0ktapus: Twilio, Cloudflare phishers targeted 130+ organizations
Group-IB has discovered that the recently disclosed phishing attacks on the employees of Twilio and Cloudflare were part of the massive phishing campaign that resulted in …
New social engineering tactics discovered in the wild
In this Help Net Security video, Otavio Freire, President and CTO at SafeGuard Cyber, offers insight on new social engineering tactics discovered in the wild, and illustrates …
Escanor malware delivered in weaponized Microsoft Office documents
Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 500 worldwide, identified a new RAT (Remote Administration Tool) advertised in Dark Web and Telegram …
Identity crimes reach all-time high
The Identity Theft Resource Center (ITRC) has published a report that looks at the identity crimes committed against individuals as reported by the victims of those crimes. In …
How bad actors are utilizing the InterPlanetary File Systems (IPFS)
With the continued rise in adoption of cloud services, bad actors are utilizing the InterPlanetary File System (IPFS) as a new playing ground for phishing attacks. In fact, …
LogoKit update: The phishing kit leveraging open redirect vulnerabilities
Resecurity identified threat actors leveraging open redirect vulnerabilities in online services and apps to bypass spam filters to ultimately deliver phishing content. Using …
Phishing campaign targets Coinbase wallet holders to steal cryptocurrency in real-time
In this video for Help Net Security, Nick Ascoli, VP of Threat Research, PIXM, discusses a multilayered phishing campaign targeting cryptocurrency exchange Coinbase. Attackers …
How to spot deep-faked candidates during interviews
The FBI recently issued a warning that malicious attackers are using deepfakes to apply for a variety of remote work positions via virtual interviews over the internet. These …
The most impersonated brand in phishing attacks? Microsoft
Vade announced its H1 2022 Phishers’ Favorites report, a ranking of the top 25 most impersonated brands in phishing attacks. Microsoft came in at #1 on the list, followed by …
Major shifts and the growing risk of identity fraud
Traditional identity fraud losses, caused by criminals illegally using victims’ information to steal money, exploded in 2021 to $24 billion — an alarming 79% increase over …
How to identify and combat online fraud
As the popularity of Buy Now, Pay Later (BNPL) grows, organizations and consumers must remain vigilant or risk becoming a victim of fraud, as account takeover attacks – where …
The rise and continuing popularity of LinkedIn-themed phishing
Phishing emails impersonating LinkedIn continue to make the bulk of all brand phishing attempts; according to Check Point, 45% of all email phishing attempts in Q2 2022 …