Recent Comments

    Blogroll

    Search

    Archive for Phishing

    Follina abuses Microsoft Office to execute remote code

    June 3rd, 2022 by

    Follina abuses Microsoft Office to execute remote code

    “A vulnerability dubbed “Follina” could allow attackers to gain full system control of affected systems. Learn more about it and how to protect yourself from it,”

    Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

    “A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.”

    Posted in Malware, Phishing, Scams | No Comments »

    Hackers breach MailChimp

    April 5th, 2022 by

    Hackers breach MailChimp’s internal tools to target crypto customers

    “Email marketing firm MailChimp disclosed on Sunday that they had been hit by hackers who gained access to internal customer support and account management tools to steal audience data and conduct phishing attacks.”

     

    Posted in Identity Theft, Phishing, Scams, Security Breeches, Uncategorized | No Comments »

    How to spot a fake Facebook profile

    November 16th, 2021 by

    How to spot a fake Facebook profile

    With so many reports from others about being “Hacked”, I thought it would be useful to pass on some advice on how to spot a fake “Friend Request”…

    Posted in Identity Theft, Phishing | No Comments »

    How to Tell a Job Offer from an ID Theft Trap

    May 22nd, 2021 by

    How to Tell a Job Offer from an ID Theft Trap

    “One of the oldest scams around — the fake job interview that seeks only to harvest your personal and financial data — is on the rise, the FBI warns. Here’s the story of a recent LinkedIn impersonation scam that led to more than 100 people getting duped, and one almost-victim who decided the job offer was too-good-to-be-true.”

    Posted in Identity Theft, Newsletters, Phishing, Scams | No Comments »

    More Phishing attacks on Office 365

    May 5th, 2021 by

    Malicious Office 365 Apps Are the Ultimate Insiders

    “Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.”

    Posted in Identity Theft, Malware, Phishing | No Comments »

    Stolen Card Market closing February 2021

    January 19th, 2021 by

    Joker’s Stash Carding Market to Call it Quits

    Joker’s Stash, by some accounts the largest underground shop for selling stolen credit card and identity data, says it’s closing up shop effective mid-February 2021. The announcement came on the heels of a turbulent year for the major cybercrime store, and just weeks after U.S. and European authorities seized a number of its servers.

    Posted in Identity Theft, Phishing, Ransomware | No Comments »

    GoDaddy breeched by Phishing Attack

    April 3rd, 2020 by

    Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

    “A spear-phishing attack this week hooked a customer service employee at GoDaddy.com, the world’s largest domain name registrar, KrebsOnSecurity has learned. The incident gave the phisher the ability to view and modify key customer records, access that was used to change domain settings for a half-dozen GoDaddy customers, including transaction brokering site escrow.com.”

    Posted in Phishing, Security Breeches | No Comments »

    New and Nasty Phishing Attack

    January 8th, 2020 by

    Tricky Phish Angles for Persistence, Not Passwords

    “Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. The phishing lure starts with a link that leads to the real login page for a cloud email and/or file storage service. Anyone who takes the bait will inadvertently forward a digital token to the attackers that gives them indefinite access to the victim’s email, files and contacts — even after the victim has changed their password.”

    Posted in Malware, Phishing | No Comments »

    Adobe Creative Cloud hacked

    October 28th, 2019 by

    7M Adobe Creative Cloud Users Exposed to Hackers

    “An open cloud database sets the stage for phishing attacks for users of the subscription service.”

    Posted in Identity Theft, Phishing, Security Breeches | No Comments »

    Beware Office 365 “File Deletion” Alerts!!

    May 30th, 2019 by

    Phishing Emails Pretend to be Office 365 ‘File Deletion’ Alerts

    ‘A new phishing campaign is underway that pretends to be from the “Office 365 Team” warning recipients that there has been unusual amount of file deletions occurring on their account.’

    Posted in Phishing | No Comments »

    « Previous Entries