage of changes that require users to take action and the OpenSea NFT theft is no different.