The Manor Independent School District fell victim to an apparent phishing scam to the tune of $2.3 million. Officials for the Texas school system did not release many details other than to say in a January 10 statement posted on Facebook that the incident was caused by a phishing email and that the local police…
Minnesota-based hospital operator Alomere Health this month began notifying patients of a data breach affecting 49,351 individuals, after a malicious actor gained access to two employee email accounts in late October and early November. The first incident took place between Oct. 31 and Nov. 1, 2019, while the second account hijacking happened days later on…
Business email compromise or impersonation attacks overall rose during the second quarter of 2019 by 25 percent with some types of attacks becoming more common and better executed. During this period FireEye has noted attackers are increasingly impersonating executives and attempting to involve a company’s supply chain vendors as part of the attack to make…
A “double-free” bug in WhatsApp lets attackers exploit it using a malicious GIF to access user content, according to a blog post by a self-described technologist and information security enthusiast that goes by the handle Awakened on GitHub. An attacker would need to send the GIF via a messaging platform to a victim’s device where…
Cybercriminals have found a way to use Google Alerts to hook victims into scams or push malware. Bleeping Computer CEO Lawrence Abrams found that malicious actors are creating malicious sites into Google so they will be emailed to people who have alerts set for that particular subject matter. The malicious pages are created using popular…
Cybercriminals have found a way to use Google Alerts to hook victims into scams or push malware. Bleeping Computer CEO Lawrence Abrams found that malicious actors are creating malicious sites into Google so they will be emailed to people who have alerts set for that particular subject matter. The malicious pages are created using popular…
A cybercriminal gang has put together a phishing campaign that utilizes several trusted sources, along with insider help from a top tier security company service to convince its victims to open and download a malicious attachment. Cofense Intelligence found the malicious actors, who are only targeting Brazilians, are extensively using trusted names, legitimate Windows services…
Law enforcement officials at home and abroad have arrested 281 individuals over a span of four months, in a massive crackdown on various business email compromise scams, the Justice Department announced yesterday. Dubbed Operation reWired, the coordinated campaign began in May 2019 and has resulted in 72 arrests in the U.S., and 167 in Nigeria,…
Researchers recently spotted a sneaky phishing scam that uses a phony two-factor authentication request to trick email recipients into entering their Instagram login credentials. “Someone tried to log in to your Instagram account. If this wasn’t you, please use the following code to confirm your identity,” according to the fraudulent email, which provides a six-digit…
Federal prosecutors today unsealed a 252-count indictment against 80 individuals – mostly Nigerian nationals – who allegedly conspired to bilk at least $46 million from victims via romance scams, business email compromises and other online fraud schemes. The grand jury indictment was filed in the Central District of California back in October 2018 and unsealed…
