Phishing Attack Targets Hundreds of Zimbra Customers in Four Continents
A good chunk of the entire user base of a particular email service is being targeted for sensitive credentials.
Phishing uses deceptive messages to steal credentials or deliver malware, while user verification, MFA, and email filtering reduce the risk.
Search across headline titles and summaries.
Background for this topic.
Phishing is deceptive communication—by email, text, phone, or a fake website—that impersonates a trusted person or service to make someone disclose credentials, approve a transaction, reveal sensitive information, or run harmful software. Attackers use it to bypass technical controls by persuading a legitimate user to perform an action, and may target employees, customers, administrators, or suppliers.
Its impact can include account takeover, unauthorized payments, exposure of personal or business data, and access to internal systems. The most effective control for stolen-password phishing is phishing-resistant multi-factor authentication, such as hardware-backed passkeys or security keys, which binds authentication to the legitimate site. Organizations should also filter and authenticate messaging where possible, use password managers, restrict risky actions, train users to verify unusual requests through a separate channel, and provide rapid reporting so suspected credentials or sessions can be revoked.
A good chunk of the entire user base of a particular email service is being targeted for sensitive credentials.
You've probably never heard of "16Shop," but there's a good chance someone using it has tried to phish you. Last week, the international police organization INTERPOL said it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams. INTERPOL said authorities in Indonesia arrested the 21-year-old proprietor and one of his alleged facilitators, and that a third suspect was apprehended in Japan.
An ongoing phishing campaign has been underway since at least April 2023 that attempts to steal credentials for Zimbra Collaboration email servers worldwide. [...]
ESET said the campaign mainly targeted SMEs and governmental entities in Poland, Ecuador and Italy
An ongoing campaign targeting ministries of foreign affairs of NATO-aligned countries points to the involvement of Russian threat actors
Kaspersky explained one common strategy is the hacking of abandoned or poorly maintained websites
A phishing campaign was observed predominantly targeting a notable energy company in the US, employing QR codes to slip malicious emails into inboxes and bypass security. [...]
Attackers sent more than 1,000 emails with 2FA, MFA, and other security-related lures aimed at stealing Microsoft credentials.
Threat actors' use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months
Is your organization constantly under threat from credential phishing? Even with comprehensive security awareness training, many employees still fall victim to credential phishing scams
Abandoned sites — like Wordpress — are easy to break into, offer a legitimate looking cover, and can remain active for longer than average.
Global law enforcement operation leads to arrests of suspects behind sale of popular phishing kits.
PLUS: Phishing campaign targets the C-suite; Cybercrime arrests in EU and Africa; and more Infosec in brief The July breach of Microsoft Exchange Online by suspected Chinese hackers is the next topic up for review by the Department of Homeland Security's Cyber Safety Review Board (CSRB). …