Security News

With an inherent emphasis in "Privacy-by-default", Hoplite Technology announced the new launch of a free anti-phishing solution named Anti-Phishing Bot to protect everyday users against phishing attacks. Due to the lack of ways to verify the identity of the senders, everyday users without technical trainings will often find it difficult to distinguish a phishing attack as the red flags are hidden in different parts of an email.

Some of the brands abused through this scam are extremely popular in Europe and include LeBonCoin, Allegro, OLX, Sbazar, FAN Courier, Lalafo, Kufar and DHL. Scam expanding to Europe. The scammers publish ads on popular marketplaces and classifieds claiming to offer various products at low prices.

A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft. When PayPal detects suspicious or fraudulent activity on an account, the account will have its status set to "Limited," which will put temporary restrictions on withdrawing, sending, or receiving money.

A large scale phishing scam is underway that pretends to be a security notice from Chase stating that fraudulent activity has been detected and caused the recipient's account to be blocked. One recipient said they fell for the scam after their card was denied in a purchase online and thought the email was a legitimate Chase fraud alert.

Several U.S. government organizations have issued warnings regarding various types of fraud and phishing schemes that use COVID-19 vaccine-related topics to lure potential victims. The alert from the FBI, HHS-OIG, and CMS reads, could take the form of ads that claim to offer early access to vaccines in exchange for a deposit or fee, requests to pay for the vaccine or enter personal information on a so-called waiting list, or offers to undergo medical testing to obtain the vaccine.

As if the exponential rise in phishing scams and malware attacks in the last five years wasn't enough, the COVID-19 crisis has worsened it further. Many scammers have rolled out campaigns offering COVID-19 vaccines, free medical tests and testing kits, tax rebates for donation to pandemic relief funds, information on COVID-19 cases, and new job opportunities due to the economic downturn.

The US Department of Justice has seized two domain names used to impersonate the official websites of biotechnology companies Moderna and Regeneron involved in the development of COVID-19 vaccines. While almost perfectly cloning the contents of the real sites, the website seized by the federal government were instead used for various malicious purposes including running scams, infecting visitors with malware, and collecting sensitive info in phishing attacks.

Count the Subway sandwich faithful among the latest victims of cybercriminals. Researchers at Sophos discovered a phishing campaign aimed at Subway loyalty-card members in the U.K. and Ireland, in an attempt to trick them into downloading malware.

Understanding the attackers' approach helps you spot a phishing email when it hits your inbox. In general, there are four main steps phishers go through when creating convincing phishing emails, and understanding these steps helps you to spot and stop them.

A massive phishing campaign pretending to be a Subway order confirmation is underway distributing the notorious TrickBot malware. TrickBot is a trojan malware infection commonly distributed through phishing campaigns or installed by other malware.