Latest Phishing news

Savvy Seahorse gang uses DNS CNAME records to power investor scams

A threat actor named Savvy Seahorse is abusing CNAME DNS records Domain Name System to create a traffic distribution system that powers financial scam campaigns.
- Bill Toulas
- February 28, 2024
- 09:00 AM
- 0
LabHost cybercrime service lets anyone phish Canadian bank users

The Phishing as a Service (PhaaS) platform 'LabHost' has been helping cybercriminals target North American banks, particularly financial institutes in Canada, causing a notable increase in activity.
- Bill Toulas
- February 27, 2024
- 02:19 PM
- 0
New IDAT loader version uses steganography to push Remcos RAT

A hacking group tracked as 'UAC-0184' was observed utilizing steganographic image files to deliver the Remcos remote access trojan (RAT) onto the systems of a Ukrainian entity operating in Finland.
- Bill Toulas
- February 26, 2024
- 05:57 PM
- 0
Hijacked subdomains of major brands used in massive spam campaign

A massive ad fraud campaign named "SubdoMailing" is using over 8,000 legitimate internet domains and 13,000 subdomains to send up to five million emails per day to generate revenue through scams and malvertising.
- Bill Toulas
- February 26, 2024
- 09:00 AM
- 0
Hackers abuse Google Cloud Run in massive banking trojan campaign

Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban.
- Bill Toulas
- February 21, 2024
- 04:07 PM
- 0
New Qbot malware variant uses fake Adobe installer popup for evasion

The developer of Qakbot malware, or someone with access to the source code, seems to be experimenting with new builds as fresh samples have been observed in email campaigns since mid-December.
- Bill Toulas
- February 15, 2024
- 08:27 AM
- 0
Bumblebee malware attacks are back after 4-month break

The Bumblebee malware has returned after a four-month vacation, targeting thousands of organizations in the United States in phishing campaigns.
- Bill Toulas
- February 13, 2024
- 10:41 AM
- 0
Ongoing Microsoft Azure account hijacking campaign targets executives

A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives.
- Bill Toulas
- February 12, 2024
- 02:16 PM
- 0
Fake LastPass password manager spotted on Apple’s App Store

LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users' credentials.
- Bill Toulas
- February 08, 2024
- 12:02 PM
- 8
Data breach at French healthcare services firm puts millions at risk

French healthcare services firm Viamedis suffered a cyberattack that exposed the data of policyholders and healthcare professionals in the country.
- Bill Toulas
- February 06, 2024
- 01:36 PM
- 0
Microsoft Teams phishing pushes DarkGate malware via group chats

New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims' systems.
- Sergiu Gatlan
- January 30, 2024
- 12:47 PM
- 0
Watch out for "I can't believe he is gone" Facebook phishing posts

A widespread Facebook phishing campaign stating, "I can't believe he is gone. I'm gonna miss him so much," leads unsuspecting users to a website that steals your Facebook credentials.
- Lawrence Abrams
- January 21, 2024
- 11:19 AM
- 6
Payoneer accounts in Argentina hacked in 2FA bypass attacks

Numerous Payoneer users in Argentina report waking up to find that their 2FA-protected accounts were hacked and funds stolen after receiving SMS OTP codes while they were sleeping.
- Bill Toulas
- January 19, 2024
- 03:28 PM
- 0
Google: Russian FSB hackers deploy new Spica backdoor malware

Google says the ColdRiver Russian-backed hacking group is pushing previously unknown backdoor malware using payloads masquerading as a PDF decryption tool.
- Sergiu Gatlan
- January 18, 2024
- 09:00 AM
- 0
US court docs expose fake antivirus renewal phishing tactics

In a seizure warrant application, the U.S. Secret Service sheds light on how threat actors stole $34,000 using fake antivirus renewal subscription emails.
- Bill Toulas
- January 15, 2024
- 04:16 PM
- 1
Framework discloses data breach after accountant gets phished

Framework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack.
- Sergiu Gatlan
- January 11, 2024
- 05:01 PM
- 0
Fake 401K year-end statements used to steal corporate credentials

Threat actors are using communication about personal pension accounts (the 401(k) plans in the U.S.), salary adjustments, and performance reports to steal company employees' credentials.
- Bill Toulas
- January 10, 2024
- 01:33 PM
- 0
Stealthy AsyncRAT malware attacks targets US infrastructure for 11 months

A campaign delivering the AsyncRAT malware to select targets has been active for at least the past 11 months, using hundreds of unique loader samples and more than 100 domains.
- Bill Toulas
- January 07, 2024
- 11:36 AM
- 0
Crypto wallet founder loses $125,000 to fake airdrop website

A crypto wallet service co-founder shares with the world his agony after losing $125,000 to a crypto scam. The startup CEO, who at the time believed he was on a legitimate cryptocurrency airdrop website, realized after his loss that the domain he'd went on was setup for the purposes of phishing unsuspecting users.
- Ax Sharma
- January 05, 2024
- 07:17 AM
- 1
FTC offers $25,000 prize for detecting AI-enabled voice cloning

The U.S. Federal Trade Commission (FTC) has started accepting submissions for its Voice Cloning Challenge, a public competition with a $25,000 top prize for ideas that protect consumers from the danger of AI-enabled voice cloning for fraudulent activity.
- Bill Toulas
- January 04, 2024
- 09:30 AM
- 2