153 matches found
A week in security (May 25 – May 31)
Last week on Malwarebytes Labs: Payment apps are watching what you say Lock and Code S07E11 Scammers pretending to be Microsoft had help from US executives 700+ education and tech websites hijacked in huge ClickFix malware campaign Fake software on GitHub and SourceForge distribute Deno RAT Fake...
Scammers Use Hidden Text to Bypass AI Email Filters in Phishing Scams
Scammers are hiding invisible text inside phishing emails to manipulate AI-powered email filters and increase the chances of scams reaching inboxes...
Google AppSheet Exploited in 30,000-User Facebook Phishing Operation
Scammers are abusing Google AppSheet and Google Drive to bypass security filters and steal thousands of Facebook Business accounts globally...
Scam Guard for desktop: A second set of eyes for suspicious moments
Scams aren’t so obvious anymore. They're well-written, have working grammar, and can lead victims to very convincing branded webpages. Scammers increasingly use AI tools to clone sites and create highly sophisticated scams at scale, so don't expect to rely on spotting obvious typos anymore. That’...
How to Spot the Most Common Crypto Phishing Scams
Crypto phishing scams surged 83% in 2025, targeting wallets with fake sites, approval tricks, and poisoned addresses. One click can drain your funds...
A week in security (November 24 – November 30)
Last week on Malwarebytes Labs: How CVSS v4.0 works: characterizing and scoring vulnerabilities Millions at risk after nationwide CodeRED alert system outage and data breach Holiday shoppers targeted as Amazon and FBI warn of surge in account takeover attacks Fake LinkedIn jobs trick Mac users in...
Phishing scams exploit New York’s inflation refund program
A warning from the New York State on their website informs visitors that: “Scammers are calling, mailing, and texting taxpayers about income tax refunds, including the inflation refund check.” Here's the warning on the website: We can confirm that several phishing campaigns are exploiting a...
AI Website Builder Lovable Abused for Phishing and Malware Scams
Scammers have been spotted abusing AI site builder Lovable to mimic trusted brands, steal credentials, drain crypto wallets,…...
A week in security (June 30 – July 6)
Last week on Malwarebytes Labs: Drug cartel hacked cameras and phones to spy on FBI and identify witnesses Catwatchful "child monitoring" app exposes victims’ data Microsoft, PayPal, DocuSign, and Geek Squad faked in callback phishing scams Qantas: Breach affects 6 million people, "significant"...
Microsoft, PayPal, DocuSign, and Geek Squad faked in callback phishing scams
Microsoft, DocuSign, Adobe, McAfee, NortonLifeLock, PayPal, and Best Buy’s Geek Squad are being impersonated online through malicious emails that contain fake telephone support numbers and dangerous QR codes that can ensnare victims into phishing scams. The brands and their products are frequentl...
Malicious AI Models Are Behind a New Wave of Cybercrime, Cisco Talos
Cybercriminals use malicious AI models to write malware and phishing scams Cisco Talos warns of rising threats from uncensored and custom AI tools...
INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure
INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or domains that have been linked to 69 information-stealing malware variants. The joint action, codenamed Operation Secure, took place between January and April 2025, and involved law enforcement agencies...
Arrests in Tap-to-Pay Scheme Powered by Phishing
Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through...
⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists
This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back the curtain on a scheme where cybercriminals used AI tools for harmful pranks, and a massive...
How Phished Data Turns into Apple & Google Wallets
Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovati...
Investors, Trump and the Illuminati: What the “Nigerian prince” scams became in 2024
"Nigerian" spam is a collective term for messages designed to entice victims with alluring offers and draw them into an email exchange with scammers, who will try to defraud them of their money. The original "Nigerian" spam emails were sent in the name of influential and wealthy individuals from...
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
A Russian-speaking cybercrime gang known as Crazy Evil has been linked to over 10 active social media scams that leverage a wide range of tailored lures to deceive victims and trick them into installing malware such as StealC, Atomic macOS Stealer aka AMOS, and Angel Drainer. "Specializing in...
AI-Generated Content: How Cybercriminals Are Using It for Phishing Scams
AI-generated content is empowering even novice hackers to elevate phishing attacks, enabling highly personalized and convincing scams targeting…...
FUNNULL Unmasked: AWS, Azure Abused for Global Cybercrime Operations
Discover how cybercriminals use 'Infrastructure Laundering' to exploit AWS and Azure for scams, phishing, and money laundering. Learn about FUNNULL CDN's tactics and their global impact on businesses and cybersecurity...
Scammers Exploit California Wildfires, Posing as Fire Relief Services
Cybercriminals are exploiting the California wildfires by launching phishing scams. Learn how hackers are targeting victims with fake domains and deceptive tactics, and how to protect yourself from these cyber threats...