Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
105 Results
Apr 2023: Phishing Lures Abuse SAP Concur and DocuSign
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks using apparently compromised SAP Concur and DocuSign accounts to distribute malicious emails. The phishing lures use financial themes, such as an expense report on SAP Concur or a financial settlement document on DocuSign. The lures include malicious links.
Dec 2022: Microsoft OneDrive and QR Codes Used in Phishing Campaign
Threat Alert: What to Watch For Recent email-based attacks have used compromised Microsoft OneDrive accounts to send phishing emails. These emails encourage recipients to click a link to view a shared document. The OneDrive links lead targets to shared PDF documents containing quick response (QR) codes.
Jul 2023: HR Themed Phishing Attacks
Threat Alert: What to Watch For Cybercriminals have launched series of phishing attacks claiming to be from the recipient’s HR department. The lures use a variety of sender names like HR Alerts or HR Department; however, the actual sending address is not associated with a recipient’s company or HR department.
Dec 2022: Phish Alarm-Themed Lures Used in Credential Phishing Attacks
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks claiming to originate from a company help desk team.
Nov 2022: Amazon-Themed Lures Distributed Via Zoom
Threat Alert: What to Watch For Cybercriminals have launched a series of malicious email attacks impersonating an Amazon package order confirmation. The attack uses Amazon-branded emails delivered from a Zoom sending address, as threat actors are abusing Zoom’s infrastructure. The emails prompt recipients to click a link to download an invoice for order details.
Dec 2022: Phishing Campaign Distributing Christmas Bonus-Themed Lure
Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks using the promise of a paid Christmas bonus as a lure.
Feb 2023: Employee Termination-Themed Lure Spreads Malware
Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks using the threat of employee transfers and terminations as a lure.
Nov 2022: Twitter-Themed Lures Used in Credential Phishing Attacks
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks impersonating Twitter Services. The emails include links to lookalike landing pages that are designed to steal Twitter credentials and phone numbers. While the email display names make it appear the messages come from “Twitter Services,” the actual sending address is a Gmail account. The emails use the proposed change at Twitter of charging verified users a monthly fee to maintain their verification status.
Mar 2023: Invoice-Themed Phishing Lures Spreading Malware
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks using malicious invoice-themed attachments to spread malicious software (malware). The phishing attacks hijack legitimate email threads to deliver the phishing lures to further increase the believability of the attacks.
Jan 2023: Phishing Attacks Abuse Microsoft OneNote