April 25, 2024 at 10:15AM Netcraft warns of threat actors using compromised email accounts to send phishing emails with links to malicious PDF files on Autodesk Drive. Attackers tailor their emails with legitimate senders’ information to appear credible. Recipients are directed to phishing pages and prompted to provide Microsoft account credentials. The attacks are highly … Read more
April 18, 2024 at 11:00AM LastPass warns of a malicious campaign targeting users with the CryptoChameleon phishing kit, tied to cryptocurrency theft and combining social engineering tactics. The kit previously targeted FCC employees and cryptocurrency platforms, impersonating various services. LastPass discovered its inclusion in the phishing kit and urges vigilance against suspicious communications, advising not … Read more
April 15, 2024 at 10:58AM Hackers breached a telephony provider used by Cisco Duo, potentially compromising SMS and VoIP MFA logs. No message contents were accessed, but data like phone numbers and location could be used for phishing. The breach was identified, and security measures have been taken. Customers are urged to be vigilant against … Read more
April 12, 2024 at 03:02PM The FBI issued a warning about a large-scale SMS phishing attack targeting Americans, with scammers posing as road toll collection services. The attacks, ongoing since March 2024, have received over 2,000 complaints. The phishing messages claim recipients owe unpaid tolls and include fake links. Several toll services and law enforcement … Read more
January 4, 2024 at 06:42AM Mandiant’s social media account was hacked and used to promote a fraudulent cryptocurrency website. The hacker temporarily renamed the account and spurred users to visit the deceptive site. Despite recovery attempts, the hijacker briefly regained control. Major web browsers have flagged the fraudulent site, coinciding with a report on dark … Read more
December 21, 2023 at 05:40PM New data from EasyDMARC shows a 7.5% increase in intercepted phishing emails from January 2022 to November 2023. The research tracked a rise in flagged emails imitating legitimate domains and a 24% increase in potentially harmful emails per domain. The CEO emphasizes the need for businesses to implement email authentication … Read more