Tag: phishing
-
BeatBanker Trojan Spreads via Phishing, Deploys Crypto Miner and RAT on Targeted Devices
BeatBanker is a new Android malware campaign targeting users in Brazil, combining banking fraud, crypto”‘mining, and, in its latest wave, full device takeover via a RAT. It spreads almost entirely through phishing pages that mimic the Google Play Store and trick victims into installing weaponized APKs disguised as legitimate apps and updates. The operation starts…
-
Malvertising: Herbert Grönemeyer und Hasso Plattner werden missbraucht
Aktuell weltweite Kampagne mit russischem cyberkriminellem Hintergrund. 310 koordinierte Kampagnen für digitalen Betrug in 25 Ländern auf sechs Kontinenten. Phishing-Mails mit aggressivem telefonischem Nachsetzen. Fake-Anzeigen als Ausgangspunkt für Anlagenbetrug. Depot-Empfehlungen von Herbert Grönemeyer oder vermeintliche Krypto-Tipps von SAP”‘Gründer Hasso Plattner sind derzeit Teil einer groß angelegten internationalen Betrugskampagne. Dahinter steckt ein global agierendes Netzwerk… First…
-
Microsoft brings phishing-resistant Windows sign-ins via Entra passkeys
Microsoft is rolling out passkey support for Microsoft Entra on Windows devices, adding phishing-resistant passwordless authentication via Windows Hello. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-entra-brings-phishing-resistant-sign-in-to-windows/
-
Phishing Scammers Impersonating City, County Officials, Demanding Payment: FBI
Scammers are impersonating local municipal officials around the country with seemingly legitimate phishing messages demanding payment for permits. The bad actors grab publicly available information and use them in their emails to fool their targets. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/phishing-scammers-impersonating-city-county-officials-demanding-payment-fbi/
-
Cybercriminals impersonating city officials to steal permit payments, FBI says
In a notice on Monday, the agency said people and businesses with active applications for the permits are being targeted with phishing emails that often include detailed, accurate information “including property addresses, case numbers, and the true names of city and county officials.” First seen on therecord.media Jump to article: therecord.media/cybercriminals-impersonate-city-officials-permit-payments
-
Top 10 Best Anti-Phishing Tools in 2026
The cybersecurity landscape has shifted dramatically, and traditional spam filters are no longer enough to protect sensitive enterprise data. As we navigate through 2026, threat actors are leveraging sophisticated AI-powered exploits to bypass standard security protocols, craft hyper-realistic deepfake audio messages, and execute highly targeted Business Email Compromise (BEC) campaigns. Phishing has evolved from obvious,…
-
Signal and WhatsApp accounts targeted in phishing campaign
Dutch intelligence warns that attackers are hijacking Signal and WhatsApp accounts by tricking users into sharing verification codes or linking a malicious device. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/signal-and-whatsapp-accounts-targeted-in-phishing-campaign/
-
Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts
Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page, Datadog … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/10/aitm-phishing-aws-accounts/
-
The OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fix
Tags: access, attack, authentication, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, detection, exploit, firewall, incident, incident response, infrastructure, insurance, ISO-27001, metric, mfa, monitoring, network, office, phishing, ransomware, regulation, resilience, risk, risk-management, service, siem, soc, stuxnet, supply-chain, tool, vpn, vulnerability, zero-dayWhy everyone knows it’s burning, but nobody pulls the fire alarm: When I talk to OT managers, production leads or plant engineers, I rarely hear, “We didn’t know we had a problem.” Far more often, it’s, “We know it’s critical, but we can’t just shut it down.” This gap between awareness and action is the…
-
Law enforcement disrupted Tycoon 2FA phishing-as-a-service platform
Authorities disrupted the Tycoon 2FA phishing-as-a-service platform used to send millions of phishing emails to over 500,000 orgs worldwide. The joint effort, led by Microsoft, Europol, and industry partners, aimed to target the infrastructure of Tycoon 2FA phishing-as-a-service platform responsible for tens of millions of fraudulent emails reaching over 500,000 organizations each month worldwide. By…
-
Phishing campaign spoofs local officials to steal permit fees
The FBI is warning about a phishing scheme in which cybercriminals impersonate city and county officials to solicit fraudulent payments for planning and zoning permits. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/10/fbi-phishing-scheme-planning-zoning-permit-fees/
-
SurxRAT Android Malware Uses LLMs for Phishing and Data Theft
Tags: access, android, control, credentials, cyber, cybercrime, data, LLM, malware, phishing, ransomware, theftA new Android Remote Access Trojan (RAT) named SurxRAT, which is being sold as a commercial malware platform through a Telegram-based malware”‘as”‘a”‘service (MaaS) ecosystem. The malware, marketed under the SURXRAT V5 branding, enables cybercriminals to create customized Android malware builds capable of surveillance, credential theft, remote device control, and ransomware-style device locking. The malware appears…
-
Signed malware posing as Teams and Zoom apps drops RMM backdoors
A wave of phishing campaigns that used signed malware posing as popular workplace apps like Microsoft Teams, Zoom, and Adobe Reader to deploy remote monitoring and management (RMM) backdoors. The activity, attributed to an as-yet unidentified threat actor, highlights how trusted branding and valid-looking digital signatures can be abused to gain stealthy, long-term access in…
-
Signal Confirms Sophisticated Phishing Scheme Caused Account Compromises
The secure messaging platform Signal recently confirmed active, targeted phishing campaigns resulting in severe account takeovers. These sophisticated attacks have successfully compromised the accounts of high-profile individuals, specifically targeting government officials and journalists. Despite these high-profile breaches, Signal explicitly clarified that its underlying infrastructure and end-to-end encryption protocols remain robust and completely uncompromised. The breaches…
-
Microsoft Teams phishing targets employees with A0Backdoor malware
Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Backdoor. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-teams-phishing-targets-employees-with-backdoors/
-
Microsoft Teams phishing targets employees with A0Backdoor malware
Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Backdoor. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-teams-phishing-targets-employees-with-backdoors/
-
Microsoft Teams phishing targets employees with backdoors
Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Backdoor. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-teams-phishing-targets-employees-with-backdoors/
-
FBI alert: scammers target zoning permit applicants
The FBI warns of phishing attacks where crooks impersonate U.S. city and county officials to target people requesting planning and zoning permits. The FBI warns that scammers are impersonating U.S. city and county officials in phishing campaigns targeting businesses and individuals applying for planning or zoning permits. Using publicly available information, attackers craft messages that…
-
Malicious Chrome Extension Targets imToken Wallet Users
A fake Chrome extension impersonating imToken redirects users to phishing pages to steal crypto wallet keys. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/malicious-chrome-extension-targets-imtoken-wallet-users/
-
Dutch govt warns of Signal, WhatsApp account hijacking attacks
Russian state-sponsored hackers have been linked to an ongoing Signal and WhatsApp phishing campaign targeting government officials, military personnel, and journalists to gain access to sensitive messages. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dutch-govt-warns-of-signal-whatsapp-account-hijacking-attacks/

