How to Spot the Most Common Crypto Phishing Scams

Crypto phishing scams surged 83% in 2025, targeting wallets with fake sites, approval tricks, and poisoned addresses. One click can drain your funds...

Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests' Payment Data

A Russian-speaking threat behind an ongoing, mass phishing campaign has registered more than 4,300 domain names since the start of the year. The activity, per Netcraft security researcher Andrew Brandt, is designed to target customers of the hospitality industry, specifically hotel guests who may...

Product Explained: Memcyco's Real-Time Defense Against Website Spoofing

Hands-On Review: Memcyco's Threat Intelligence Solution Website impersonation, also known as brandjacking or website spoofing, has emerged as a significant threat to online businesses. Malicious actors clone legitimate websites to trick customers, leading to financial scams and data theft causing...

Malicious ad served inside Bing's AI chatbot

In February 2023, Microsoft disclosed its new AI-assisted search engine, Bing Chat, powered by OpenAI's GPT-4. Even though Google has been dominating the search industry for years, this event was significant enough to generate not only interest but also plant the seed for a possible change in the...

Tiny Island Atoll’s Domain Used in Widespread Ad Fraud

A scam campaign involving “.tk” domains has been active since at least May 2018, redirecting unsuspecting users to fake blogger sites that are collectively bringing in close to $22,000 per month in advertising revenue. The same actors have also been spotted running a tech-support scam in tandem,...

Tens of thousands per Gram

Looking at Instagram one morning, I spotted several posts from some fairly well-known people in certain circles who had invested in an ICO held by Telegram. Interesting, I thought to myself. I fancy a piece of that. Only I was pretty sure that if Telegram was indeed holding an ICO, it would be a...

Apple Safari Remote URI Spoofing Vulnerability

Apple Safari is a web browser developed by Apple, Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. A security vulnerability exists in Apple Safari that allows attackers to conduct phishing attacks by exploiting the vulnerability to construct malicious WEB...

Shopify: Open redirection in OAuth

Hello, When we specify an invalid scope then the authorize url redirects to the site mentioned in redirecturi. So, attacker can create an app and use it as open redirector to redirect victims to fake sites. eg. Attacker can host same phishing page and hack the victims. Proof Of Concept :...