RiskIQ researchers said that the new LogoKit phishing kit was detected on more than 700 unique domains in the last month alone and on 300 in the last week. Worse, this tool allows hackers to modify logos and text on phishing pages in real-time, tailoring sites for specific purposes. LogoKit relies on sending users phishing… Continue reading LogoKit phishing kit allows creating phishing pages in real time
Tag: Phishing
Hackers majorly use Microsoft and DHL brands in phishing attacks
Hackers majorly use the Microsoft and DHL brands in phishing attacks. In Q4 2020, cybercriminals used more brands from the tech industry, followed by shipping and retail businesses. Information security researchers from the Check Point Software team said that phishers love the Microsoft brand. 43% of all attempts at phishing attacks were associated with it… Continue reading Hackers majorly use Microsoft and DHL brands in phishing attacks
Operators of phishing campaigns increased number of emails allegedly from delivery services
Check Point Research reports that in November, the number of phishing emails written on behalf of delivery services increased by 440% compared to October. The sharpest growth was noted in Europe, with North America and the Asia-Pacific region in second and third places respectively in the number of phishing campaigns. Most often (in 56% of… Continue reading Operators of phishing campaigns increased number of emails allegedly from delivery services
Cybercriminals started using Google services more often in phishing campaigns
Security researchers have reported an increase in cyberattacks using Google services in phishing campaigns, as a tool to bypass security and steal credentials, credit cards, and other personal information. The Armorblox team analysed five phishing campaigns, which they call the “the top of the deep iceberg”. The attacks exploit features of several Google services, including… Continue reading Cybercriminals started using Google services more often in phishing campaigns
Microsoft estimated that ransomware attacks take less than 45 minutes
Microsoft analysts have prepared a traditional Digital Defense report, in which they talked about the main events and trends in the field of cybersecurity and threat analysis over the past year (from July 2019 to June 2020). The company, for example, estimated that some ransomware attacks could be carried out in less than 45 minutes.… Continue reading Microsoft estimated that ransomware attacks take less than 45 minutes
Google cloud services are used for phishing
Attackers, whose main goal is to steal various credentials, are increasingly turning to public cloud services to host decoy files and phishing pages. Even Google services are now being used for phishing. Check Point experts warn that earlier this year they discovered a campaign, which was abusing Google cloud services. The scammers have developed an… Continue reading Google cloud services are used for phishing
GitLab checked its employees: on phishing got every fifth
Recently, the GitLab platform conducted a security audit, analyzing if working from home employees are resistant to phishing attacks. As it turned out, every fifth got on phishing in GitLab: 20% of employees agreed to enter their credentials on a fake login page. A training attack conducted by the GitLab Red Team simulated a real… Continue reading GitLab checked its employees: on phishing got every fifth
GitHub warned users about phishing attack
Representatives of the GitHub web service warned users of a massive phishing attack called Sawfish. Recently, users more and more often receive phishing emails with fake warnings about suspicious activity of a recorded account or strange changes made to the repository or settings. “The links attached to such messages lead to a fake GitHub login… Continue reading GitHub warned users about phishing attack
Almost three quarters of modern phishing sites use SSL
Anti-Phishing Working Group (APWG) experts in their new report on this cyber threat analyzed modern phishing techniques. They found out that almost three quarters of modern phishing sites use SSL protection. From October to December 2019, the number of recorded phishing sites decreased compared to the summer period. In total, researchers identified 162,155 malicious resources.… Continue reading Almost three quarters of modern phishing sites use SSL
Number of linked with WhatsApp phishing URLs increased by 13 467%
According to Vade Secure’s report, the number of phishing URLs related to Facebook grew by 358,8%, and WhatsApp, by 13467%. Vade Secure published a report on phishing threats in the fourth quarter of 2019. Researchers identified 25 brands that phishers most widely use, compiling this list by analyzing a variety of phishing URLs. As a… Continue reading Number of linked with WhatsApp phishing URLs increased by 13 467%