Cybercriminals Exploit Tax Season With New Phishing Tactics
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Tax-season phishing floods deliver RMM malware, credential theft, BEC and tax-form scams
Crooks tweak familiar copy-paste ruse so that victims run malicious commands themselves A new twist on the long-running ClickFix scam is now tricking Windows users into launching Windows Terminal and pasting malware into it themselves – handing the credential-stealing Lumma infostealer the keys to their browser vault.…
Cybersecurity researchers have lifted the veil on a widespread malicious campaign that's targeting TikTok Shop users globally with an aim to steal credentials and distribute trojanized apps
Threat actors are scamming users by advertising legitimate-looking generative AI websites that, when visited, install credential-stealing malware onto the victim's computer.
Phishers check in, your credentials check out, Microsoft warns An ongoing phishing campaign disguised as a Booking.com email casts keystroke and credential-stealing malware into hospitality employees' inboxes for financial fraud and theft, according to Microsoft Threat Intelligence.…
Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware
In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. [...]
Plus: Chocolate Factory launches second lawsuit against false DMCA takedowns Google has sued three scammers for offering a fake download of its Bard AI chatbot that contained malware capable of stealing credentials for small business' social media accounts.…
Two new Android malware families named 'CherryBlos' and 'FakeTrade' were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams. [...]