Skip to main content

Tag: phishing

689 articles

Person looks concerned while viewing laptop screen in modern office setting.

INTERPOL Warns of Rising Cybercrime in Asia-Pacific

Cybercriminals are wreaking havoc in Asia-Pacific, using cutting-edge tactics like AI and ransomware to scam and steal on a massive scale. Phishing is the region's most costly and widespread crime, with a third of countries reporting over 10,000 cases in just 15 months.

Analyst 207
Dimly lit underground market scene with old and new tech, hooded figures in background.

Cybercriminals Worry AI Tools Will Disrupt Their Illicit Trade

Cybercriminals are getting anxious about the impact of AI tools on their illicit trade, and experts warn that now is the time for organizations to step up their cyber hygiene game with measures like timely patching, multifactor authentication, and passkey use. By prioritizing these defenses, businesses can stay ahead of emerging threats, including AI-assisted attacks.

Analyst 207
Laptop screen on a desk in a brightly-lit indoor setting with blurred smartphones and tablets in the background.

Malware Campaign Exploits Fake Reviews to Spread Crypto Clipper

A single threat actor cleverly mimicked legitimate brands to spread Crypto Clipper Malware, using fake reviews, tutorial videos, and promotions on trusted platforms to manufacture credibility for a malicious crypto tool. They created a convincing illusion of a trusted product, complete with inflated download counts and coordinated five-star reviews.

Analyst 207
Smartphone screen displays social media post with Arabic interface.

Sniper Dz Scams Target MENA Users with Fake Offers and Browser Exploits

Scammers are targeting people in the Middle East and North Africa with fake offers of free mobile internet, financial rewards, and government subsidies, using fraudulent Facebook accounts to trick victims into divulging sensitive info. These Sniper Dz scams impersonate trusted figures and organizations to lure users in with enticing deals.

Analyst 207
A cluttered workspace with a smartphone, papers, and scribbled notes, set against a blurred cityscape or office background.

Google Sues Alleged Chinese Phishers Over AI-Powered Fraud Ops

Google is taking a stand against scammers, suing a Telegram-based group called "Outsider Enterprise" for allegedly sending millions of AI-powered scam texts and impersonating trusted brands. The lawsuit aims to put a stop to their large-scale fraud operations.

Analyst 207
Threat Actors Exploit Microsoft Teams for Phishing Attacks

Threat Actors Exploit Microsoft Teams for Phishing Attacks

Phishing attacks are getting smarter, with threat actors now using trusted platforms like Microsoft Teams to target unsuspecting employees, accounting for 42% of all phishing alerts in just the first four months of 2026. These sneaky messages can land directly in your feed, masquerade as internal IT support, and trick you into taking action with alarming ease.

Analyst 207
Professional workspace with laptop, papers, and office supplies, blurred email inbox in background.

North Korea Targets Developers with 250 Fake Job Offers in Credential Heist

In a sneaky credential heist, hackers sent over 250 fake job offers to developers at nearly 100 US organizations, disguising phishing attempts as recruitment messages. The six-week scam targeted professionals in tech, education, and finance.

Analyst 207
Person sits at laptop in European café, face downcast, with blurred cityscape and bank storefront in background.

Android Malware NFCShare Targets Europe Banks via GitHub Updates

Malicious actors are using GitHub to spread new variants of the NFCShare Android malware, disguising them as banking app updates to target customers of European banks. Victims are first lured into downloading the malware through phishing sites that mimic real banks, where they're prompted to install a fake update.

Analyst 207
Smartphone displaying WhatsApp conversation with suspicious link on a clean, minimalist surface.

WhatsApp Disrupts NSO Group's Spyware Phishing Campaigns

Meta's WhatsApp team swiftly sprang into action, disrupting a sophisticated spyware phishing campaign linked to the NSO Group after investigating user reports of targeted social-engineering attacks. They successfully stopped the attackers' attempts to trick people into clicking malicious links that could have put their data at risk.

Analyst 207
Brightly lit coding workspace with laptop showing GitHub/GitLab page surrounded by coding materials and documents.

North Korean Hackers Exploit Coding Lures to Steal Crypto Credentials

In a sneaky move, North Korean hackers sent over 250 emails with innocent-looking coding tasks to nearly 100 US-based organizations, tricking them into handing over cryptocurrency credentials. The clever phishing scam, tracked as UNK_DeadDrop, targeted tech, education, and finance firms, with a special focus on cryptocurrency companies.

Analyst 207
Long line of anxious fans waiting outside a ticketing booth, some visibly frustrated.

FIFA World Cup Scams Explode Ahead of 2026 Kickoff

As the 2026 FIFA World Cup approaches, scammers are kicking off their own game, with over 4,300 fraudulent domains and countless ticket scams, counterfeit merchandise, and banking malware already in circulation. With ticket requests exceeding 150 million and millions of fans eagerly awaiting kickoff, attackers are cashing in on scarcity and anxiety.

Analyst 207
Crowded stadium concourse with people walking, some on phones, with a laptop on a food tray in the foreground.

Cybercriminals Target FIFA World Cup 2026 with Sophisticated Scams

As the 2026 FIFA World Cup approaches, cybercriminals are gearing up to scam unsuspecting fans with sophisticated ticketing scams, counterfeit sites, and panic-inducing mechanics. Experts warn that this major event has become a prime target for cyberattacks, with thousands of fraudulent domains and fake Facebook ads already circulating.

Analyst 207
Brightly-lit office workstation with browser showing redirect chain and cup.

Google DoubleClick Exploited in Malspam Campaign Delivering DesckVB RAT

Cyber attackers are cleverly using Google's DoubleClick to disguise malicious emails, routing victims through a legitimate domain that often flies under the radar of security tools. By exploiting this trusted platform, hackers can easily trick people into downloading the DesckVB RAT malware.

Analyst 207
Professionals gather around a workstation with a large, blank monitor displaying a gradient screen.

UK Firms Bolster Defenses Against AI-Powered Cyber Attacks

UK organizations are bracing themselves for a perfect storm of cyber threats, with AI-powered attacks topping the list of concerns as the most pressing risk over the next year. In fact, 43% of UK respondents rank AI-powered attacks as their biggest worry, surpassing traditional threats like ransomware and phishing.

Analyst 207
Laptop screen shows ChatGPT-like interface with suspicious URL and blurred malware prompt.

Hackers Exploit ChatGPT Features in Malware Phishing Campaigns

Hackers are exploiting ChatGPT's features to create convincing phishing pages that trick victims into downloading malware, using the platform's code-rendering feature to build fake pages that appear legitimate. These attacks cleverly use trusted ChatGPT domains to evade detection, making them harder to spot.

Analyst 207
Person sitting at laptop with browser window open showing fake ChatGPT outage message.

Threat Actors Exploit ChatGPT Sharing Feature to Deliver Malware

Malicious actors are exploiting ChatGPT's sharing feature to spread malware, using convincing fake outage messages to trick users into downloading malicious desktop applications. They even hijacked Google ads to make their scam look legit.

Analyst 207
Crowded stadium with fans in foreground, blurred laptop screen near a spectator suggesting a phishing site.

FBI Warns of World Cup Phishing Sites Targeting Fans

Don't get scammed out of your World Cup tickets! A massive phishing operation, tracked as Ghost Stadium, has set up over 300 fake FIFA websites to trick fans into buying premium tickets to the 2026 tournament.

Analyst 207
Crowded stadium exterior at night with subtle shadows hinting at online threats.

Fraudsters Target World Cup Fans with 4300 Fake FIFA Domains

Scammers are gearing up to target FIFA World Cup fans with a massive network of over 4,300 fake domains, a recent analysis revealed. These fraudulent sites, linked to six distinct scams and four threat actors, are currently dormant but ready to be activated as the 2026 tournament approaches.

Analyst 207
Person in business casual clothes approaches a cubicle, blending in with office surroundings.

FBI Warns of In-Person Data Theft Attacks by Extortion Gang

The FBI has issued a warning about a sneaky new tactic used by the notorious Silent Ransom Group: showing up in person to steal sensitive data, after gaining trust through clever phishing and phone scams. This brazen approach combines remote access tricks with physical presence at victim sites, marking a chilling evolution in their extortion methods.

Analyst 207
Smartphone on cluttered desk with login prompt on screen.

BTMOB Android RAT Exploits No-Code Tools in Global Phishing Campaigns

A single malicious download can put an entire company's sensitive data at risk, so it's crucial for corporate security teams to educate employees on the dangers of rogue apps.

Analyst 207
Concerned office worker examines laptop with blurred screen amidst office supplies and city view.

Iranian Hackers Deploy AI-Backed MiniFast Backdoor via Phishing and SEO Poisoning

Iranian hackers have escalated their cyber attacks, leveraging AI-powered tools to craft malware and targeting key sectors like aviation, defense, and telecommunications across the US, Europe, and the Middle East. Their sophisticated tactics, including phishing and SEO poisoning, have allowed them to spy on organizations with alarming speed and efficiency.

Analyst 207
US airport terminal with check-in counter and departure board, laptops and phone on counter.

Iran-Linked Hackers Target US Aviation with Sophisticated Phishing and SEO Poisoning

Meet Nimbus Manticore, an Iran-linked hacking group that's back with a vengeance, using clever phishing and SEO poisoning tactics to target the US aviation industry in a series of sophisticated attacks. Their latest campaign, which ran from February to April 2026, marked a significant expansion into aviation, defense, and telecommunications.

Analyst 207
Laptop on office desk with papers and supplies, subtle hint of phishing attempt nearby.

FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Accounts

Beware of Kali365, a sneaky phishing service that's hijacking Microsoft 365 accounts by exploiting a legitimate authentication flow - and it's happening fast, with the platform emerging as recently as April 2026. This clever trick uses a short code to trick victims into handing over control of their accounts.

Analyst 207
Government office workstation with papers and supplies, email inbox blurred on screen.

Ghostwriter Exploits Ukraine Government with Prometheus Phishing Malware

Malicious actors known as Ghostwriter have launched a cunning phishing campaign targeting Ukraine's government, using emails that appear to come from trusted sources and contain links to a seemingly harmless learning platform, Prometheus. These emails contain a hidden threat that can download malware onto victims' devices.

Analyst 207