Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
78 Results
Aug 2023: Lawsuit-Themed Lures Spread Malware
Threat Alert: Phishing Attacks Use Lawsuit-Themed Lures to Spread Malicious Scripts
Aug 2023: USDA-Themed Lures Use Embedded URLs, QR Codes to Harvest Email Credentials
Threat Alert: USDA-Themed Lures Harvest Email Credentials
Aug 2023: Phishing Attacks Abuse Proofpoint Branding
Threat Alert: Phishing Attacks Abuse Proofpoint Branding
Aug 2023: Geek Squad-Themed Lures Used in TOAD Attacks
Threat Alert: What to Watch For Recent phishing emails are masquerading as notifications alerting the recipient to an automatic renewal of Best Buy’s Geek Squad Total Protect & Webroot Advance Threat Protection. The emails, however, do not use Best Buy sending addresses. Unlike many traditional phishing attacks, the emails do not include malicious links or attachments.
Jul 2023: Phishing Attacks Use Fight-Themed Lure to Spread Malware
Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks that claim to inform the recipient of physical altercations between employees and equipment damage at a worksite. The lures include a malicious attachment allegedly containing a video of the altercation.
Jun 2023: Phishing Attacks Use Compromised Microsoft Office 365 Accounts
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks leveraging compromised Microsoft Office 365 accounts. The lures include .rpsmg file attachments, as well as embedded URLs hidden behind a “Read the Message” button. Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.
May 2023: Phishing Attacks Impersonate Secure Share Providers
Threat Alert: What to Watch For Attackers have launched a series of phishing attacks impersonating reputable secure share providers, which are used for securely sharing files. The lures contain links or attachments containing the supposed document. Interacting with the link or attachment leads to the installation of credential harvesting malicious software (malware).
May 2023: URL Shortening Service Widely Abused in Attacks
Threat Alert: What to Watch For Cybercriminals have started using the URL shortening service clck[.]ru in widespread phishing attacks in April. The nature of these attacks and the lures used vary greatly.
Dec 2022: Microsoft OneDrive and QR Codes Used in Phishing Campaign
Threat Alert: What to Watch For Recent email-based attacks have used compromised Microsoft OneDrive accounts to send phishing emails. These emails encourage recipients to click a link to view a shared document. The OneDrive links lead targets to shared PDF documents containing quick response (QR) codes.
Jun 2023: Hijacked Email Threads Spread Malicious Software
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks that hijack legitimate email threads to deliver malicious URLs. Attackers hijack email threads to further increase the believability of the attacks.