Security News

Threat actors are increasingly banking on the technique of HTML smuggling in phishing campaigns as a means to gain initial access and deploy an array of threats, including banking malware, remote administration trojans, and ransomware payloads. HTML smuggling is an approach that allows an attacker to "Smuggle" first-stage droppers, often encoded malicious scripts embedded within specially-crafted HTML attachment or web pages, on a victim machine by taking advantage of basic features in HTML5 and JavaScript rather than exploiting a vulnerability or a design flaw in modern web browsers.

Learn how to detect phishing on LinkedIn and protect yourself from it. Abusing LinkedIn is one of those techniques that is very effective because a lot of professionals use and depend on LinkedIn for their activities or work relationships.

Microsoft has seen a surge in malware campaigns using HTML smuggling to distribute banking malware and remote access trojans. While HTML smuggling is not a new technique, Microsoft is seeing it increasingly used by threat actors to evade detection, including the Nobelium hacking group behind the SolarWinds attacks.

A new business email compromise campaign targeting Microsoft 365 users is using a range of sophisticated obfuscation tactics within phishing emails that can fool natural language processing filters and are undetectable to end users. Researchers at Avanan, a CheckPoint company, first discovered the campaign - dubbed One Font because of the way it hides text in a one-point font size within messages - in September.

Phishing remains the dominant attack vector for bad actors, growing 31.5 percent over 2020, according to a PhishLabs report. Notably, attacks in September 2021 were more than twice as high as the previous year.

Mobile phishing exposure surged 161% within the energy industry between the second half of 2020 and the first half of 2021, a Lookout report reveals. Regional mobile phishing exposure rates: North America, APAC and EMEA. EMEA and APAC employees were 41% and 18% more likely to experience a mobile phishing attack than their North American peers.

Impersonating an Amazon order notification, the attackers end up calling victims to try to obtain their credit card details, says Avanan. A recent campaign spotted by email security provider Avanan spoofs Amazon with both a traditional phishing message and a voice call to try to steal credit card information.

A new phishing campaign pretending to be supply lists infects users with the MirCop ransomware that encrypts a target system in under fifteen minutes. The email body contains a hyperlink to a Google Drive URL, which, if clicked, downloads an MHT file onto the victim's machine.

A new Steam phishing promoted via Discord messages promises a free Nitro subscription if a user links their Steam account, which the hackers then use to steal game items or promote other scams. The phishing scam is being conducted by many Discord accounts controlled by the threat actors or as automated bots that send other users links to what is supposedly a guide on how to receive Discord Nitro for free.

Mobile phishing attacks targeting employees in the energy industry have risen by 161% compared to last year's data, and the trend is showing no signs of slowing down. There is a rising trend in phishing attacks targeting the global energy industry across the world.