CySecurity News - Latest Information Security and Hacking Incidents: Phishing scam

Cyber Fraud Google Ads Malicious Campaign PayPal Scam Phishing scam

Scammers Exploit Google and PayPal’s Infrastructure to Steal Users Private Data

Cybersecurity experts discovered a sophisticated phishing campaign that used Google Ads and PayPal's infrastructure to defraud users and obtain sensitive personal information.

The attackers abused vulnerabilities in Google's ad standards and PayPal's "no-code checkout" feature to create fake payment links that appeared authentic, duping victims into communicating with fake customer care agents.

Malicious actors created fraudulent adverts imitating PayPal. These adverts shown in the top search results on Google, displaying the official PayPal domain to boost user trust. A flaw in Google's landing page regulations allowed these advertisements to send consumers to fraudulent sites hosted on PayPal's legitimate domain.

The URLs used the format paypal.com/ncp/payment/[unique ID], which was designed to allow merchants to securely accept payments without requiring technical knowledge.

Scammers took advantage of this functionality by customising payment pages with misleading information, such as fake customer service phone numbers labelled as "PayPal Assistance." Victims, particularly those using mobile devices with limited screen area, were more likely to fall for the scam due to the challenges in spotting the fake nature of the links.

Mobile devices: A key target

Due to the inherent limitations of smaller screens, mobile users were the campaign's main target. Users of smartphones frequently rely on the top search results without scrolling further, which increases their vulnerability to clicking on malicious ads. Additionally, once they were directed to the phoney payment pages, users would see PayPal's official domain in their browser address bar, which further confirmed the scam's legitimacy.

Victims who called the fake help numbers were most likely tricked into disclosing sensitive information or making unauthorised payments. According to MalwareBytes Report, this attack highlights how cybercriminals may use trusted platforms such as Google and PayPal to conduct sophisticated scams. Scammers successfully bypassed typical security measures by combining technical flaws with social engineering techniques, preying on people' trust in well-known brands.

The campaign has been reported to Google and PayPal, yet new malicious adverts utilising similar techniques continue to appear. Experts advise people to use caution when interacting with online adverts and to prioritise organic search results above sponsored links when looking for legitimate customer service information. Security technologies such as ad blockers and anti-phishing software can also help to reduce risks by blocking malicious links.

Lack of Phishing Awareness Among Executives Poses a Security Threat



 

security threat

AI Phishing Cybbercrime Cyber Attacks Cybersecurity CyberThreat Cyerhackers Phishing scam security threat

Lack of Phishing Awareness Among Executives Poses a Security Threat

Even though phishing scams are predicted to continue to pose a serious cybersecurity threat in the years to come, recent research has highlighted the fact that a worrying gap in awareness among business leaders has been identified as a major concern. The study found that a vast majority of executives in the United States are unable to recognize all the warning signs of a phishing email. This demonstrates that corporate security practices are vulnerable.

As cyber threats have become increasingly sophisticated, the threat to personal and corporate data has risen. Security breaches and ransomware attacks have become increasingly common, driven by advances in artificial intelligence, which have enabled cybercriminals to develop more deceptive and efficient scams as a result of advances in artificial intelligence. Organizations are constantly facing new threats, as the digital landscape continues to evolve. As phishing tactics emerge every day, it becomes increasingly challenging for organizations to stay ahead of them.

Cybersecurity awareness must be raised at the leadership level to mitigate these risks and protect sensitive information. There is currently a significant gap in cybersecurity knowledge among senior executives, raising concerns about how businesses are resilient to phishing attacks, according to a recent study. The findings suggest that only 1.6% of senior leaders were able to identify all key indicators of phishing emails in a correct manner, which indicates a critical weakness in cybersecurity defences at organizations.

The lack of awareness is putting businesses at considerable risk, as phishing remains the most common method cybercriminals use to gain access to corporate networks. Phishing scams are expected to continue to cause major concern to businesses in 2025, as data indicates that these attacks directly lead to security breaches in the future. As a result of the survey, 40% of organizations experiencing a breach attributed the incident to phishing, which is the second most common cause of cybersecurity failures after malicious attacks. The number of breaches caused by computer viruses was second only to those caused by malware, affecting 53% of firms.

In light of these findings, executives must enhance cybersecurity training and awareness initiatives so that they can mitigate the growing threats posed by phishing and other cyber threats to mitigate them. A report published annually examines the changing trends shaping the business landscape by looking at the impact of technology on the workplace. Technology advances, including cybersecurity, have been assessed comprehensively in this study to assess the impact they have on businesses daily.

The latest study surveyed 1,036 senior executives and workplace managers from a variety of industries to gain insights into how organizations are dealing with these changes. This study reveals a concerning lack of leadership preparedness for data protection, which is concerning. Even though cyber threats are becoming increasingly sophisticated, many senior leaders in organizations are still unprepared to deal with vulnerabilities within their organizations. This study illustrates the urgency of improving cybersecurity training and establishing strategic initiatives to enhance data security measures in this era when digital threats continue to grow in sophistication.

The study, conducted a few months ago, surveyed 1,036 U.S. business leaders to determine if they could recognize certain indicators of phishing emails from real emails. Participants were evaluated on their sensitivity to common red flags, among them: Spelling and grammatical errors Emails received from unfamiliar senders Requests for sensitive information Messages conveying urgency or threats Senior executives are showing a troubling lack of cybersecurity awareness, according to the findings of this study.

Alarmingly, 33% of respondents failed to recognize when they received an email from an unknown sender that it might be a potential phishing scam. Even more concerning is that 47% of respondents failed to identify a tone of urgency or threat as a sign of phishing scams. In 2024, phishing attacks are estimated to have accounted for 40% of all data breaches affecting businesses, a sharp increase over 2023, when phishing attacks made up 23% of data breaches. Another finding of the study is that nearly a third (19%) of business leaders do not understand the concept of two-factor authentication, which is a fundamental security measure aimed at protecting against unauthorized access to their business systems.

A significant gap is evident in cybersecurity education at the leadership level, indicating that serious concerns have been raised about organizations' data protection strategies. As a result, there will be substantial financial consequences for businesses if these vulnerabilities are exploited, with data breaches costing on average $4.88 million in 2024, which is an increase of 10% over last year's cost. Tech.co's Editor, Jack Turner, emphasizes the importance of addressing this matter and emphasises that research serves as a wake-up call for business leaders who may underestimate the risks associated with cybercrime.

A significant percentage of respondents were unable to identify even the most basic signs of phishing attempts, which indicates why phishing attacks remain so effective. A company's cybersecurity training programs should not be limited to the IT department. They should be available to all employees, including entry-level employees and senior managers. Only by continuously increasing the level of education and vigilance can organizations strengthen their defences against cyberattacks, which are becoming increasingly commonplace.

The business continues to suffer from significant financial and reputational damage as a result of poor cybersecurity practices, a result in data breaches that result in substantial revenue losses and long-term brand erosion. Since these risks must be taken into account, cybersecurity has become a top priority for companies, and leadership must take active steps to enhance security measures within their organization.

The problem is, however, that many senior executives do not possess the fundamental knowledge they need to be able to implement effective security strategies. The latest survey reveals that almost 19% of senior leaders are unable to define multi-factor authentication (MFA) correctly, despite it being widely recognized as an effective tool to safeguard sensitive data, even though nearly 19% of them cannot do so.

As a consequence, there is a significant vulnerability at the leadership level as they play a pivotal role in shaping and enforcing cybersecurity policies, and these policies are tightly regulated by their organizations. As a part of establishing a robust cybersecurity framework for an organization, senior leadership needs to take an active role in acquiring knowledge of key security measures and becoming familiar with those measures. However, securing an organization cannot rest solely in the hands of executive management.

To develop a comprehensive security strategy, the entire company must be involved, with all employees being able to recognize and respond to potential threats. With technology progressing at such a rapid pace, investing in cybersecurity education at all levels of an organization is no longer an optional investment; rather, it is a must. By implementing structured training programs, companies can ensure their employees and executives remain alert to the ever-changing cyber threats.

By cultivating a culture of cybersecurity awareness, businesses can ensure that their data, financial stability, and long-term reputation are protected in an increasingly digital environment, thus enhancing the efficiency of their business. Several key findings of the report reveal the urgent need for senior executives to have a better understanding of cybersecurity.

Organizations must address this knowledge gap by providing comprehensive training and utilizing robust security frameworks that can strengthen their defences against cyberattacks from the outside. Cyber threats are becoming more advanced every day, and proactive leadership as well as company-wide awareness will be of crucial importance for mitigating risks and safeguarding business operations in a world where everything is going digital.

Dangers of AI Phishing Scam and How to Spot Them



 

Technology

AI ChatGPT Email Gen AI Phishing scam Technology

Dangers of AI Phishing Scam and How to Spot Them

Supercharged AI phishing campaigns are extremely challenging to notice. Attackers use AI phishing scams with better grammar, structure, and spelling, to appear legit and trick the user. In this blog, we learn how to spot AI scams and avoid becoming victims.

Checking email language

Earlier, it was easier to spot irregularities in an e-mail, all it took was one glance. As Gen AI models use flawless grammar, it is almost impossible to find errors in your mail copy,

Analyze the Language of the Email Carefully

In the past, one quick skim was enough to recognize something is off with an email, typically the incorrect grammar and laughable typos being the giveaways. Since scammers now use generative AI language models, most phishing messages have flawless grammar.

But there is hope. It is easier to identify Gen AI text, and keep an eye out for an unnatural flow of sentences, if everything seems to be too perfect, chances are it’s AI.

Red flags are everywhere, even mails

Though AI has made it difficult for users to find phishing scams, they show some classic behavior. The same tips apply to detect phishing emails.

In most cases, scammers mimic businesses and wish you won’t notice. For instance, instead of an official “info@members.hotstar.com” email ID, you may notice something like “info@members.hotstar-support.com.” You may also get unrequested links or attachments, which are a huge tell. URLs (mismatched) having subtle typos or extra words/letters are comparatively difficult to notice but a huge ti-off that you are on a malicious website or interacting with a fake business.

Beware of Deepfake video scams

The biggest issue these days is combating deepfakes, which are also difficult to spot.

The attacker makes realistic video clips using photo and video prompts and uses video calling like Zoom or FaceTime to trap potential victims (especially elders and senior citizens) to give away sensitive data.

One may think that only old people may fall for deepfakes, but due to their sophistication, even experts fall prey to them. One famous incident happened in Hong Kong, where scammers deepfake a company CFO and looted HK$200 million (roughly $25 million).

AI is advancing, and becoming stronger every day. It is a double-edged sword, both a blessing and a curse. One should tread the ethical lines carefully and hope they don’t fall to the dark side of AI.

Gmail Confirms AI Hack: 2.5 Billion Users Warned of Phishing Scam



 

Phishing scam

AI scam Cyber Cyber Fraud Fraud Gmail Hack Google security Phishing scam

Gmail Confirms AI Hack: 2.5 Billion Users Warned of Phishing Scam

Gmail has issued a warning to its 2.5 billion users about a sophisticated AI-powered phishing attack. Fraudsters are using caller IDs that seem to originate from Google support, convincing users that their accounts have been compromised. Under the pretense of an account recovery process, they send an email with a recovery code that appears to come from a genuine Gmail address, Forbes reports.

Zach Latta, founder of Hack Club, noticed irregularities during an interaction with a so-called Google support agent. "She sounded like a real engineer, the connection was super clear, and she had an American accent," Latta told Forbes. Despite the convincing approach, the scam's goal is to deceive users into providing their login credentials, allowing cybercriminals to take control of their accounts.

Spencer Starkey, Vice President at SonicWall, emphasized the evolving nature of cyber threats: "Cybercriminals are constantly developing new tactics, techniques, and procedures to exploit vulnerabilities and bypass security controls, and companies must be able to quickly adapt and respond to these threats." He advised businesses to adopt a proactive cybersecurity approach, including regular security assessments and incident response planning.

Users Report Similar Fraud Attempts

According to the New York Post, Y Combinator founder Garry Tan shared his experience on X (formerly Twitter) after receiving phishing emails and phone calls.

"They claim to be checking that you are alive and that they should disregard a death certificate filed that claims a family member is recovering your account," Tan wrote, calling it an elaborate scheme to manipulate users into approving password recovery.

Microsoft solutions consultant Sam Mitrovic also encountered this scam months ago. Initially, he ignored the recovery notification and follow-up call, but when it happened again, he decided to answer.

"It's an American voice, very polite and professional. The number is Australian," Mitrovic recalled. He even verified the number on an official Google support page, making the deception more convincing.

The caller alleged there was suspicious activity on his account and asked if he had logged in from Germany. When he denied it, the agent claimed someone had been accessing his account for a week and offered to help secure it. Mitrovic realized something was off when he spotted a suspicious email address in the follow-up message and stopped responding.

Forbes advises Gmail users to remain calm and immediately disconnect any call from so-called Google support, as Google does not contact users via phone. Instead, users should verify account activity themselves:

Use Google Search to check official security support pages.
Log into Gmail and navigate to the bottom right corner to review recent account activity.
Avoid sharing recovery codes with anyone over the phone.

With cyber threats evolving rapidly, vigilance is key to safeguarding online accounts.

Ledger Phishing Scam Targets Cryptocurrency Wallets



 

Scammer

AWS Crypto Phishing cryptocurrency cryptocurrency theft Cyber Attacks Fake Emails Ledger Phishing scam Scammer

Ledger Phishing Scam Targets Cryptocurrency Wallets

A sophisticated phishing email campaign has emerged, targeting cryptocurrency users by impersonating Ledger, a prominent hardware wallet provider. These fraudulent emails claim that the recipient’s Ledger wallet seed phrase — also known as a recovery or mnemonic seed — has been compromised. In an attempt to secure their funds, users are directed to a so-called “secure verification tool” where they are asked to confirm their seed phrase. The phishing emails appear convincing, offering a “Verify my recovery phrase” button. Clicking this button redirects victims through an Amazon Web Services (AWS) website to a fake domain, “ledger-recovery[.]info.”

Once users enter their seed phrase on this page, the attackers capture the information, granting them full access to the victims’ cryptocurrency wallets. A recovery phrase, typically consisting of 12 or 24 random words, acts as the key to accessing a wallet’s funds. The importance of keeping this phrase private and offline cannot be overstated. By stealing these phrases, the attackers gain control of the wallets and can siphon all funds, leaving victims with no recourse.

To increase the scam’s credibility, the phishing site includes several deceptive features. For example, it accepts only valid seed phrase words from a predetermined list of 2,048 options. Regardless of the entered data, the site falsely informs users that their phrase is incorrect, encouraging them to re-enter their information multiple times and ensuring the attackers receive accurate details.

The Evolving Nature of Phishing Scams

This phishing attempt highlights the evolving sophistication of such scams. In the past, phishing emails were often marred by poor grammar or clumsy wording, making them easier to spot. However, with advancements in generative artificial intelligence, scammers can now produce polished and professional-looking messages. In this instance, one of the few red flags was the use of the SendGrid email marketing platform and the redirection through an AWS website, which sharp-eyed recipients might notice.

While it remains unclear how many individuals fell victim to this scheme, any user who shared their seed phrase likely lost their funds permanently. This incident underscores the importance of exercising caution and maintaining strict security protocols when handling sensitive information like recovery phrases.

How to Protect Your Cryptocurrency Wallet

Cryptocurrency users are advised to verify communications directly through official sources and avoid clicking on links in unsolicited emails. Recovery phrases should never be shared online, as doing so compromises the entire wallet’s security. With scams becoming increasingly sophisticated, vigilance and education are crucial in safeguarding digital assets.

Gmail Alert: Massive Phishing Campaign Spreads Rhadamanthys Malware



 

Rhadamanthys malware

Check Point Cyber Attacks data security Gmail Gmail Hack Gmail-Accounts Personal Data Phishing scam Rhadamanthys malware

Gmail Alert: Massive Phishing Campaign Spreads Rhadamanthys Malware

Cybersecurity experts have issued a new warning about a large-scale phishing attack targeting Gmail users worldwide. Researchers at Check Point have uncovered the threat, which uses fake Gmail accounts to send emails impersonating well-known companies. These fraudulent messages claim recipients have violated copyright laws on their social media accounts, urging them to take immediate action.

The goal of these emails is to trick victims into downloading attachments laced with the Rhadamanthys Stealer malware. Once installed, this malware infiltrates systems to steal sensitive personal data. The attackers’ strategy is both sophisticated and alarming. They create convincing fake Gmail accounts and customize emails to appear as if they are from legitimate organizations. Victims are informed of supposed copyright violations and pressured to resolve the issue by downloading attached files.

However, clicking on these files triggers the malware’s installation, granting hackers access to a victim’s computer. The malware operates silently, collecting private information such as login credentials and other sensitive data without the user’s knowledge. The phishing campaign has already reached a global audience, targeting users in Europe, Asia, and the United States. Check Point highlights the staggering scale of the operation, noting that nearly 70% of the impersonated companies belong to the entertainment, media, technology, and software industries. This wide range of targets makes the attack more challenging to detect and stop.

The campaign leverages people’s trust in established companies and creates urgency, making victims more likely to fall for the scam. One of the most concerning aspects of the attack is the advanced capabilities of the Rhadamanthys Stealer malware. This sophisticated program is specifically designed to evade detection by traditional security measures. Once installed, it can extract a variety of data from the infected system, including passwords, financial information, and personal files. The malware’s ability to operate covertly increases the risk for users who are unaware that their devices have been compromised.

Experts stress the importance of vigilance in protecting against this type of phishing attack. Email users should carefully verify the sender’s identity and be cautious of messages that create a sense of urgency or demand immediate action. Legitimate organizations rarely use generic Gmail accounts to contact users, and they typically do not send unsolicited attachments or links. Users should also avoid downloading files or clicking on links from unknown sources, as these actions can initiate malware installation.

Keeping antivirus software up to date is another critical step in preventing infections. Modern security programs are designed to detect and block malicious files like those associated with Rhadamanthys Stealer. Additionally, users are encouraged to report any suspicious emails to their email providers, which can help prevent further spread of such attacks. By staying informed and adopting safe online practices, individuals can reduce their vulnerability to these increasingly sophisticated phishing campaigns.



 

Quishing

Cyber Fraud Data Privacy Phishing scam QR Codes Quishing

Phishing And The Threats of QR Codes

Cybercriminals have always been adept at abusing the latest technological developments in their attacks, and weaponizing QR codes is one of their most recent strategies. QR codes have grown in popularity as a method for digital information sharing due to their ease of use and functionality.

However, their widespread use has created a new channel for phishing attempts, namely QR code phishing (or quishing). With the NCSC recently warning of an increase in these attacks, businesses must grasp how QR codes can be used to compromise staff and what they can do to effectively protect against these rising threats.

Leaders at risk from QR code attacks

Quishing attacks, like traditional phishing campaigns, typically attempt to steal credentials by social engineering, in which an email is sent from a supposedly trusted source and uses urgent language to persuade the target to perform a specific action.

In a quishing attack, the target is frequently induced to scan a QR code disguised as a fake prompt, such as updating an expired password or examining a critical file. The malicious QR code will then direct visitors to a counterfeit login page, prompting them to enter - and ultimately expose - their credentials.

CEOs and senior executives, who have the system access, are naturally appealing targets due to the high value of account credentials. In fact, the study discovered that C-Suite members were 42 times more likely than other employees to receive QR code phishing assaults.

Quishing attacks mainly follow the same standard phishing strategy, in which social engineering is employed to control the victim's actions. However, when it comes to QR code phishing, cybercriminals appear to prefer two methods.

Data collected in the second half of 2023 revealed that QR codes were most commonly used in false notifications for MFA activity (27% of all QR assaults) and shared documents (21%). Whatever the explanation for the malicious code, the majority of QR assaults security experts detected are credential phishing attempts.

Prevention tips

The best defence is to keep these attacks from reaching their intended targets at all. However, it is becoming increasingly evident that these new phishing schemes outperform secure email gateways (SEGs) and other legacy email systems. Unfortunately, these safeguards were not intended to thoroughly detect QR code threats or assess the code's destination.

Businesses need to be aware that new threats like QR codes will outsmart many of the classic security solutions, forcing them to switch to more contemporary, dynamic strategies like AI-native detection technologies.

Phishing Alert: Spotting the 'Vahan Parivahan' Speeding Violation Ticket Scam



 

Vahan Parivahan

Cyber Fraud Cyberattacks CyberCrime CyberThreat Phishing scam Vahan Parivahan

Phishing Alert: Spotting the 'Vahan Parivahan' Speeding Violation Ticket Scam

There is no doubt that traffic violations have also been victimized by scammers, as have most online services, as phishing has become one of the new ways in which unsuspecting victims have been tricked into giving out their personal information. The scammer sends users an e-challan that mentions an issue, and as soon as they click on it, or download the app, they use this information to wipe their bank account clean and get away from them.

Receiving an e-challan and questioning its legitimacy may indicate a scam is on the horizon. It has been found that cybercriminals have been exploiting traffic violations to lead unwitting individuals into phishing traps, leading unsuspecting individuals into phishing schemes. As the landscape of online fraud continues to evolve, a new scam has emerged, targeting unsuspecting vehicle owners through WhatsApp. A new scam dubbed the "Fake Traffic Violation Challan Scam" involves fraudsters sending bogus traffic challans through the messaging service, along with an APK file which is designed to take personal information.

Several online scams have surfaced over the past few months, ranging from job offers to investment schemes, however, now a new threat has emerged - a fake traffic violation Challan scam. Recently, a Reddit user, known as Dambu186, shared his experience with the scam, emphasizing the importance of being aware of these types of scams and avoiding them. It is important to understand that Android uses an APK file format for distributing and installing its apps.

APK files, a similar software installation process to EXE files for Windows computers, are used by Android devices for software installation. However, in this scam, the APK file isn't just another benign installer, but a Trojan horse designed to take control of users' phones. Vahan Parivahan phishing scams or e-challan scams are cyberattacks aimed at unsuspecting citizens who are notified via SMS that they have been charged with a traffic violation.

In most cases, scammers send users a message with a link that invites them to pay the fine or download an app called Vahan Parivahan and once the app is downloaded, they have access to users' data and can steal money from their bank account as a result. There has been an increase in the number of scams targeting vehicle owners and drivers. One example of this scam is the "Vahan Parivahan Fraud." It is a scam in which users receive an APK file via WhatsApp along with an SMS that informs them of a traffic violation.

There is a common fraud that one receives via SMS for an e-challan, and the link to the fake website or even an app will prompt users to download. Let's try to understand it and learn how to avoid it. There are fake websites that are similar to the official ones that are designed to steal information such as credit card numbers, Aadhaar numbers, login credentials, etc. These fake websites look like the official ones, but they are meant to steal information like these.

Despite its disarmingly simple mode of operation, the scam has been successfully evading people for years. In India, scammers impersonate the government traffic department Parivahan, and they send messages on WhatsApp informing victims of an alleged traffic violation registered against their vehicles. An APK file is attached to the message, which encourages recipients to download the app to view and pay the challan. There are several details included in the message, including the specific date, a location that was generated randomly, as well as a fake challan number.

This is an e-mail that seems legitimate enough to deceive the uninitiated, particularly those who are not familiar with traffic violation notifications or new car drivers. To stay safe from such scams, one of the best ways is to simply not click on any links in messages. The best thing users can do if they receive an e-challan notification is to go to the official website and check it out. Users can also contact the traffic police to verify the information. Despite what the message says, be aware of the ‘.gov.in’ extension when it comes to any official government website.

Whenever users visit an unknown website, do not share any personal information until they are certain the site is legitimate. Installing the provided APK unintentionally installs malware on the user's computer. To create these fake apps, the attackers present a fake payment gateway to steal credit card details or net banking credentials from the user. The fake apps take many forms, from spyware that records keystrokes, to more aggressive types that allow the attacker to control the device completely. Keeping a vigilant eye out for scams like these is crucial to protecting users from them.

Verify before Clicking, and ensure that all communication from official sources is authentic by verifying the authenticity of the communication through the official channels that they have verified. In no circumstances should users rely on messages received by WhatsApp or other social media platforms if they have not been verified. Keep an eye out for downloaded apps and unsolicited links. Never trust links or downloads from unknown sources, and do not download apps from them.

The official apps are only available on reputable stores such as Android Play, or they can be downloaded directly from the official website of the developer. Ensure that a secure network whenever possible protects users' financial information from being intercepted in case of public Wi-Fi networks or unprotected networks.

Be on the lookout for suspicious activity in their accounts: Make sure users routinely check their bank statements and transaction histories for any suspicious activity. It is crucial to educate others about such scams, especially those who might be less tech-savvy, and make sure they are aware of these threats. There are several things citizens can do to protect not only their personal information but to ensure their own peace of mind as well by staying informed and cautious. The key to a successful campaign against cybercrime is awareness, and action is the sword when it comes to fighting this crime.

eBay, VMware, and McAfee Taken Down in Widespread Phishing Operation



 

Site Hack

Cyber Attacks eBay Phishing scam Site Hack

eBay, VMware, and McAfee Taken Down in Widespread Phishing Operation

Hackers have taken control of over 8,000 subdomains belonging to reputable companies and organizations to launch a massive phishing campaign that sends millions of malicious emails every day.

Among the companies involved in "SubdoMailing" are MSN, VMware, McAfee, The Economist, Cornell University, CBS, Marvel, and eBay. The campaign, which is the center of a larger cybercrime operation and damages the credibility and trust of the compromised organizations, was identified by researchers from Guardio Labs.

"The discovered operation entails the manipulation of thousands of hijacked sub-domains associated with or related to major brands," security researcher Oleg Zaytsev and CEO of Guardio Labs-Cybersecurity Nati Tal stated in a Medium article. "Complex DNS manipulations for these domains allowed the dispatch of vast quantities of spammy and just outright malicious emails, falsely authorized under the guise of internationally recognized brands."

According to the researchers, the effort is designed to evade all industry-standard email security mechanisms, such as Sender Policy Framework (SPF), DKIM, SMTP Server, and DMARC, that are normally in place to prevent suspicious messages. Instead, emails appear to originate from trustworthy sites.

Finding the Hijacking Scheme

In the post, Guardio provides a detailed explanation of how its email protection algorithms detected an unusual trend in an email's metadata, leading to the operation's discovery. It led the researchers down a rabbit hole that eventually resulted in the lifestyle expert Martha Stewart and MSN.com parting ways for a long time.

"A particularly insidious email" warning of allegedly suspicious activity in a cloud storage account ended up in a user's "Primary" inbox when it should have been reported as spam, according to the example given.

More about the threat actor

According to Guardio, the vast effort is the result of a threat actor known as "ResurrecAds," which uses the tactic of resurrecting "dead" domains of large brands or those connected to them to utilize them as backdoors to exploit reputable services and businesses to ultimately make money as an "Ad-Network" entity.

"This approach enables them to circumvent contemporary email protection measures, showcasing their adeptness at manipulating the digital advertising ecosystem for nefarious gains," the authors stated.

According to Guardio, the actor's malicious behavior involves them constantly searching the Internet for abandoned subdomains of reputable brands to find chances to buy them or compromise them to send malicious emails.

Looking for damage

The campaign highlights the increasing sophistication of hostile email operations, which have been around almost since the beginning of digital communication. However, they are still evolving as more defenders use security measures like SPM, DKIM, and DMARC.

"Our research has revealed that threat actors are not merely reacting to security measures; they’ve been proactively adapting and evolving for some time," the investigators stated.

Guardio developed a unique website with the tool SubdoMailing Checker to determine whether a site's abandoned domain is being used in the operation due to the operation's widespread and ongoing nature.

More than 800 False "Temu" Domains Trick Customers Into Losing Their Credentials



 

Temu

Credential Theft Fake Domains Phishing scam Privacy Temu

More than 800 False "Temu" Domains Trick Customers Into Losing Their Credentials

Cybersecurity experts caution against falling for Temu phishing scams since they use phony freebies to obtain passwords. In the last three months, more than 800 new "Temu" domains have been registered.

The most recent company that con artists have used for their phishing schemes is Temu. With over 800 new domains registered as "Temu" in the last three months, cybersecurity researcher Jeremy Fuchs of Checkpoint's Harmony Email has observed that hackers are taking advantage of Temu's giveaway offers to persuade users to divulge their passwords.

Just so you know, Temu is an international e-commerce site with 40% of its users residing in the United States. It provides customers with direct shipping of discounted goods. Launched in 2022, Temu is accessible in 48 nations, encompassing Australia, Southeast Asia, Europe, and the Middle East.

It ranks second in the Apple App Store and first in the Google Play Store for shopping apps as of February 7, 2024. The majority of app users are older folks, aged 59 and up.

The Scam

According to analysts, Temu Rewards is the source of the example phishing email. On closer inspection, though, you'll see that it was received from an unconnected onmicrosoft.com email account. The email has a link to a page that harvests credentials and a blank image. By telling recipients they have won, the threat actors hope to draw in receivers.

Phishing and Brand Names

Threat actors have previously used popular brands and current trends to their advantage to obtain sensitive data, including credentials, from unsuspecting consumers.

Cyjax researchers uncovered a sophisticated phishing campaign that was aimed at over 400 firms in a variety of industries. To spread malware and get money from advertisements, the con artists—who most likely have Chinese ties—used 42,000 domains, and at least 24,000 survey and landing pages to advertise the scheme.

Bloster AI cybersecurity experts have uncovered a USPS Delivery phishing campaign that employs sophisticated tactics to target victims in the United States. CheckPhish from Bolster found more than 3,000 phishing domains that imitated Walmart. Customers were misled by the advertising into believing they had failed delivery and unpaid bills. Threat actors have refined their attack strategies, moving from misleading messaging to enticing victims to download apps that steal banking or financial data.

In January 2024, it was found that business owners of Meta Platforms, Inc. were the target of a phishing scam that attempted to obtain their email addresses and passwords to gain control of their Facebook page, profile, and financial information. The hoax created a sense of urgency and authenticity by leveraging Meta Platforms' authority.

Cybersecurity and Temu

Temu has experienced several cybersecurity-related problems, including claims that it was gathering data from users and devices, including SMS messages and bank account details.

A class-action lawsuit was launched in November 2023 in the United States, claiming that the corporation had obtained its customers' data illegally. Moreover, an additional revelation emerged that implicated Temu in the unapproved release of customer information, specifically concerning data that allegedly surfaced for sale on the dark web following transactions made by users of the app.

Decrypting the Threat: Telegram's Dark Markets and the Growing Menace of Phishing Networks



 

Website Security

Cyber Phishing Data Beach Phishing scam Telegram Website Security

Decrypting the Threat: Telegram's Dark Markets and the Growing Menace of Phishing Networks

In the last few years, social media has gradually become a one-stop shop for scammers. With easily available information, scammers are able to hand-pick their target and create a customized scam for them.

Telegram is one such platform that has also emerged as a hub for all things any scammer might need to create a perfect scam. Information that was once hidden behind the screens of the dark web is now readily and publicly available on Telegram, many of which are even free to access.

From instructional guides and phishing kits to the services of hackers for hire, this application has increasingly become a comprehensive hub, providing scammers with everything they might require for their illicit activities.

For a newcomer, it is astonishing to see how easy it is to find these marketplaces on Telegram, which were previously deep inside Tor Onion networks. Messages flow incessantly, unveiling an array of products, services, tips, and tricks—knowledge that was once exclusive to the depths of the dark web is now readily accessible.

One of the most known examples of such a scam is the “Bank of America” phishing page scam which was circulated in the US network. This scam was made to extract the bank account details of potential targets, which were then sold to higher players.

These scammers who work on the higher chain work by delving into the criminal abyss of cash extraction from these accounts unveils a new echelon of illicit activity, characterized by heightened complexity. This is precisely where the orchestrated network of the scammer's supply chain comes into play.

Planning a scheme as elaborate as this involves assembling several essential elements:

Firstly, the foundation lies in crafting a sophisticated phishing web page, often termed a "scam page." To deploy this page seamlessly, a dependable hosting solution is indispensable. An effective email-sending system is then required to initiate the deceptive process. Crafting a compelling email message, strategically designed to lure victims to the scam page, serves as another crucial element. The acquisition of targeted email addresses, known as "Leads," becomes pivotal for precision targeting. Unsurprisingly, there is a separate marketplace that is solely focused on gathering data of potential targets through malicious websites, surveys and pop-up emails offering discounts and free rewards.

Lastly, a mechanism for monetizing the stolen credentials completes the construction. Notably, all these necessary building blocks are readily available on Telegram, with some offered at remarkably low prices, and astonishingly, certain elements are even accessible for free. This holistic approach underscores the alarming accessibility and affordability of these illicit tools within the Telegram ecosystem.

After analyzing the scam creation process, it's evident that phishing scams exploit compromised security on legitimate websites.

Owners of such sites bear a dual responsibility of safeguarding their business interests and preventing their platforms from being exploited by scammers. This includes protecting against the hosting of phishing operations, sending deceptive emails, and other illicit activities that may occur without their knowledge. Vigilance and proactive measures are essential to ensure the integrity and security of online platforms.

Security Alert: Google AMP Used in Evasive Phishing Attacks



 

Phishing scam

Cyber Attacks Google Google AMP Phishing Attack Phishing scam

Security Alert: Google AMP Used in Evasive Phishing Attacks

In recent times, there has been an increase in phishing activity that abuses Google Accelerated Mobile Pages (AMP) to bypass email security measures and get to the inboxes of enterprise employees. This has been a cause of concern for security researchers and organizations alike.

What is Google AMP?

Google AMP is an open-source HTML framework co-developed by Google and 30 partners to make web content load faster on mobile devices. It is designed to improve the user experience by providing faster loading times for web pages. However, threat actors have found a way to abuse this technology for malicious purposes.

How are attackers using Google AMP?

According to a report by Bleeping Computers, attackers are using Google AMP to create phishing pages that can bypass email security measures. These pages are designed to look like legitimate login pages for popular services such as Microsoft Office 365 or Google Workspace. Unsuspecting users who enter their credentials into these fake login pages risk having their accounts compromised.

The use of Google AMP in phishing attacks is particularly concerning because it allows attackers to create pages that are difficult to detect by traditional security measures. AMP pages are hosted on Google's servers, meaning they have a high level of trust and legitimacy. This makes it easier for attackers to bypass email security measures and get their phishing emails into the inboxes of enterprise employees.

What can organizations do?

Organizations need to be aware of this threat and take steps to protect themselves from these types of attacks. This can include educating employees about the dangers of phishing and how to spot fake login pages, as well as implementing advanced email security measures to detect and block phishing emails that use Google AMP.

The abuse of Google AMP by threat actors for evasive phishing attacks is a growing concern for organizations. Companies must stay vigilant and take steps to protect themselves from these types of attacks. By being proactive and implementing strong security measures, organizations can reduce their risk of falling victim to these attacks.

Watch Out For These ChatGPT and AI Scams



 

Phishing scam

AI Phishing AI Scams ChatGPT Cyber Fraud Malicious Campaign Phishing scam

Watch Out For These ChatGPT and AI Scams

Since ChatGPT's inception in November of last year, it has consistently shown to be helpful, with people all around the world coming up with new ways to use the technology every day. The strength of AI tools, however, means that they may also be employed for sinister purposes like creating malware programmes and phishing emails.

Over the past six to eight months, hackers have been observed exploiting the trend to defraud individuals of their money and information by creating false investment opportunities and scam applications. They have also been observed using artificial intelligence to plan scams.

AI scams are some of the hardest to spot, and many people don't use technologies like Surfshark antivirus, which alerts users before they visit dubious websites or download dubious apps. As a result, we have compiled a list of all the prevalent strategies that have lately been seen in the wild.

Phishing scams with AI assistance

Phishing scams have been around for a long time. Scammers can send you emails or texts pretending to be from a trustworthy organisation, like Microsoft, in an effort to trick you into clicking a link that will take you to a dangerous website.

A threat actor can then use that location to spread malware or steal sensitive data like passwords from your device. Spelling and grammar mistakes, which a prominent corporation like Microsoft would never make in a business email to its clients, have historically been one of the simplest ways to identify them.

However, in 2023 ChatGPT will be able to produce clear, fluid copy that is free of typos with just a brief suggestion. This makes it far more difficult to differentiate between authentic letters and phishing attacks.

Voice clone AI scams

In recent months, frauds utilising artificial intelligence (AI) have gained attention. 10% of respondents to a recent global McAfee study said they have already been personally targeted by an AI voice scam. 15% more people claimed to be acquainted with a victim.

AI voice scams use text-to-speech software to create new content that mimics the original audio by stealing audio files from a target's social network account. These kinds of programmes have valid, non-nefarious functions and are accessible online for free.

The con artist will record a voicemail or voice message in which they portray their target as distressed and in need of money desperately. In the hopes that their family members won't be able to tell the difference between their loved one's voice and an AI-generated one, this will then be transmitted to them.

Scams with AI investments

Scammers are using the hype surrounding AI, as well as the technology itself, in a manner similar to how they did with cryptocurrencies, to create phoney investment possibilities that look real.

Both "TeslaCoin" and "TruthGPT Coin" have been utilised in fraud schemes, capitalising on the attention that Elon Musk and ChatGPT have received in the media and positioning themselves as hip investment prospects.

According to California's Department of Financial Protection & Innovation, Maxpread Technologies fabricated an AI-generated CEO and programmed it with a script enticing potential investors to make investments. An order to cease and desist has been given to the corporation.

The DFPI claims that Harvest Keeper, another investment firm, collapsed back in March. According to Forbes, Harvest Keeper employed an actor to pose as their CEO in an effort to calm irate clients. This demonstrates the lengths some con artists will go to make sure their sales spiel is plausible enough.

Way forward

Consumers in the US lost a staggering $8.8 billion to scammers in 2022, and 2023 is not expected to be any different. Periods of financial instability frequently coincide with rises in fraud, and many nations worldwide are experiencing difficulties.

Artificial intelligence is currently a goldmine for con artists. Although everyone is talking about it, relatively few people are actually knowledgeable about it, and businesses of all sizes are rushing AI products to market.

Keeping up with the most recent scams is crucial, and now that AI has made them much more difficult to detect, it's even more crucial. Following them on social media for the most recent information is strongly encouraged because the FTC, FBI, and other federal agencies frequently issue warnings.

Security professionals advised buying a VPN that detects spyware, such NordVPN or Surfshark. In addition to alerting you to dubious websites hidden on Google Search results pages, they both will disguise your IP address like a conventional VPN. It's crucial to arm oneself with technology like this if you want to be safe online.

Beware of "Quishing": Fraudsters Steal Data Using QR Codes



 

User Security

Cyber Fraud Online Safety Phishing scam QR Codes Quishing User Security

Beware of "Quishing": Fraudsters Steal Data Using QR Codes

The vulnerability of protected health data may be increased by the usage of QR codes, which are intended to speed up processes like picture file transfers but actually expose organisations' weak points in mobile device security.

A fake QR code that links people to a website that seems identical to the real thing might be substituted by cunning cybercriminals in order to intercept user data and patients' personal information. In a practice called "quishing," they can even incorporate fake QR codes inside emails that appear to be from trusted sources.

QR code scam

With a projected increase of more than seven times in 2022, "scan scams" are now virtually regular occurrences.

Patient data breaches, malware infestations, and identity theft are all risks posed by QR code phishing in particular to healthcare organisations and patients. Cybercriminals deceive clients or staff into scanning a QR code that takes them to a website that seems authentic and asks for personal information or log-in credentials.

To access patient portals, provider networks, and other digital services, hackers steal sensitive data, including medical histories, insurance details, social security numbers, and other personal identity data.

Patient data is an extremely alluring target since it has a market on the dark web. In fact, depending on the level of data, a single patient record can fetch up to $1,000 on the underground market. That sum of money is over 50 times greater than what is typically recorded on credit cards.

Role of organisations

Organisations can increase provider, carer, and patient communication and openness with the aid of QR codes. Employing a QR code generator with integrated capabilities like single sign-on, multi-factor authentication, custom domain, and user management can help healthcare organisations safeguard this technology.

The second crucial component is a platform for QR codes with incident management tools and security measures that are subject to recurring in-depth examinations. But education also contributes to preventing QR code fraud.

Healthcare organisations must educate their staff members and patients on how to use QR codes safely, including how to spot and stay away from malware, phishing scams, and other security risks.

Mitigation tips

Patients should be encouraged to check the legitimacy of the QR codes they scan before providing personal information. There are also security and privacy problems because a lot of individuals open a link right away after scanning a QR code without even checking it. To determine whether a destination is reliable, patients should check the website or app URL linked to the QR code or use a reliable QR code scanner app.

Additionally, patients must only scan QR codes from reputable websites and applications, such as the printed materials, website, or app of their healthcare practitioner. Patients shouldn't scan a QR code if it seems sketchy or is from an unknown source.

Finally, patients should exercise caution when sharing sensitive information via a QR code, such as their medical history or insurance details. They should only provide this information to reputable healthcare practitioners who can vouch for its secure and encrypted transmission.

Cryptocurrency Scams: How to Detect and Avoid Them



 

User Security

Crypto Phishing Crypto Scam Cyber Fraud Online Security Phishing scam User Privacy User Security

Cryptocurrency Scams: How to Detect and Avoid Them

Due to the prevalence of fraudulent activity since its inception, the bitcoin market has become well-known. Scammers employ a number of techniques to trick bitcoin consumers and take their hard-earned money.

How do crypto phishing scams work?

The well-known cyberattack known as phishing has been around for a while. The FBI Internet Crime Report for 2022 states that phishing was the most prevalent technique, with 300,497 victims losing $52 million as a result. This fraudulent activity has now spread to the world of cryptocurrencies.

A crypto phishing scam is a strategy used by scammers to steal sensitive information, such as the private key to your wallet. They accomplish this by posing as a trustworthy organisation or individual and requesting personal information from you. The information you supply is then used to steal your digital assets.

Crypto phishing scams have become more frequent in recent years. A well-known cryptocurrency hardware wallet maker, Trezor, issued a warning regarding a large crypto phishing attack in February 2023. Users of Trezor were the target of scammers who sent them fictitious security breach alerts in an effort to get them to divulge their recovery seed phrase, which the attackers could then use to steal their cryptocurrency.

Identifying crypto phishing scams

Following are five warning signals to watch out for to prevent becoming a victim:

The majority of the time, cybercriminals send mass emails or messages without checking the language, spelling, or sentence structure. As a result, grammatical errors are the clearest indication of a phishing letter. Clear communication with their clients is important to reputable businesses.

Scammers frequently copy the logos, colour schemes, typefaces, and messaging tones of respectable businesses. The branding of the crypto businesses you utilise should therefore be familiar to you.

The URLs in the message should always be double-checked because phishers often utilise links that look real but actually take you to dangerous websites.

Prevention tips

Don't disclose your private keys: Your private keys are what allow you to access your cryptocurrency wallet. Keep them confidential and never give them out.

Educate yourself: Stay up to date on the latest cyber risks and best practises for keeping your cryptocurrency secure. The more you know about self-defense, the better prepared you'll be to defend against cyber-attacks.

In-depth research: Before investing in any cryptocurrency, properly investigate the concept and the team behind it. Examine the project's website, white paper, and social media outlets to establish its legitimacy.

EU Privacy Watchdog Forms ChatGPT Task Force



 

Phishing scam

Artificial Intelligence ChatGPT Cyber Security Encryption EU Malicious actor Phishing scam

EU Privacy Watchdog Forms ChatGPT Task Force

The European Union’s privacy watchdog, known as the European Data Protection Supervisor (EDPS), has recently announced the formation of a task force to examine the potential privacy and data protection issues related to the ChatGPT language model. ChatGPT is a powerful artificial intelligence (AI) system that is designed to understand natural language and generate human-like responses to queries.

The EDPS has expressed concerns that ChatGPT could potentially pose significant privacy risks if it is not properly regulated and monitored. In particular, they have highlighted the potential for ChatGPT to be used for phishing scams, identity theft, and other forms of cybercrime.

One of the key vulnerabilities of ChatGPT is its ability to learn from the data it is given. This means that if it is fed with biased or malicious data, it could learn to replicate that behavior in its responses. This could potentially lead to harmful or discriminatory behavior towards certain groups of people.

Furthermore, ChatGPT is designed to generate responses based on a given context. This means that if it is given access to sensitive information, it could potentially reveal that information to unauthorized parties. This could lead to serious privacy breaches and data leaks.

To address these concerns, the EDPS has formed a task force that will work to develop guidelines and regulations for the use of ChatGPT. This task force will bring together experts from a range of fields, including AI research, privacy law, and cybersecurity.

The task force will be tasked with developing a set of best practices and guidelines for the use of ChatGPT. This will include recommendations on how to mitigate potential privacy risks, such as using robust encryption and access controls to protect sensitive data.

Overall, the formation of the ChatGPT task force is an important step towards ensuring that the use of AI systems like ChatGPT is properly regulated and monitored. By addressing potential vulnerabilities and developing best practices for their use, the EU can help to mitigate the risks associated with these powerful technologies and ensure that they are used in a responsible and ethical manner.

Don't Get Hooked: How Scammers are Reeling in YouTube Users with Authentic Email Phishing



 

Youtube

Cybersecurity email security online threats Phishing scam Youtube

Don't Get Hooked: How Scammers are Reeling in YouTube Users with Authentic Email Phishing

Are you a YouTube user? Beware of a new phishing scam that has been making rounds lately! In recent times, YouTube users have been targeted by a new phishing scam. The scammers use an authentic email address from YouTube, which makes it difficult to differentiate between a genuine email and a fraudulent one.

What is a phishing scam?

Phishing scams are fraudulent attempts to obtain sensitive information, such as usernames, passwords, and credit card details, by disguising themselves as trustworthy entity in electronic communication. Typically, scammers use social engineering techniques to trick users into clicking on a malicious link or downloading malware.

What is the new YouTube phishing scam?

The new YouTube phishing scam involves the use of an authentic email address from YouTube. The email appears to be from YouTube's support team, and it informs the user that their channel is at risk of being deleted due to a copyright infringement violation.

The email contains a link to a website where the user is asked to enter their YouTube login credentials. Once the user enters their login credentials, the scammers can access the user's account and potentially steal sensitive information or perform unauthorized actions.

How to identify the new YouTube phishing scam?

The new YouTube phishing scam is difficult to identify because the email address used by the scammers appears to be genuine. However, there are a few signs that you can look out for to identify the scam:

Check the sender's email address: Even though the email address appears to be genuine, you should always check the sender's email address carefully. In most cases, scammers use a similar email address to the genuine one but with a few minor differences.
Check the content of the email: The new YouTube phishing scam typically informs the user that their channel is at risk of being deleted due to a copyright infringement violation. However, if you have not received any copyright infringement notice, then you should be cautious.
Check the link in the email: Always check the link in the email before clicking on it. Hover your mouse over the link and check if the URL is genuine. If you are unsure, do not click on the link.

How to protect yourself from the new YouTube phishing scam?

To protect yourself from the new YouTube phishing scam, follow these tips:

Enable two-factor authentication: Two-factor authentication adds an extra layer of security to your account. Even if the scammers obtain your login credentials, they will not be able to access your account without the second factor of authentication.
Do not share your login credentials: Never share your login credentials with anyone, even if the email appears to be from a genuine source.
Report suspicious emails: If you receive a suspicious email, report it to YouTube immediately. This will help to prevent other users from falling victim to the scam.
Keep your software up to date: Keep your operating system and software up to date to ensure that you have the latest security patches and updates.

Stay cautious

The new phishing scam using an authentic email address is a serious threat to YouTube users. However, by following the tips mentioned in this blog, you can protect yourself from falling victim to the scam. Always be vigilant and cautious when dealing with emails that request sensitive information. Remember, if you are unsure, do not click on the link.

Watch Out for These Common Signs to Identify an Email Phishing Scam



 

User Safety

Cyber Fraud Data Leak Data Safety Email Phishing Phishing scam User Privacy User Safety

Watch Out for These Common Signs to Identify an Email Phishing Scam

Cybercriminals most frequently use phishing as a method of attack. This communication is a hoax designed to trick the recipient into disclosing private information, sending money, or clicking on a dangerous link. Usually, it is transmitted by email, social media direct messages, or some other text-based method.

There are many different kinds of phishing, but for big firms, whaling or imitation phishing is the most dangerous. In this kind of attack, the cybercriminal poses as a senior executive to target the employees of the target company. In order to mislead the recipient, deceptively similar email addresses, display names, and messages are used. Since an email from top management or a professional acquaintance is typically taken to be authentic and doesn't arouse suspicion, it is a particularly effective strategy.

To mitigate risks, watch out for these tell-tale signs to identify a phishing email.

Unexpected or unsolicited correspondence

When an email arrives unexpectedly, that's your first clue that it might be a fraud. Do you recall any offline or in-person discussions about the aforementioned subject? A warning sign that an email may be a phoney message is when you unexpectedly receive one from a top leader, client, or vendor without any prior context.

Scan the display name and email address

Always check the display name and email address of the sender. On closer inspection, you might discover that a "O" has been changed to a "0" or a I has been changed to a "!". It might initially appear to be genuine. Also, you need to regularly check the domains of the emails you get.

Internal communications will almost never come through a free email provider and will almost always come from the company's official domain. The same is true of external communication from other enterprises and companies. When you hover over a domain, the fraudulent one will often appear to be real or similar to the company's email address.

Prompting urgency

In most cases, phishing emails sound urgent. They want the victim to act without considering or confirming the legitimacy of the email's sender or contents. So, you should be wary of senior executives who unexpectedly request money transfers or information disclosures over email. Always confirm such requests using alternative methods. Call the sender directly, for instance, to confirm the communication.

Unusual query

Take into account the requests made in the email. There are some common calls to action in phishing emails. They request that you send them private or delicate business information that shouldn't ideally be communicated through email in an unforeseen or initial discussion. It can also request that you click a link to submit this data. You can be led to assume that a senior executive has sent you a paper pertinent to your job by including it in an email. It might even request that you transfer money, either your own or, if you have the power, the company's.

Prevention tips

The first thing to do if you think you've received a phishing email is to say nothing. That is, never reply to emails, click on any links, or download any attachments. Next, if you have any doubts about the communication's legitimacy, you should always get in touch with the sender directly through a different method, such as by phone, text, or in person.

Additionally, keep an eye on the emails that arrive in your mailbox. Even if they are from within the company, use extra caution when dealing with emails or senders you weren't anticipating.

Search This Blog

Sections

Popular Posts

Blog Archive

Labels

About Me

Showing result(s) for

Popular Posts

Pages

Menu Item

Checking email language

Analyze the Language of the Email Carefully

Red flags are everywhere, even mails

Beware of Deepfake video scams

The Evolving Nature of Phishing Scams

How to Protect Your Cryptocurrency Wallet

Finding the Hijacking Scheme

More about the threat actor

Looking for damage

The Scam

Phishing and Brand Names

Cybersecurity and Temu

What is Google AMP?

How are attackers using Google AMP?

What can organizations do?

What is a phishing scam?

What is the new YouTube phishing scam?

How to identify the new YouTube phishing scam?

How to protect yourself from the new YouTube phishing scam?

Stay cautious