phishing – Page 9 – PossibleThreat Articles

MalwareBytes Security

PayPal phishing campaign goes after more than just your login credentials

July 19, 2022 0 Comments Akamai, akamai security research, Paypal, paypal phishing, phishing, phishing kit, Social engineering

Credit to Author: Jovi Umawing| Date: Tue, 19 Jul 2022 13:14:05 +0000

Scammers have created a PayPal phishing campaign that extensively asks for sensitive information, including government IDs and headshot photos.

The post PayPal phishing campaign goes after more than just your login credentials appeared first on Malwarebytes Labs.

Security Sophos

Facebook 2FA scammers return – this time in just 21 minutes

July 18, 2022 0 Comments 2fa, facebook, phishing, Privacy, Scam

Credit to Author: Paul Ducklin| Date: Wed, 13 Jul 2022 16:46:14 +0000

Last time they arrived 28 minutes after lighting up their fake domain… this time it was just 21 minutes

Security Sophos

That didn’t last! Microsoft turns off the Office security it just turned on

July 18, 2022 0 Comments macro, malware, Microsoft, office, phishing, vba

Credit to Author: Paul Ducklin| Date: Mon, 11 Jul 2022 18:27:10 +0000

An Office anti-malware setting that took more than 20 years to arrive… and fewer than 20 weeks to vanish again.

Security Sophos

Facebook 2FA scammers return – this time in just 21 minutes

July 13, 2022 0 Comments 2fa, facebook, phishing, Privacy, Scam

Credit to Author: Paul Ducklin| Date: Wed, 13 Jul 2022 16:46:14 +0000

Last time they arrived 28 minutes after lighting up their fake domain… this time it was just 21 minutes

Microsoft Security

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

July 12, 2022 0 Comments business email compromise (bec), cybersecurity, Microsoft security intelligence, phishing

Credit to Author: Paul Oliveria| Date: Tue, 12 Jul 2022 16:00:00 +0000

A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).

The post From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud appeared first on Microsoft Security Blog.

Security Sophos

That didn’t last! Microsoft turns off the Office security it just turned on

July 11, 2022 0 Comments macro, malware, Microsoft, office, phishing, vba

Credit to Author: Paul Ducklin| Date: Mon, 11 Jul 2022 13:27:10 +0000

An Office anti-malware setting that took more than 20 years to arrive… and fewer than 20 weeks to vanish again.

MalwareBytes Security

Verified Twitter accounts phished via hate speech warnings

July 6, 2022 0 Comments account, phish, phishing, Scam, Social engineering, twitter, verified

Credit to Author: Christopher Boyd| Date: Wed, 06 Jul 2022 15:17:39 +0000

We take a look at reports that verified Twitter accounts are being targeted by scammers with claims of hate speech.

The post Verified Twitter accounts phished via hate speech warnings appeared first on Malwarebytes Labs.

MalwareBytes Security

Discord Shame channel goes phishing

July 6, 2022 0 Comments discord, fake, phishing, QR code, scams, Server, shame, theft

Credit to Author: Christopher Boyd| Date: Wed, 06 Jul 2022 15:09:03 +0000

We take a look at reports that a Discord channel is being used to scare users into handing over login credentials.

The post Discord Shame channel goes phishing appeared first on Malwarebytes Labs.

Security Sophos

Facebook 2FA phish arrives just 28 minutes after scam domain created

July 1, 2022 0 Comments 2fa, data loss, facebook, phishing, Privacy, Scam

Credit to Author: Paul Ducklin| Date: Fri, 01 Jul 2022 20:01:31 +0000

The crooks hit us up with this phishing email less than half an hour after they activated their new scam domain.

MalwareBytes Security

A week in security (June 20 – June 26)

June 27, 2022 0 Comments 311, 7-zip, A week in security, APT28, catfishing, chrome, conti, conti ransomware, cryptocurrency, cryptocurrency scam, cybersecurity emergency, DDoS, DDoS-for-hire, dfscoerce, FBI, internet safety month, LinkedIn, linkedin scam, Magecart, mark of the web, mega, ntlm relay attack, phishing, PowerShell, Ransomware, vacation cybersecurity, vacation privacy, voicemail phishing

Credit to Author: Malwarebytes Labs| Date: Mon, 27 Jun 2022 09:30:06 +0000

The most important and interesting computer security stories from the last week.

The post A week in security (June 20 – June 26) appeared first on Malwarebytes Labs.