Overcooking the phish
This phishing campaign incorporates ghost spoofing, embedded text in images, a PDF file, a QR code, DocuSign imitation, and Cloudflare verification — yet it still completely misses the mark.
235 articles
This phishing campaign incorporates ghost spoofing, embedded text in images, a PDF file, a QR code, DocuSign imitation, and Cloudflare verification — yet it still completely misses the mark.
We’ve discovered a new Trojan that’s very selective about its victims.
Telegram bot sells subscriptions to phishing tools to hack Microsoft 365 accounts, including 2FA bypass.
Cybercriminals are using AitM techniques to compromise accounts of company executives. How do they do this, and how to protect against it?
“Gentle grafters” are attacking dishonest crypto users by imitating wallet leaks and manipulating their victims for months.
Scammers prepared carefully for this very sporty summer. First they targeted soccer fans during the Euros; now they’re setting their sights on spectators at the Paris 2024 Olympics. How can you stay safe from scams during the Games?
A turnkey home? A turnkey website? How about turnkey phishing? Scammers now sell turnkey phishing services to other scammers. Read on to find out how it works.
Developers’ accounts are being hijacked using fake job offers sent from a legitimate GitHub address.
A new phishing technique uses progressive web apps (PWAs) to mimic browser windows with convincing web addresses to steal passwords.
Tips on how to watch the UEFA Euro 2024 tournament while keeping your money safe and your mood good.
Cybercriminals are using genuine Facebook infrastructure to send phishing emails threatening to block accounts.
Two-factor authentication protects your account from theft — until you yourself give away your one-time password.
Scammers posing as buyers are targeting sellers on message boards. We explain the details of this scam, and offer tips for safe online trading.
Cybercriminals prey on corporate credentials by sending phishing links through Dropbox after priming the victim.
Can you catch malware by downloading files from Microsoft’s repositories on GitHub? Turns out, you can. Stay alert!
How to tell a real photo or video from a fake, and trace its provenance.
Got a message from your boss or coworker asking you to “fix a problem” in an unexpected way? Beware of scammers! How to protect yourself and your company against a potential attack.
Cybercriminals prey on access to mailing tools by sending phishing emails through these same tools.
Why cybercriminals want to attack PR and marketing staff and, crucially, how to protect your company from financial and reputational harm.
One-time codes and two-factor authentication securely protect you from account theft. If you receive such a code or a request to enter it when you aren’t logging in, it may be an attempt to hack into your account.