Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
105 Results
Apr 2023: Tax-Themed Lures Distribute Malware
Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks using a timely tax-themed lure. The lures imitate the sharing of 2022 tax documents via a Citrix ShareFile link. The lures note that the download expires on April 18, 2023, the tax-filing deadline in the United States.
Feb 2023: Phishing Attacks Use Earthquake-Themed Lures
Threat Alert: What to Watch For Cybercriminals have launched multiple phishing attacks attempting to take advantage of the humanitarian crisis in Turkey and Syria following the earthquake. These attacks are intended to steal recipient’s funds or to lead to the installation of malicious software (malware). As multiple attacks are exploiting this crisis, lures will appear different.
June 2023: Phishing Attacks Abuse Valid Web Traffic Tool
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks abusing legitimate tools that are used to direct web traffic. Phishing lures contain an embedded URL that leads to a lookalike Google Chrome update site. Downloading the fake Google Chrome update installs a legitimate tool used for remotely monitoring and supporting computers.
May 2023: URL Shortening Service Widely Abused in Attacks
Threat Alert: What to Watch For Cybercriminals have started using the URL shortening service clck[.]ru in widespread phishing attacks in April. The nature of these attacks and the lures used vary greatly.
Sep 2023: Phishing Lure Uses Potential Employment Status Theme
Threat Alert: Employment Status-Themed Phishing Lures Cybercriminals have launched a series of phishing attacks using concerns over the recipient’s employment status legality as a lure. The lures contain a link purportedly related to employment status documentation. Key Actions (at Work and at Home)
Feb 2023: Phishing Attacks Distribute IRS Notice-Themed Lures
Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks using timely tax-themed lures. While the email from field says “Irs notice” and then the name of the organization, the sending address is a Madwire account. The phishing emails contain an HTML attachment allegedly containing delivery details about a tax related USPS letter.
Dec 2023: Christmas-Themed Lures Steal User Credentials
Threat Alert: Christmas-Themed Lures Steal User Credentials Cybercriminals have launched a series of phishing attacks using an allegedly upcoming Christmas party as a theme. The phishing lures contain an HTML attachment that allegedly contains details relevant to the party. Opening the attachment leads to a lookalike Microsoft Outlook login page that steals any entered credentials. Key Actions (at Work and at Home)
Mar 2023: Attacks Use Silicon Valley Bank-Related Lures
Threat Alert: What to Watch For Following the collapse of Silicon Valley Bank (SVB), cybercriminals have launched phishing attacks to take advantage of the high-profile event. One widespread lure impersonates Circle, the peer-to-peer payments company that manages the cryptocurrency USDC. The lure encourages recipients to click an offer link to redeem a one-to-one exchange between the cryptocurrency USDC and the U.S.
Apr 2023: Okta-Themed Lures Harvest Microsoft Credentials
Threat Alert: What to Watch For Cybercriminals have launched Okta-branded phishing attacks encouraging recipients to follow a link to resynchronize their Okta and Microsoft accounts. Clicking on the link leads to a credential phishing kit that redirects the user to a lookalike Microsoft login page.
Mar 2023: Global Phishing Campaigns Using Tax Season Lures
Threat Alert: What to Watch For Cybercriminals have launched numerous, different phishing attacks using timely tax-themed lures. As multiple attacks are leveraging this topic, the lures will appear different.