Facebook 2FA scammers return – this time in just 21 minutes
Credit to Author: Paul Ducklin| Date: Wed, 13 Jul 2022 16:46:14 +0000
Last time they arrived 28 minutes after lighting up their fake domain… this time it was just 21 minutes
Read morephishing
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud
Credit to Author: Paul Oliveria| Date: Tue, 12 Jul 2022 16:00:00 +0000
A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).
The post From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud appeared first on Microsoft Security Blog.
Read moreThat didn’t last! Microsoft turns off the Office security it just turned on
Credit to Author: Paul Ducklin| Date: Mon, 11 Jul 2022 13:27:10 +0000
An Office anti-malware setting that took more than 20 years to arrive… and fewer than 20 weeks to vanish again.
Read moreVerified Twitter accounts phished via hate speech warnings
Credit to Author: Christopher Boyd| Date: Wed, 06 Jul 2022 15:17:39 +0000
We take a look at reports that verified Twitter accounts are being targeted by scammers with claims of hate speech.
The post Verified Twitter accounts phished via hate speech warnings appeared first on Malwarebytes Labs.
Read moreDiscord Shame channel goes phishing
Credit to Author: Christopher Boyd| Date: Wed, 06 Jul 2022 15:09:03 +0000
We take a look at reports that a Discord channel is being used to scare users into handing over login credentials.
The post Discord Shame channel goes phishing appeared first on Malwarebytes Labs.
Read moreFacebook 2FA phish arrives just 28 minutes after scam domain created
Credit to Author: Paul Ducklin| Date: Fri, 01 Jul 2022 20:01:31 +0000
The crooks hit us up with this phishing email less than half an hour after they activated their new scam domain.
Read moreA week in security (June 20 – June 26)
Credit to Author: Malwarebytes Labs| Date: Mon, 27 Jun 2022 09:30:06 +0000
The most important and interesting computer security stories from the last week.
The post A week in security (June 20 – June 26) appeared first on Malwarebytes Labs.
Read moreRogue cryptocurrency billboards go phishing for wallets
Credit to Author: Christopher Boyd| Date: Thu, 23 Jun 2022 15:15:21 +0000
We take a look at reports of rogue cryptocurrency billboards out to phish wallet details from unwary victims.
The post Rogue cryptocurrency billboards go phishing for wallets appeared first on Malwarebytes Labs.
Read morePolice seize and dismantle massive phishing operation
Credit to Author: Malwarebytes Labs| Date: Thu, 23 Jun 2022 10:20:58 +0000
Europol, the Belgian police, and the Dutch police, have apprehended members of a cybercriminal gang involved in phishing and other fraud.
The post Police seize and dismantle massive phishing operation appeared first on Malwarebytes Labs.
Read moreWatch out for the email that says “You have a new voicemail!”
Credit to Author: Pieter Arntz| Date: Wed, 22 Jun 2022 09:24:27 +0000
An email campaign lures users with a voicemail notification to enter their Office 365 credentials on a fake login page.
The post Watch out for the email that says “You have a new voicemail!” appeared first on Malwarebytes Labs.
Read more