Tag: impersonation
19 articles

Dutch Police Expose Suspects in Odido Hacking Case
The Dutch National Police have cracked the Odido hacking case, revealing that suspects impersonated an IT employee in a phone call with customer service, tricking the company into divulging sensitive info through phishing. This clever ruse led to a massive data theft in February.

Microsoft Teams Users Targeted by Fake IT Support Scam
Beware of fake IT support scammers on Microsoft Teams who are tricking unsuspecting workers into installing malware by posing as tech support staff. These impostors are using the popular collaboration platform to deceive and compromise employee devices.

Cybercriminals Impersonate IT Personnel in Targeted Attacks
Cybercriminals are now masquerading as IT personnel to launch targeted attacks, with the FBI warning that law firms and professional sectors are prime targets. This new tactic allows groups like the Silent Ransom Group to swiftly access and exfiltrate sensitive data, often without encrypting systems.

Hackers exploit auth flaw in Burst Statistics WordPress plugin
A critical bug in the Burst Statistics WordPress plugin, affecting 200,000 sites, allows hackers to impersonate administrators and gain unauthorized access. This alarming vulnerability, already showing signs of exploitation, puts countless websites at risk.

Phishing Exploits Persist, Breaching Half of UK Businesses
Phishing attacks remain a major threat, with nearly half of UK businesses falling victim to these scams in the past year, and a staggering 85% of breaches involving phishing as the primary entry point. These attacks often rely on human error, using tactics like impersonation emails and fake logins to trick staff into handing over sensitive information.

NASA Targeted in Chinese Phishing Scheme for U.S. Defense Software
For years, unsuspecting NASA employees and collaborators were duped into sharing sensitive US defense software with a Chinese national masquerading as a colleague, in a brazen phishing scheme that went undetected for years. The scam funneled top-secret aerospace and defense tech to the imposter, violating US export control laws in the process.

Windows RPC Exposes New Local Privilege Escalation Technique
A newly discovered technique allows hackers to easily escalate their privileges to SYSTEM level on Windows systems, using a vulnerability in the Remote Procedure Call stack. This alarming exploit relies on clever manipulation of Security Quality of Service parameters and impersonation levels.

Threat Actors Exploit Microsoft Teams for SNOW Malware Deployment
Cyber attackers are exploiting Microsoft Teams by impersonating IT helpdesk staff, tricking victims into accepting chats from unfamiliar accounts and deploying SNOW malware. They start by flooding inboxes with urgent emails, then pose as IT support over Teams, offering to fix the problem.

Malicious Apps Infiltrate Apple's China Store, Target Crypto Wallets
Scammers have infiltrated Apple's China App Store with 26 fake cryptocurrency wallet apps, cleverly disguised as popular wallets like Metamask and Coinbase, to steal sensitive recovery phrases and drain users' digital assets. These malicious apps put unsuspecting crypto investors at risk of losing their hard-earned money.

Impersonator Exploits Slack to Target Linux Developers
A clever impersonator tricked Linux developers on Slack by posing as a trusted official, leading them to click a link that seemed harmless but actually handed over their credentials and development environment. This sneaky attack used Google-hosted pages to disguise a bogus root certificate, catching developers off guard.

Teams Flaw: Stunning Reveal of Critical Boss Spoofing
A newly revealed Microsoft Teams vulnerability let attackers convincingly impersonate executives, forge messages and even rewrite chat history—turning everyday collaboration into a pathway for fraud and data theft. Learn how Check Point’s findings expose the danger of boss‑spoofing and what organizations need to patch now.

North Korean IT personas: Exclusive Risky Threat Revealed
You won’t believe it until you see it: Okta uncovered convincing fake North Korean IT personas applying, interviewing, and even landing roles across tech, healthcare, finance and AI—using hiring pipelines as a stealthy route for espionage and exploitation. The takeaway: identity is the new perimeter, and companies must tighten onboarding, vetting and access controls before attackers turn routine hiring into a backdoor.

Facebook impersonation scams: Exclusive Risky Crackdown
Singapore is sounding the alarm after a spike in Facebook impersonation scams that have cheated residents and strained law enforcement, and officials are now publicly pressing Meta to act faster to protect users. If platforms don’t step up with better detection, verification and takedowns, trust — and people’s money and privacy — will keep eroding.

deepfake attack: Must-Have Best Defense Guide
When familiar voices and faces can be perfectly faked, trust — and your business — is suddenly vulnerable. With Gartner reporting 62% of organizations hit by a deepfake attack in the past year, now’s the time to tighten verification, train teams, and plan responses before reputations and finances are damaged.

cyber espionage: Dangerous Exclusive Threat to Trade
China-backed hackers impersonated a U.S. congressman to snoop on trade deliberations, using tailored spear-phishing to harvest credentials and gain persistent access to policymakers, think tanks and law firms. Proofpoint warns this stealthy campaign undermines trust in policymaking and shows why stronger email defenses, MFA and tighter operational security are urgently needed.

Impersonation as a service: Stunning and Dangerous Threat
Imagine your password doesn’t matter because someone can perfectly impersonate you — that’s the new reality as “impersonation as a service” blends deepfakes, scraped data, and skilled social engineers to trick businesses and people into handing over money and secrets. The fix isn’t just tech: smarter verification, AI detection, and simple habits like out-of-band confirmation can blunt the threat if organizations and users start assuming anyone can be imitated.

sniff 5G traffic: Stunning Risky toolkit exposed
Researchers unveiled Sni5Gect, an open-source toolkit that exploits timing gaps in 5G handshakes to sniff uplink and downlink traffic and force connection downgrades — all without deploying fake masts — raising fresh privacy and security alarms; its release underscores the urgent need for faster patches, stronger handshake protections, and layered defenses like end-to-end encryption.

law enforcement email accounts: Shocking Risk Exposed
For as little as $40, criminals can buy real law-enforcement and government email accounts on the dark web — and that cheap access lets them impersonate officials, steal data, and trick people into payments. Strengthening authentication, email protections, and simple verification habits is essential to protect trust and public safety.

AI impersonation: Stunning, Risky National Threat
Marco Rubio’s recent targeting by AI-generated voice and text impersonators shows how deepfake technology has jumped from scary speculation to a real threat that can erode trust and disrupt government communications. It’s a wake-up call for better verification, detection tools, and smarter policies to protect our institutions and public discourse.