Tag: phishing
689 articles

INTERPOL Warns of Rising Cybercrime in Asia-Pacific
Cybercriminals are wreaking havoc in Asia-Pacific, using cutting-edge tactics like AI and ransomware to scam and steal on a massive scale. Phishing is the region's most costly and widespread crime, with a third of countries reporting over 10,000 cases in just 15 months.

Cybercriminals Worry AI Tools Will Disrupt Their Illicit Trade
Cybercriminals are getting anxious about the impact of AI tools on their illicit trade, and experts warn that now is the time for organizations to step up their cyber hygiene game with measures like timely patching, multifactor authentication, and passkey use. By prioritizing these defenses, businesses can stay ahead of emerging threats, including AI-assisted attacks.

Malware Campaign Exploits Fake Reviews to Spread Crypto Clipper
A single threat actor cleverly mimicked legitimate brands to spread Crypto Clipper Malware, using fake reviews, tutorial videos, and promotions on trusted platforms to manufacture credibility for a malicious crypto tool. They created a convincing illusion of a trusted product, complete with inflated download counts and coordinated five-star reviews.

Sniper Dz Scams Target MENA Users with Fake Offers and Browser Exploits
Scammers are targeting people in the Middle East and North Africa with fake offers of free mobile internet, financial rewards, and government subsidies, using fraudulent Facebook accounts to trick victims into divulging sensitive info. These Sniper Dz scams impersonate trusted figures and organizations to lure users in with enticing deals.

Google Sues Alleged Chinese Phishers Over AI-Powered Fraud Ops
Google is taking a stand against scammers, suing a Telegram-based group called "Outsider Enterprise" for allegedly sending millions of AI-powered scam texts and impersonating trusted brands. The lawsuit aims to put a stop to their large-scale fraud operations.

Threat Actors Exploit Microsoft Teams for Phishing Attacks
Phishing attacks are getting smarter, with threat actors now using trusted platforms like Microsoft Teams to target unsuspecting employees, accounting for 42% of all phishing alerts in just the first four months of 2026. These sneaky messages can land directly in your feed, masquerade as internal IT support, and trick you into taking action with alarming ease.

North Korea Targets Developers with 250 Fake Job Offers in Credential Heist
In a sneaky credential heist, hackers sent over 250 fake job offers to developers at nearly 100 US organizations, disguising phishing attempts as recruitment messages. The six-week scam targeted professionals in tech, education, and finance.

Android Malware NFCShare Targets Europe Banks via GitHub Updates
Malicious actors are using GitHub to spread new variants of the NFCShare Android malware, disguising them as banking app updates to target customers of European banks. Victims are first lured into downloading the malware through phishing sites that mimic real banks, where they're prompted to install a fake update.

WhatsApp Disrupts NSO Group's Spyware Phishing Campaigns
Meta's WhatsApp team swiftly sprang into action, disrupting a sophisticated spyware phishing campaign linked to the NSO Group after investigating user reports of targeted social-engineering attacks. They successfully stopped the attackers' attempts to trick people into clicking malicious links that could have put their data at risk.

North Korean Hackers Exploit Coding Lures to Steal Crypto Credentials
In a sneaky move, North Korean hackers sent over 250 emails with innocent-looking coding tasks to nearly 100 US-based organizations, tricking them into handing over cryptocurrency credentials. The clever phishing scam, tracked as UNK_DeadDrop, targeted tech, education, and finance firms, with a special focus on cryptocurrency companies.

FIFA World Cup Scams Explode Ahead of 2026 Kickoff
As the 2026 FIFA World Cup approaches, scammers are kicking off their own game, with over 4,300 fraudulent domains and countless ticket scams, counterfeit merchandise, and banking malware already in circulation. With ticket requests exceeding 150 million and millions of fans eagerly awaiting kickoff, attackers are cashing in on scarcity and anxiety.

Cybercriminals Target FIFA World Cup 2026 with Sophisticated Scams
As the 2026 FIFA World Cup approaches, cybercriminals are gearing up to scam unsuspecting fans with sophisticated ticketing scams, counterfeit sites, and panic-inducing mechanics. Experts warn that this major event has become a prime target for cyberattacks, with thousands of fraudulent domains and fake Facebook ads already circulating.

Google DoubleClick Exploited in Malspam Campaign Delivering DesckVB RAT
Cyber attackers are cleverly using Google's DoubleClick to disguise malicious emails, routing victims through a legitimate domain that often flies under the radar of security tools. By exploiting this trusted platform, hackers can easily trick people into downloading the DesckVB RAT malware.

UK Firms Bolster Defenses Against AI-Powered Cyber Attacks
UK organizations are bracing themselves for a perfect storm of cyber threats, with AI-powered attacks topping the list of concerns as the most pressing risk over the next year. In fact, 43% of UK respondents rank AI-powered attacks as their biggest worry, surpassing traditional threats like ransomware and phishing.

Hackers Exploit ChatGPT Features in Malware Phishing Campaigns
Hackers are exploiting ChatGPT's features to create convincing phishing pages that trick victims into downloading malware, using the platform's code-rendering feature to build fake pages that appear legitimate. These attacks cleverly use trusted ChatGPT domains to evade detection, making them harder to spot.

Threat Actors Exploit ChatGPT Sharing Feature to Deliver Malware
Malicious actors are exploiting ChatGPT's sharing feature to spread malware, using convincing fake outage messages to trick users into downloading malicious desktop applications. They even hijacked Google ads to make their scam look legit.

FBI Warns of World Cup Phishing Sites Targeting Fans
Don't get scammed out of your World Cup tickets! A massive phishing operation, tracked as Ghost Stadium, has set up over 300 fake FIFA websites to trick fans into buying premium tickets to the 2026 tournament.

Fraudsters Target World Cup Fans with 4300 Fake FIFA Domains
Scammers are gearing up to target FIFA World Cup fans with a massive network of over 4,300 fake domains, a recent analysis revealed. These fraudulent sites, linked to six distinct scams and four threat actors, are currently dormant but ready to be activated as the 2026 tournament approaches.

FBI Warns of In-Person Data Theft Attacks by Extortion Gang
The FBI has issued a warning about a sneaky new tactic used by the notorious Silent Ransom Group: showing up in person to steal sensitive data, after gaining trust through clever phishing and phone scams. This brazen approach combines remote access tricks with physical presence at victim sites, marking a chilling evolution in their extortion methods.

BTMOB Android RAT Exploits No-Code Tools in Global Phishing Campaigns
A single malicious download can put an entire company's sensitive data at risk, so it's crucial for corporate security teams to educate employees on the dangers of rogue apps.

Iranian Hackers Deploy AI-Backed MiniFast Backdoor via Phishing and SEO Poisoning
Iranian hackers have escalated their cyber attacks, leveraging AI-powered tools to craft malware and targeting key sectors like aviation, defense, and telecommunications across the US, Europe, and the Middle East. Their sophisticated tactics, including phishing and SEO poisoning, have allowed them to spy on organizations with alarming speed and efficiency.

Iran-Linked Hackers Target US Aviation with Sophisticated Phishing and SEO Poisoning
Meet Nimbus Manticore, an Iran-linked hacking group that's back with a vengeance, using clever phishing and SEO poisoning tactics to target the US aviation industry in a series of sophisticated attacks. Their latest campaign, which ran from February to April 2026, marked a significant expansion into aviation, defense, and telecommunications.

FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Accounts
Beware of Kali365, a sneaky phishing service that's hijacking Microsoft 365 accounts by exploiting a legitimate authentication flow - and it's happening fast, with the platform emerging as recently as April 2026. This clever trick uses a short code to trick victims into handing over control of their accounts.

Ghostwriter Exploits Ukraine Government with Prometheus Phishing Malware
Malicious actors known as Ghostwriter have launched a cunning phishing campaign targeting Ukraine's government, using emails that appear to come from trusted sources and contain links to a seemingly harmless learning platform, Prometheus. These emails contain a hidden threat that can download malware onto victims' devices.