Tag: phishing
-
New Tech Support Scam Uses Microsoft Logo to Fake Browser Lock, Steal Data
The Cofense Phishing Defense Centre warns of a new tech support scam using Microsoft’s brand to lock browsers and steal data. Learn how the attack uses fake ‘payment lures’ and urgent security alerts to trick victims into calling a fraudulent support number. First seen on hackread.com Jump to article: hackread.com/tech-support-scam-microsoft-logo-browser-lock-data/
-
Datenleck bei Mango: Angreifer erbeutet Kundendaten von großem Modekonzern
Kundendaten des Modekonzerns Mango sind in die Hände eines Angreifers gelangt. Betroffene sollten sich auf Phishing-Angriffe einstellen. First seen on golem.de Jump to article: www.golem.de/news/datenleck-bei-modekonzern-angreifer-erbeutet-kundendaten-von-mango-2510-201229.html
-
New Phishing Technique Targets Users via Basic Auth URLs
Netcraft recently uncovered a suspicious URL targeting GMO Aozora Bank, a Japanese financial institution. The URL leveraged a legacy web technique”, Basic Authentication URL formatting”, to visually impersonate the bank and deceive customers. This discovery prompted a broader review of phishing activity that still relies on this old but effective technique, exposing how threat actors…
-
New Phishing Technique Targets Users via Basic Auth URLs
Netcraft recently uncovered a suspicious URL targeting GMO Aozora Bank, a Japanese financial institution. The URL leveraged a legacy web technique”, Basic Authentication URL formatting”, to visually impersonate the bank and deceive customers. This discovery prompted a broader review of phishing activity that still relies on this old but effective technique, exposing how threat actors…
-
Datenleck bei Modekonzern: Angreifer erbeutet Kundendaten von Mango
Kundendaten des Modekonzerns Mango sind in die Hände eines Angreifers gelangt. Betroffene sollten sich auf Phishing-Angriffe einstellen. First seen on golem.de Jump to article: www.golem.de/news/datenleck-bei-modekonzern-angreifer-erbeutet-kundendaten-von-mango-2510-201229.html
-
‘Die meisten Unternehmen sind schlecht auf Cyberattacken vorbereitet”
Markus Weber ist Gründer und Geschäftsführer der IT-Beratungsfirma dokuworks. dokuworks GmbHHerr Weber, als Krisenmanager werden Sie ja oft erst ins Unternehmen geholt, wenn der Angriff schon passiert ist. Was sind die ersten Schritte?Weber: Wir überprüfen zunächst einmal, ob aus technischer Sicht die wichtigsten Maßnahmen getroffen wurden. Dazu gehört zum Beispiel, dass die IT-Systeme vom Netz…
-
‘Die meisten Unternehmen sind schlecht auf Cyberattacken vorbereitet”
Markus Weber ist Gründer und Geschäftsführer der IT-Beratungsfirma dokuworks. dokuworks GmbHHerr Weber, als Krisenmanager werden Sie ja oft erst ins Unternehmen geholt, wenn der Angriff schon passiert ist. Was sind die ersten Schritte?Weber: Wir überprüfen zunächst einmal, ob aus technischer Sicht die wichtigsten Maßnahmen getroffen wurden. Dazu gehört zum Beispiel, dass die IT-Systeme vom Netz…
-
PhantomVAI Loader Launches Global Campaign to Distribute AsyncRAT, XWorm, FormBook, and DCRat
PhantomVAI Loader, a newly renamed multi-stage .NET loader tracked by Unit 42, is being used in widespread phishing campaigns to deliver a variety of information-stealing malware families. Initially identified as Katz Stealer Loader for its role in deploying the Katz Stealer infostealer, this loader now supports AsyncRAT, XWorm, FormBook and DCRat payloads through an evasive…
-
PhantomVAI Loader Launches Global Campaign to Distribute AsyncRAT, XWorm, FormBook, and DCRat
PhantomVAI Loader, a newly renamed multi-stage .NET loader tracked by Unit 42, is being used in widespread phishing campaigns to deliver a variety of information-stealing malware families. Initially identified as Katz Stealer Loader for its role in deploying the Katz Stealer infostealer, this loader now supports AsyncRAT, XWorm, FormBook and DCRat payloads through an evasive…
-
PhantomVAI Loader Launches Global Campaign to Distribute AsyncRAT, XWorm, FormBook, and DCRat
PhantomVAI Loader, a newly renamed multi-stage .NET loader tracked by Unit 42, is being used in widespread phishing campaigns to deliver a variety of information-stealing malware families. Initially identified as Katz Stealer Loader for its role in deploying the Katz Stealer infostealer, this loader now supports AsyncRAT, XWorm, FormBook and DCRat payloads through an evasive…
-
Phishing training needs a new hook, here’s how to rethink your approach
Tags: ai, attack, authentication, computer, cybersecurity, detection, metric, mfa, mobile, phishing, risk, threat, training, vulnerabilityPhishing training offers minimal benefits: Grant Ho, assistant professor of computer science at The University of Chicago collaborated with UC San Diego and UC San Diego Health to evaluate the efficacy of annual training and embedded phishing training. In their research, they analyzed how approximately 20,000 employees at UCSD Health handled simulated phishing campaigns across…
-
Banking-Betrug weltweit um 65 Prozent gestiegen
Die Bedrohung durch digitalen Finanzbetrug erreicht neue Dimensionen. Laut dem aktuellen 2025 Global Scams Report des Sicherheitsanbieters BioCatch ist die Zahl der Betrugsversuche im vergangenen Jahr um 65 Prozent gestiegen. Voice-Phishing-Angriffe (Vishing) haben sich dabei verdoppelt, SMS-basierte Phishing-Attacken nahmen sogar um das Zehnfache zu. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/banking-betrug-weltweit-um-65-prozent-gestiegen
-
Banking-Betrug weltweit um 65 Prozent gestiegen
Die Bedrohung durch digitalen Finanzbetrug erreicht neue Dimensionen. Laut dem aktuellen 2025 Global Scams Report des Sicherheitsanbieters BioCatch ist die Zahl der Betrugsversuche im vergangenen Jahr um 65 Prozent gestiegen. Voice-Phishing-Angriffe (Vishing) haben sich dabei verdoppelt, SMS-basierte Phishing-Attacken nahmen sogar um das Zehnfache zu. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/banking-betrug-weltweit-um-65-prozent-gestiegen
-
Fake LastPass, Bitwarden breach alerts lead to PC hijacks
An ongoing phishing campaign is targeting LastPass and Bitwarden users with fake emails claiming that the companies were hacked, urging them to download a supposedly more secure desktop version of the password manager. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fake-lastpass-bitwarden-breach-alerts-lead-to-pc-hijacks/
-
Whisper 2FA Behind One Million Phishing Attempts Since July
Whisper 2FA is now one of the most active PhaaS tools alongside Tycoon and EvilProxy, responsible for one million attacks since July 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/whisper-2fa-behind-1m-phishing/
-
Whisper 2FA Behind One Million Phishing Attempts Since July
Whisper 2FA is now one of the most active PhaaS tools alongside Tycoon and EvilProxy, responsible for one million attacks since July 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/whisper-2fa-behind-1m-phishing/
-
Human Risk Report Reveals Overconfidence in Phishing Defenses
Arctic Wolf’s annual Human Risk Behavior Snapshot surveyed more than 1,700 IT leaders and end users worldwide. The post Human Risk Report Reveals Overconfidence in Phishing Defenses appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/human-risk-report-2025/
-
Human Risk Report Reveals Overconfidence in Phishing Defenses
Arctic Wolf’s annual Human Risk Behavior Snapshot surveyed more than 1,700 IT leaders and end users worldwide. The post Human Risk Report Reveals Overconfidence in Phishing Defenses appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/human-risk-report-2025/
-
Fake Google Job Offer Email Scam Targets Workspace and Microsoft 365 Users
Cybersecurity firm Sublime Security details a new credential phishing scam impersonating Google Careers to steal login details from Google Workspace and Microsoft 365 users. First seen on hackread.com Jump to article: hackread.com/fake-google-job-offer-email-scam-workspace-microsoft-365/
-
Banking Scams Up 65% Globally in Past Year
Data from BioCatch reveals SMS text-based phishing (smishing) surges by a factor of 10. The post Banking Scams Up 65% Globally in Past Year appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-banking-scams-2025/
-
13 cybersecurity myths organizations need to stop believing
Tags: access, ai, attack, authentication, backup, banking, breach, business, ceo, compliance, computer, computing, corporate, credentials, cyber, cybersecurity, data, data-breach, deep-fake, defense, encryption, finance, government, group, identity, incident response, infrastructure, jobs, law, malicious, mfa, monitoring, network, nist, openai, passkey, password, phishing, privacy, regulation, risk, service, skills, strategy, technology, theft, threat, tool, vulnerabilityBig tech platforms have strong verification that prevents impersonation: Some of the largest tech platforms like to talk about their strong identity checks as a way to stop impersonation. But looking good on paper is one thing, and holding up to the promise in the real world is another.”The truth is that even advanced verification…
-
Risks of Not Aligning with ISO 27001 Remote Access Policy
28% of organizations have become a part of some gruesome cybersecurity incidents, according to a security report released by IBM in 2024. Among the attack vectors of such attacks were malware infections, phishing scams, and unintentional data leaks. To the rescue comes ISO 27001. It provides a framework that helps organizations like yours fight back……
-
Police Bust GXC Team, One of the Most Active Cybercrime Networks
Spanish Guardia Civil and Group-IB arrest ‘GoogleXcoder,’ the 25-year-old Brazilian mastermind of the GXC Team, for selling AI-powered phishing kits and malware used to steal millions from banks across the US, UK, Spain, and Brazil. First seen on hackread.com Jump to article: hackread.com/police-bust-gxc-team-cybercrime-networks/
-
Police Bust GXC Team, One of the Most Active Cybercrime Networks
Spanish Guardia Civil and Group-IB arrest ‘GoogleXcoder,’ the 25-year-old Brazilian mastermind of the GXC Team, for selling AI-powered phishing kits and malware used to steal millions from banks across the US, UK, Spain, and Brazil. First seen on hackread.com Jump to article: hackread.com/police-bust-gxc-team-cybercrime-networks/
-
Hackers Use Court-Themed Phishing to Deliver Info-Stealer Malware
A novel phishing campaign has emerged targeting Colombian users by abusing judicial notifications and weaponizing Scalable Vector Graphics (SVG) files. This sophisticated attack begins with a carefully crafted Spanish-language email impersonating the “17th Municipal Civil Court of the Bogotá Circuit,” complete with formal legal language and institutional details. The .SVG attachment named “Fiscalia General De…
-
Hackers Use Court-Themed Phishing to Deliver Info-Stealer Malware
A novel phishing campaign has emerged targeting Colombian users by abusing judicial notifications and weaponizing Scalable Vector Graphics (SVG) files. This sophisticated attack begins with a carefully crafted Spanish-language email impersonating the “17th Municipal Civil Court of the Bogotá Circuit,” complete with formal legal language and institutional details. The .SVG attachment named “Fiscalia General De…
-
Hackers Use Court-Themed Phishing to Deliver Info-Stealer Malware
A novel phishing campaign has emerged targeting Colombian users by abusing judicial notifications and weaponizing Scalable Vector Graphics (SVG) files. This sophisticated attack begins with a carefully crafted Spanish-language email impersonating the “17th Municipal Civil Court of the Bogotá Circuit,” complete with formal legal language and institutional details. The .SVG attachment named “Fiscalia General De…