Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
193 Results
Aug 2023: Geek Squad-Themed Lures Used in TOAD Attacks
Recent phishing emails are masquerading as notifications alerting the recipient to an automatic renewal of Best Buy’s Geek Squad Total Protect & Webroot Advance Threat Protection. The emails, however, do not use Best Buy sending addresses. Unlike many traditional phishing attacks, the emails do not include malicious links or attachments. Instead, recipients are told to call a phone number in the email for any questions regarding the service.
Jul 2023: Phishing Attacks Use Fight-Themed Lure to Spread Malware
Cybercriminals have launched a series of phishing attacks that claim to inform the recipient of physical altercations between employees and equipment damage at a worksite. The lures include a malicious attachment allegedly containing a video of the altercation.
June 2023: Phishing Attacks Use Compromised Microsoft Office 365 Accounts
Cybercriminals have launched phishing attacks leveraging compromised Microsoft Office 365 accounts.The lures include .rpsmg file attachments, as well as embedded URLs hidden behind a “Read the Message” button. Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.
May 2023: Phishing Attacks Impersonate Secure Share Providers
Attackers have launched a series of phishing attacks impersonating reputable secure share providers, which are used for securely sharing files. The lures contain links or attachments containing the supposed document. Interacting with the link or attachment leads to the installation of credential harvesting malicious software (malware). The sending address for the emails does not match the expected company domain for the secure share provider.
May 2023: URL Shortening Service Widely Abused in Attacks
Cybercriminals have started using the URL shortening service clck[.]ru in widespread phishing attacks in April. The nature of these attacks and the lures used vary greatly. However, the attacks encourage recipients to click on a shortened URL ending in [.]ru.
Jan 2023: Campaign Uses Paycheck Fax-Themed Lure
Cybercriminals have launched a series of phishing attacks using an emailed fax of an alleged paycheck as a lure.
Dec 2022: Phishing Campaign Distributing Christmas Bonus-Themed Lure
Cybercriminals have launched a series of phishing attacks using the promise of a paid Christmas bonus as a lure.
Nov 2022: Amazon-Themed Lures Distributed Via Zoom
Cybercriminals have launched a series of malicious email attacks impersonating an Amazon package order confirmation.The attack uses Amazon-branded emails delivered from a Zoom sending address, as threat actors are abusing Zoom’s infrastructure.The emails prompt recipients to click a link to download an invoice for order details.
Jun 2023: Hijacked Email Threads Spread Malicious Software
Cybercriminals have launched phishing attacks that hijack legitimate email threads to deliver malicious URLs. Attackers hijack email threads to further increase the believability of the attacks.
May 2023: AI-Themed Phishing Lures Distribute Threats
Cybercriminals have launched a campaign distributing malware with an AI-themed lure. The lure purports to be from an “Information Technology Manager” regarding a mandatory system update for employees.