Jump to content

Search the Community

Showing results for tags 'phishing'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

  1. Attackers are exploiting the rapid adoption of cloud-based collaboration services such as Microsoft’s SharePoint Online and OneDrive by leveraging them as a social engineering tool to trick users into clicking on malicious links, often for the purpose of wire fraud or supply chain fraud. In an analysis this week, cybersecurity firm Proofpoint revealed that in the first half of 2020, it collected approximately 5.9 million email messages featuring malicious SharePoint Online and OneDrive links. While these emails constituted only about one percent of all messages
  2. Google’s security team has spotted the suspected Chinese hacking group APT 31 emailing links designed to ultimately download malware to spy on victims' computers. Chinese state-sponsored hackers may be impersonating antivirus provider McAfee in order to trick high-profile targets into downloading malware. The suspected Chinese hacking group, APT 31, has been resorting to the tactic, according to Google’s security team. Back in June, the company’s security researchers reported that APT 31 had been targeting Joe Biden’s Presidential campaign by sending phishi
  3. One-third of Canadians experienced a phishing scheme — a mode of cyberattack — during the COVID-19 pandemic, and a good portion of those people say the scam had to do with the pandemic itself. According to a new report from Statistics Canada, 34 per cent of Canadians dealt with a phishing scam, a sort of cybercrime that seeks to obtain confidential information such as usernames, passwords and credit card information. For many, though, the attack was very specific: Some people reported the scheme was framed in terms of getting COVID-19 test results; s
  4. New Netflix phishing scam uncovered - here’s how to stay safe Netflix phishing scam uses CAPTCHA form to create sense of legitimacy (Image credit: Shutterstock / sitthiphong) Security analysts have uncovered a dangerous and highly convincing new Netflix phishing scam, capable of evading traditional email security software. Identified by researchers at Armorblox, the phishing email masquerades as a billing error alert, pressing the victim t
  5. Microsoft Office 365 users targeted in SurveyMonkey phishing SurveyMonkey used to hide phishing attacks against Microsoft Office 365 users Online polling service SurveyMonkey was used as a disguise for a potentially damaging phishing attack that targeted Microsoft Office 365 users. Researchers at Abnormal Security recently uncovered attempts to steal Office 365 user credentials using SurveyMonkey as cover. In the campaign, the victim receives an email from a genuine SurveyMonkey site, stating it is conducting a survey
  6. New phishing attack targets Zoom users to steal Office 365 credentials A new phishing attack is targeting Microsoft 365 (formerly Office 365) users in the form of an email notification for a Zoom account suspension. The email aims to steal users’ Microsoft 365 credentials. The attack was spotted and documented by Abnormal Security (via BleepingComputer). The attack seems familiar to the one that was spotted in May, where a fake Teams email would navigate users to a duplicate Office 365 login page. With the popularity and adoption of Zoom increasing
  7. Watch out - this VPN might be trying to steal your money Hackers use fake VPn messages to target remote workers (Image credit: Shutterstock / Ico Maker) Office 365 customers are being targeted by a phishing campaign that uses fake VPN update messages to steal login details. Security experts have flagged that the campaign looks to impersonate legitimate messages telling remote workers that they need to update their VPN configuration while working from home. The phishing emails used in the campaign are ma
  8. When in Doubt: Hang Up, Look Up, & Call Back Many security-conscious people probably think they’d never fall for a phone-based phishing scam. But if your response to such a scam involves anything other than hanging up and calling back the entity that claims to be calling, you may be in for a rude awakening. Here’s how one security and tech-savvy reader got taken for more than $10,000 in an elaborate, weeks-long ruse. Today’s lesson in how not to get scammed comes from “Mitch,” the pseudonym I picked for a reader in California who shared his harro
  9. Malicious phishing apps have once again made their way into the Google Play Store, this time imitating six online banks and a cryptocurrency exchange. ESET researchers spotted fake finance apps impersonating banks from New Zealand, Australia, the U.K., Switzerland and Poland, and the Austrian cryptocurrency exchange Bitpanda, according to a Sept. 19 blog post. The malicious apps imitated the Commonwealth Bank of Australia (CommBank) The Australia and New Zealand Banking Group Limited (ANZ), ASB Bank, TSB Bank, PostFinance, and Santander Bank Polska SA (forme
  10. ATO attacks steal a person's credentials and use them to send emails from their account, according to a recent Barracuda Networks report. Account takeover attacks (ATO), in which a person's credentials are stolen and used to send emails from their real account, often result in phishing attacks being sent from the victim's account, according to a Barracuda Networks report, released Thursday. Out of the 60 total ATO incident recorded, 78% led to phishing emails, said the report. Barracuda randomly selected 50 organizations to study from April to June 2018. Th
  11. LUCKNOW: When Ashutosh, 24, approached an online agency for a home-tuition job, he was conned into a contract and whisked into a dim-lit room surrounded by women and asked to do body massage. Three others also fell victim to this online fraud. In another bizarre case, Preeti Singh, 38, employed with a bio-fertilizer firm, received an email on resignations of top executives, firm’s bankruptcy details and new products in the pipeline. Later, it was found that mail accounts of the honchos were hacked. These cases are a window to the sudden spurt in cybercrime in 2018 in the city
  12. Scammers Use Fake Copyright Notices to Steal Instagram Accounts Scammers are using fake copyright notices to obtain login credentials from Instagram users, cybersecurity firm Kaspersky reveals. The recipients are told that their account will be suspended for copyright infringement within 24 hours. They can, however, "verify" their account if they believe it's a mistake. There is no denying that many people spend several hours per day on their social media accounts. Those who gain enou
  13. Phishers are Angling for Your Cloud Providers Many companies are now outsourcing their marketing efforts to cloud-based Customer Relationship Management (CRM) providers. But when accounts at those CRM providers get hacked or phished, the results can be damaging for both the client’s brand and their customers. Here’s a look at a recent CRM-based phishing campaign that targeted customers of Fortune 500 construction equipment vendor United Rentals. Stamford, Ct.-based United Rentals [NYSE:URI] is the world’s largest equipment rental company, with some 18,000 employees and
  14. Excel is being used as fresh bait for phishers- here’s how Evil Corp has found a new way to phish their victims- using Microsoft Excel documents. The cybercrime group, also known as TA505 and SectorJo4, are financially motivated cybercriminals. They’re renowned for targeting retail companies and financial institutions with large-sized malicious spam campaigns, using Necurs botnet; but now, they’ve adopted a new technique. In their latest scam, they’re sending attachments featuring HTML redirectors with malicious Excel documents. Through the links, they’re distribu
  15. Phishing for Apples, Bobbing for Links Anyone searching for a primer on how to spot clever phishing links need look no further than those targeting customers of Apple, whose brand by many measures remains among the most-targeted. Past stories here have examined how scammers working with organized gangs try to phish iCloud credentials from Apple customers who have a mobile device that is lost or stolen. Today’s piece looks at the well-crafted links used in some of these lures. KrebsOnSecurity heard from a reader in South Africa who recently received a text message stati
  16. Microsoft said it got a court order to seize 50 websites used by a hacker group with ties to North Korea that targeted government employees, universities, human rights organizations and nuclear proliferation groups in the U.S., Japan and South Korea. The group, known as Thallium, uses the network of websites, domains and connected computers to send out “spear phising” emails. Hackers gather as much information on targets as they can to personalize messages and make them appear legitimate. When the target clicks on a link in the email, hackers are then able
  17. Crooks fail to hijack infosec bloke's site to dress it up as a legit Euro bank login page Think you have bad luck? Imagine being the script kiddie who inadvertently tried and failed to pwn an Akamai security pro. Larry Cashdollar, a senior security response engineer at the US-based global web giant, told us late last week he just recently noticed something peculiar in the logs on his personal website. Further investigation turned up signs of someone scanning for remote file inclusion (RFI) vulnerabilities. Anyone in charge of public-facing serve
  18. Last year my Twitter feed became full of stories and retweets about how Google “solved the phishing problem” using hardware multi-factor authentication (MFA) tokens. One such article covering this topic was “Google: Security Keys Neutralized Employee Phishing” by the venerable Brian Krebs. While I have a lot of respect for his work, I have to strongly disagree with the title of his blog post. If you haven’t already read the story, take a moment to familiarize yourself with it. I don’t want to be the one to crush your hopes and dreams, but, frankly, this is untr
  19. A new phishing campaign is underway that pretends to be from the "Office 365 Team" warning you that your email account cancellation has been approved and that all your email will be deleted unless you cancel the request within the hour. This particular phishing campaign is interesting as it uses an uncommon bait of the risk of losing all your email and a time limit to make you act quickly and potentially without thinking. These phishing emails have a subject line of "Urgent Request" and state that unless you want your email account to be canceled and your email to be deleted, you nee
  20. Should Failing Phish Tests Be a Fireable Offense? Would your average Internet user be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? Recently, I met someone at a conference who said his employer had in fact terminated employees for such repeated infractions. As this was the first time I’d ever heard of an organization actually doing this, I asked some phishing experts what they thought (spoiler alert: they’re not fans of this particular teaching approach).
  21. There’s nothing wrong with your PC - Microsoft is again the top phished brand this year Once again, Microsoft was granted the top spot as the most impersonated company, in this quarter’s Vade Secure’s Phishers’ Favourites report. Vade’s machine used learning algorithms to analyse data from more than 600 million protected mailboxes worldwide and performed real-time analysis of the URL and page content to identify the brand being impersonated. In Q2 2019, the AI engine detected 20,217 unique Microsoft phishing URLs- averaging at more than 222 per day; which is a 15.5%
  22. Two phishing campaigns have been targeting consumers of both the FIFA World Cup and one of its longtime partners, Adidas. One campaign attempts to lure victims into clicking on a malicious link under the guise of downloading a World Cup schedule of fixtures and a result tracker, while the second promises a “free” $50-per-month subscription for Adidas shoes. Today Check Point announced that it has discovered a new phishing campaign linked to the start of the World Cup that targets soccer fans. A known malware that is often used to install potentially unwanted programs (P
  23. When it comes to threats that put your business at risk, gaining visibility into attacks remains a challenge. New research shows that in 50% of cases over the past 12 months, organizations had insufficient endpoint or network visibility to respond successfully. According to cybersecurity specialist Secureworks’ Incident Response Insights Report, which is based on the analysis of real-world attacks, there has been increasing complexity when it comes to nation-state efforts. As a result, these take 500% longer to find. Meanwhile, the top three industries most
  24. DARPA-funded white hat emits timeless advice AppSec EU IT admins should focus on the fundamentals of network security, rather than worry about sophisticated state-sponsored zero-day attacks, mobile security expert Georgia Weidman told London's AppSec EU conference on Thursday. Weidman, founder and CTO of mobile security testing firm Shevirah, cut her teeth in the industry six years ago mingling with the black hat crowd, where elite security researchers tried to outdo each other with exotic exploits, and looked down their noses at attacks based on phi
  25. Scam emails have come a long way from requests for money from far-flung lonely hearts, or investment opportunities from dubious overseas princes. These days, email scammers are cannier than ever at imitating legitimate brands to trick victims. With 26 percent of U.S. adults saying they are “almost constantly” online, according to Pew Research, this is now the most likely place for identity theft to occur. Often, ID fraud can begin with the wrong click on a scam email. How can you best prep to avoid online scams? By studying the most recent ones, and learning
  • Create New...