22 matches found
Avoid Scams After Disaster Strikes
As natural disasters occur, CISA urges individuals to remain on alert for potential malicious cyber activity. Fraudulent emails and social media messages—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
In what has been described as an "extremely sophisticated phishing attack," threat actors have leveraged an uncommon approach that allowed bogus emails to be sent via Google's infrastructure and redirect message recipients to fraudulent sites that harvest their credentials. "The first thing to no...
MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web
The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company's private code signing keys on their dark website. "Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem," Alex Matrosov, founder and CEO of firmware security...
Hurricane-Related Scams
CISA warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...
Hurricane-Related Scams
CISA warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails—often containing malicious links or attachments—are common after major natural disasters. Exercise caution in handling emails with...
Japanese Aerospace Firm Kawasaki Warns of Data Breach
Japanese aerospace company Kawasaki Heavy Industries on Monday warned of a security incident that may have led to unauthorized access of customer data. According to the company’s data breach notification, it first discovered unauthorized parties accessing a server in Japan, from an overseas offic...
Attackers Claim Identity of Financial NGO to Steal Sharepoint, Office Credentials
A new phishing campaign is targeting investment brokers with fraudulent emails aimed at stealing their Microsoft SharePoint and Office credentials, by invoking the identity of a credible financial regulatory organization. The “widespread, ongoing phishing campaign” is using emails that claim to b...
Black Friday Alert 2019: Net Shopping Bag of Threats
Every year, Kaspersky releases an annual Black Friday alert to highlight how fraudsters may capitalize on increased levels of online shopping at this time of year when many brands are offering their customers appealing discounts. In the rush to get a big discount or, even more panic-inducing, a...
Potential Hurricane Dorian Cyber Scams
The Cybersecurity and Infrastructure Security Agency CISA warns users to remain vigilant for malicious cyber activity targeting Hurricane Dorian disaster victims and potential donors. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direc...
Hurricane-Related Scams
As the 2019 hurricane season approaches, the Cybersecurity and Infrastructure Security Agency CISA warns users to remain vigilant for malicious cyber activity targeting disaster victims and potential donors. Fraudulent emails commonly appear after major natural disasters and often contain links o...
Spam and phishing in Q3 2018
Quarterly highlights Personal data in spam We have often said that personal data is candy on a stick to fraudsters and must be kept safe that is, not given out on dubious websites. It can be used to gain access to accounts and in targeted attacks and ransomware campaigns. In Q3, we registered a...
Potential Hurricane Florence Phishing Scams
NCCIC warns users to remain vigilant for malicious cyber activity seeking to exploit interest in Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites. Users should exercise caution in...
Has Your O365 Account Been Hacked?
In the past six months, Coalfire has seen an increase in businesses receiving fraudulent emails from legitimate client accounts with fraudulent invoice attachments. In several cases, the recipient paid the invoices not realizing they were fraudulent. The losses have ranged between thousands and...
Potential Hurricane Harvey Phishing Scams
US-CERT warns users to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Harvey. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Harvey, even if it appears to originate from a...
IRS Warns Tax Professionals of New Scam to Steal Passwords
The Internal Revenue Service IRS, acting in concert with state tax agencies and the tax industry, has issued an IRS Security Summit Alert for tax professionals to beware of a new phishing email scam. Scam operators often use fraudulent e-mails to entice their targets to reveal login credentials...
FTC Releases Alert on Fraudulent Emails
The Federal Trade Commission FTC has released an alert about scammers sending out fake emails that look authentic to trick you into sending money to them. Users should be suspicious of unsolicited phone calls or email messages from individuals asking about your information. If an unknown individu...
IRS Issues Warning for a Scam Targeting Tax Preparers
The Internal Revenue Service IRS has issued a press release addressing a new spear phishing scam targeting tax preparers and other tax professionals. Scam operators often use fraudulent e-mails to entice their targets to reveal login credentials. US-CERT encourages users and administrators to...
FBI: Business Email Compromise Scams Steal $214m in 2014
The FBI’s Internet Crime Complaint Center IC3 is sounding the alarm on a type of fraud they are calling business email compromise BEC scams. The scheme, formerly known as a man-in-the-email attack, comes in three distinct flavors, each of which is ultimately designed to dupe corporate employees o...
IC3 Issues Alert on University Employee Payroll Scam
The Internet Crime Complaint Center IC3 has issued an alert addressing a spear phishing scam targeting university employees and their payroll accounts. Scam operators use fraudulent e-mails and websites to entice employees to reveal login credentials. Users are encouraged to review the IC3 Alert...
Gameover Zeus Variant Sends Malicious Email Via Cutwail Botnet
The crew responsible for operating the Gameover variant of the infamous Zeus banking trojan is soliciting the enormous Cutwail botnet’s spamming capacity as an engine to fire off millions of malicious emails that seemingly originate from a number of recognizable U.S. banks. The fraudulent emails...