Phishing

Bolster’s threat research team recently discovered an extensive brand impersonation effort targeting over 100 well-known clothes, footwear, and apparel firms. The peak phishing activity for this campaign occurred between November 2022 and February 2023, after becoming active around June 2022.   Nike, Puma, Asics, Vans, Adidas, Columbia, Superdry Converse, Casio, Timberland, Salomon, Crocs, Sketchers, The North […]

In today’s interconnected world, where digital communication and transactions dominate, phishing attacks have become an ever-present threat. By masquerading as trustworthy entities, phishing attacks deceive users and organizations into divulging sensitive information, such as passwords, financial data, and personal details. Phishing attacks, among the most prevalent techniques cyber criminals employ, can be straightforward yet highly […]

Google recently released new top-level domains (TLDs) like .dad, .phd, .mov, and .zip, raising concerns within the security community due to the potential confusion with file extensions, particularly .mov and .zip. A new phishing kit, “file archiver in the browser,” exploits ZIP domains by presenting fraudulent WinRAR or Windows File Explorer windows in the browser, […]

Phishing has been one of the greatest threats to organizations, growing year after year. Phishing attacks have contributed to 90% of data breaches in the past few years, which makes cybercriminals adapt to them, making their attacks much more successful. Zscaler has published a report indicating an increase of 47.2% in global phishing attacks. These […]

Google released the threat horizon report for April 2023, which showed multiple methods used by threat actors for evading security systems. Google’s Cybersecurity Action Team (GCAT) and Mandiant researched a list of techniques and methods used by threat actors over the period for penetrating the environments and other malicious activities. Cloud-Hosted Encrypted ZIP Files Evading […]

Telegram is becoming an increasingly popular platform for users as well as cyber-criminals. It has become a Mini Dark-web since 2021 when cyber threat actors have been using them. The services these threat actors offer vary from Automation of Phishing, selling Phishers kits, and setting up a custom phishing campaign for everyone willing to pay. […]

The email account of domain registrar Namecheap was compromised which led to a flood of DHL and MetaMask phishing emails that sought to steal the victims’ personal information and cryptocurrency wallets. Reports say the phishing attacks began at 4:30 PM ET and came from SendGrid, a company that Namecheap has previously utilized to send renewal […]

A Meta-Phish attack that could lead to the loss of personally identifiable information (PII), login information, and a Facebook profile link was discovered by Trustwave SpiderLabs. This recent phishing campaign tricks victims by using Facebook posts in its chain of attacks. The emails that were sent to the targets made it appear as though one […]

In Qatar, the 22nd FIFA World Cup began on November 20, 2022. This event sparked a new wave of cyberattacks. Threat actors targeted unsuspecting individuals with malicious activities that included the FIFA World Cup as a theme. The popularity of the FIFA World Cup is being abused by a number of scams, according to Cyble […]

There was an extensive phishing campaign that took advantage of YouTube as a vehicle for promoting the download and installation of cracked software and free games. In this campaign, attackers are abusing video tutorial that has the intention of tricking users into believing that the link provided in the video description is a link that […]

One of the interesting tricks used by LockBit affiliates is disguising their malware as copyright claims in order to trick users into infecting their devices with ransomware. There is a copyright violation notice sent through email to these users, apparently containing information that they are using media files without permission from the creators.  It is […]

People are increasingly sharing their personal information online, thanks to the rapid expansion of internet usage. As a result, malicious actors have access to a vast amount of personal information and financial transactions. Phishing is a very successful type of cybercrime that allows malicious actors to fool people and obtain sensitive information. Phishing is a […]

On 22nd February 2022, Ukrainian Police officials arrested a group of threat actors that were involved in a phishing campaign. They used a mobile replenishment service as their disguise to conduct various scams involving 70,000 stolen victim data. The Cyber Police department and the National police came together on this issue which seemed to have […]

Nobody enjoys falling victim to one of the many online scams which occur in the modern day. Phishing is arguably one of the worst of them all, especially as hackers utilise new techniques and are seemingly showing no signs of slowing down in today’s technology-based world, which essentially plays right into their hands. As technology […]

Security analysts at Area 1 Security have recently discovered a new sophisticated Office 365 phishing scam that is targeting the execs of the insurance and financial departments. The threat actors are hunting down the employees of insurance and financial departments through this Office 365 phishing scam to collect their precious credentials and launch BEC attacks.  […]