Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
113 Results
Jan 2023: Compensation-Themed Phishing Lures Harvest Microsoft Credentials
Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks using timely email phishing lures related to annual compensation reviews and bonuses. The phishing emails encourage recipients to click a lure to confirm a payment-related change.
Mar 2023: Malicious OneNote Attachment Lures
Threat Alert: What to Watch For
Mar 2023: Attacks Spread Microsoft Teams-Themed Lures
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks using lures that impersonate Microsoft Teams meeting invites. The lures include a malicious link. Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.
May 2023: Phishing Kit Uses Finance-Themed Lures
Threat Alert: What to Watch For Cybercriminals are increasingly using phishing-as-a-service kits to build and distribute lookalike Microsoft Office 365 landing pages via phishing lures. The phishing lures can be customized to have a variety of different appearances or themes.
Oct 2023: Extortion-Themed Phishing Lures Spread Malicious Software
Threat Alert: Extortion-Themed Lure Spreads Malware Cybercriminals have launched a series of phishing attacks using extortion-themed lures regarding alleged explicit photos of the recipient. The messages come from compromised Flickr accounts and contain malicious URLs labeled to appear as explicit or vulgar. The messages threaten to share the photos and claim to have additional explicit images of the reci
Apr 2023: Phishing Lures Abuse SAP Concur and DocuSign
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks using apparently compromised SAP Concur and DocuSign accounts to distribute malicious emails. The phishing lures use financial themes, such as an expense report on SAP Concur or a financial settlement document on DocuSign. The lures include malicious links.
Dec 2022: Microsoft OneDrive and QR Codes Used in Phishing Campaign
Threat Alert: What to Watch For Recent email-based attacks have used compromised Microsoft OneDrive accounts to send phishing emails. These emails encourage recipients to click a link to view a shared document. The OneDrive links lead targets to shared PDF documents containing quick response (QR) codes.
Dec 2022: Phish Alarm-Themed Lures Used in Credential Phishing Attacks
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks claiming to originate from a company help desk team.
Jul 2023: HR Themed Phishing Attacks
Threat Alert: What to Watch For Cybercriminals have launched series of phishing attacks claiming to be from the recipient’s HR department. The lures use a variety of sender names like HR Alerts or HR Department; however, the actual sending address is not associated with a recipient’s company or HR department.
Nov 2022: Amazon-Themed Lures Distributed Via Zoom
Threat Alert: What to Watch For Cybercriminals have launched a series of malicious email attacks impersonating an Amazon package order confirmation. The attack uses Amazon-branded emails delivered from a Zoom sending address, as threat actors are abusing Zoom’s infrastructure. The emails prompt recipients to click a link to download an invoice for order details.