September 26, 2024 at 01:37PM Hurricane Helene approaches Florida coastline as a Category 3 storm with a life-threatening 20-foot surge. Cybercriminals are anticipated to exploit public interest and anxiety by launching fraud and phishing schemes related to the hurricane. The US National Hurricane Center and Cybersecurity agencies advise people to be cautious of charitable solicitations, … Read more
September 16, 2024 at 01:21AM Cybersecurity researchers have identified ongoing phishing campaigns using HTTP header refresh entries to deliver fake email login pages, targeting large corporations in South Korea, U.S. government agencies, and schools. These attacks encompass various sectors and are part of a growing trend of sophisticated tactics to trick recipients and steal sensitive … Read more
July 30, 2024 at 10:37AM EvilProxy, a phishing kit known as the “LockBit of phishing,” is being used to launch attacks using legitimate Cloudflare services to disguise malicious traffic. Criminals are offered customer support, videos, and guides to launch campaigns and disguise their activity. Notable threat actors, TA4903 and TA577, have adopted EvilProxy for their … Read more
June 20, 2024 at 12:45PM The text highlights the increasing risks associated with email threats in 2023, with a rise in phishing, malware attacks, and business email compromise (BEC) incidents. It emphasizes the limitations of built-in security for popular email services and recommends leveraging a SaaS-based platform like Cloud App Security for comprehensive visibility and … Read more
May 22, 2024 at 02:05PM Malachi Mullings, a Georgia resident, has been sentenced to a decade in prison for laundering $4.5 million obtained from scams targeting healthcare providers, private companies, and individuals. Facilitating business email compromise and romance scams, he defrauded victims, including elderly individuals, and used the money to make extravagant purchases while concealing … Read more
April 12, 2024 at 05:30AM A LastPass employee was recently targeted in a phishing attack using deepfake technology, with threat actors impersonating the company’s CEO. The employee, suspicious of the urgency and communication outside of normal business hours, ignored the messages and reported the incident. LastPass emphasizes the increasing use of deepfakes in cyber attacks … Read more
March 19, 2024 at 04:05PM The FBI reported that investment fraud, particularly involving cryptocurrency, led to a $4.57 billion loss in 2023, surpassing losses from ransomware. Scams preyed on victims’ desire for quick profits and even targeted those seeking recovery from previous scams. Older individuals were especially vulnerable, accounting for substantial losses and an increase … Read more
March 6, 2024 at 03:41PM TA4903, a gang of hackers specializing in business email compromise attacks, has been impersonating U.S. government entities to carry out malicious activities through fake bidding processes. Proofpoint has been tracking their campaign, noting intensified activities since mid-2023 and a shift to impersonating small businesses. They pose a significant threat and … Read more
March 6, 2024 at 09:25AM Social engineering is rampant in 90% of phishing attacks, particularly in business email compromise (BEC) attacks. These attacks exploit human vulnerabilities, often targeting company executives and new employees. Threat groups like Octo Tempest and Diamond Sleet utilize social engineering to steal sensitive information. To defend against such attacks, organizations should … Read more
March 1, 2024 at 01:05AM African economies faced varied cyber threats in 2023, with Kenya experiencing a 68% rise in ransomware attacks and South Africa seeing a 29% increase in phishing attempts. Cybercriminals are leveraging AI and social engineering tactics, particularly in BEC attacks. Organizations in Africa should invest in cybersecurity expertise to combat evolving … Read more