Cybercriminals Exploit Tax Season With New Phishing Tactics
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
Cybersecurity Researchers at ReliaQuest warn of an ongoing campaign delivered to “high-value individuals” via LinkedIn messages
Phishing attacks have been identified using fake PayPal alerts to exploit remote monitoring and management tools
Cybersecurity researchers issue warning over a surge in attacks designed to trick Facebook users into handing over login credentials
Misconfigurations abused to make phishing emails look like they come from within the organization
BitSight research has revealed how threat actors exploit calendar subscriptions to deliver phishing links, malware and social engineering attacks through hijacked domains
New smishing attacks exploit Milesight routers to send phishing texts targeting Belgian users
North Korean hackers have been observed exploiting cyber threat intelligence platforms in a campaign targeting job seekers with malware-laced lures
A new phishing campaign uses SVG files for JavaScript redirects, bypassing traditional detection methods
Fullscreen Browser-in-the-Middle attacks are making it harder for users to detect malicious websites
Phishing attack exploits social engineering techniques alongside Microsoft Teams and remote access software to deploy BackConnect malware
Cybercriminals exploit government websites using open redirects and phishing tactics, bypassing secure email gateway protections
A new PayPal phishing scam used genuine money requests, bypassing security checks to deceive recipients
Cybercriminals are ramping up scams via darknet marketplaces, selling phishing kits for $100-$1000
The new Remcos RAT variant identified in a new phishing campaign exploits CVE-2017-0199 via malicious Excel files
The LOTS attack uses trusted sites like Google Drawings and WhatsApp to trick users into sharing data
Cybercriminals have launched phishing campaigns purporting to support organizations impacted by the global IT outage, caused by a CrowdStrike Falcon issue
Barracuda has observed attackers using three different URL protection services to mask their phishing URLs, bypassing email security tools
According to Enea, these campaigns use cloud storage platforms to host malicious websites, sending links via SMS to bypass firewalls
Adversaries targeting EU-based victims increasingly leverage EU affairs in spear phishing attacks, CERT-EU found