Big Brand Jobs Scam Targets Marketing Pros' Google Accounts
The phishing campaign uses several tactics, including nested redirects, to evade detection and steal credentials from unsuspecting targets.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
The phishing campaign uses several tactics, including nested redirects, to evade detection and steal credentials from unsuspecting targets.
Complaint Says Service Generated More Than 1.5 Million Malicious URLsGoogle has sued a Chinese phishing-as-a-service provider accused of teaching customers to use Gemini to generate and customize scam websites, a campaign linked to more than 1.59 million phishing URLs, over 100,000 victims, and widespread credential and financial theft.
Health-ISAC Warns About Weak Governance and Credential MisuseHumans make mistakes. They fall for phishing scams and click on malicious links. Machines aren't necessarily better: Delegating decisions to agentic artificial tools can significantly intensify cybersecurity risks, warns a healthcare association.
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
Kwamaine Jerell Ford allegedly impersonated an adult film star and tricked his high-profile victims into sharing their iCloud credentials and MFA codes under false pretenses. The post Zero lessons learned: Convicted scammer allegedly ran another athlete-focused phishing scam from federal prison appeared first on CyberScoop.
Crooks tweak familiar copy-paste ruse so that victims run malicious commands themselves A new twist on the long-running ClickFix scam is now tricking Windows users into launching Windows Terminal and pasting malware into it themselves – handing the credential-stealing Lumma infostealer the keys to their browser vault.…
Compromised cPanel credentials are being sold in bulk across underground channels as plug-and-play phishing and scam infrastructure. Flare explains how analyzing 200,000 underground posts reveals a commoditized market for hacked site management panels. [...]
Cybersecurity researchers issue warning over a surge in attacks designed to trick Facebook users into handing over login credentials
The actor behind the "Contagious Interview" campaign is continuing to refine its tactics and social engineering scams to wrest credentials from macOS users.
The Swiss National Cyber Security Centre (NCSC) is warning iPhone owners about a phishing scam that claims to have found your lost or stolen iPhone but is actually trying to steal your Apple ID credentials. [...]
The sophisticated campaign aims to steal credentials of sponsor license holders to facilitate immigration fraud, extortion and other monetization schemes
Cybersecurity researchers have lifted the veil on a widespread malicious campaign that's targeting TikTok Shop users globally with an aim to steal credentials and distribute trojanized apps
FIs Must Invest in AI-Fueled Behavioral Biometrics to Go Beyond Static CredentialsScammers are increasingly turning to account takeover fraud, as financial institutions ramp up their defenses. Instead of luring victims into making authorized transactions, cybercriminals are bypassing them altogether, hijacking their digital identities and draining accounts from within.
Threat actors are scamming users by advertising legitimate-looking generative AI websites that, when visited, install credential-stealing malware onto the victim's computer.
Lovable, a generative artificial intelligence (AI) powered platform that allows for creating full-stack web applications using text-based prompts, has been found to be the most susceptible to jailbreak attacks, allowing novice and aspiring cybercrooks to set up lookalike credential harvesting pages
Phishers check in, your credentials check out, Microsoft warns An ongoing phishing campaign disguised as a Booking.com email casts keystroke and credential-stealing malware into hospitality employees' inboxes for financial fraud and theft, according to Microsoft Threat Intelligence.…
Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware
Hackers hijack high-profile X accounts with phishing scams to steal credentials and promote fraudulent cryptocurrency schemes
Cybersecurity researchers have discovered a malvertising campaign that's targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting their credentials
Cybersecurity researchers have alerted to a new malvertising campaign that's targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google