Phishing news & analysis

Coronavirus, Cybercrime, Government, Malware, Phishing, Security News, Web Services Security, E-Commerce Security, Website/Web Server Security

Open redirect on Dept. of HHS website benefits COVID-19 phishing scam

By

Bradley Barth

March 24, 2020

A coronavirus-themed phishing campaign designed to infect victims with Raccoon information-stealing malware has reportedly been leveraging an open redirect vulnerability found on the U.S. Department of Health and Human Services’ website, HHS.gov. As defined by Trustwave here, an open redirect occurs when a website’s “parameter values (the portion of URL after “?”) in an HTTP…

Data Breach, Phishing

Canon breach exposes personal data of current, former GE employees, beneficiaries

By

Teri Robinson

March 24, 2020

A February breach at service provider Canon Business Process Services exposed the personal information of current and former GE employees and their beneficiaries. “While I’m usually a bit numb to the latest data breach, the sheer variety of exposed information is unique,” said Roger Grimes, data driven defense evangelist at KnowBe4. “GE and Canon haven’t…

Coronavirus, Cybercrime, Email Security, Government, Malware, Phishing, Ransomware, Security News

FBI warns of COVID-19 phishing scams promising stimulus checks, vaccines

By

Bradley Barth

March 23, 2020

The FBI’s Internet Crime Complaint Center (IC3) has issued a public service announcement warning citizens to watch out for email-based fraud and malware schemes that take advantage of the coronavirus pandemic. Among the scams to look out for are emails purporting to contain helpful information from the Centers for Disease Control and Prevention (CDC) and…

Malware, Phishing, Security News

Don’t get fooled again: Fake coronavirus emails impersonate the WHO to deliver FormBook trojan

By

Bradley Barth

March 9, 2020

Fears over the novel coronavirus have triggered mass quarantines, Purell and Clorox shortages and financial market turmoil. As global concerns continue to mount with the latest headlines – just today, it was reported that the head of the Port Authority of New York and New Jersey was infected – cyber fraudsters and threat actors continue…

Government/Defense, In Depth, Phishing, Security News

Coronavirus sparks phishing, disinformation, tabletop exercises and handwashing

By

Teri Robinson

March 6, 2020

It’s hard to tell who’s benefitting most from the coronavirus – Russia, hackers or hand sanitizer vendors, the latter of whom are at least trying to help stop the spread of the dangerous disease. A State Department official told Congress Thursday that Russian operatives are behind coronavirus conspiracy theories popping up on social media while…

Cybercrime, Data Breach, Phishing, Security News

Choppy waters: Data breach impacts Princess and Holland America cruise lines

By

Bradley Barth

March 5, 2020

The personal information of cruise passengers, crew and employees were compromised last year after an unauthorized party gained access to the email accounts of employees working for Princess Cruises and Holland America Line — both divisions of Carnival Corporation & plc. According to a disclosure notification posted on both cruise lines’ websites [1, 2], as…

Cybercrime, Malware, Phishing, Security News

Phishing campaign targets Americas with new variant of Loda RAT

By

Bradley Barth

February 13, 2020

Researchers have observed a new malware campaign that’s been targeting the U.S., Argentina, Brazil and Costa Rica with an updated variant of the Loda RAT remote access trojan. In a company blog post on Wednesday, Cisco Talos said that since at least the last quarter of 2019, the campaign has been using malicious websites to…

Cybercrime, Email Security, Government, Phishing, Research

FBI tallied 467K cybercrime complaints in 2019, totaling $3.5B in losses

By

Bradley Barth

February 12, 2020

The FBI’s Internet Crime Complaint Center (IC3) last year fielded 467,361 complaints related to cybercrime activity that collectively cost victims $3.5 billion in losses, according the agency’s just released 2019 Internet Crime Report. The 2019 complaint count represents a nearly 33 percent increase from the 2018 total of 351,937, and the $3.5 billion figure also…

Cybercrime, In Depth, Malware, Phishing, Security News

Phishing emails lure victims with news of coronavirus’ impact on shipping

By

Bradley Barth

February 11, 2020

Looking to capitalize on the current coronavirus scare, malware distributors have launched a new phishing campaign that targets global companies with emails that suggest that virus could disrupt shipping operations. According to a Feb. 10 research blog post authored by Sherrod DeGrippo, senior director of threat research and detection at Proofpoint, the malicious actors have…

Cybercrime, Malware, Phishing, Security News

TA505 phishing campaign uses HTML redirectors to spread info stealer

By

Bradley Barth

February 3, 2020

The cybercriminal group TA505 has reportedly changed up its tactics again, now engaging in phishing campaigns that leverage attachments with HTML redirectors in order to deliver Excel documents containing malware. Following a short period of inactivity, the group, resumed activities last month with a scheme designed to get victims to install the information-stealing Trojan GraceWire,…

Phishing

Open redirect on Dept. of HHS website benefits COVID-19 phishing scam

Canon breach exposes personal data of current, former GE employees, beneficiaries

FBI warns of COVID-19 phishing scams promising stimulus checks, vaccines

Don’t get fooled again: Fake coronavirus emails impersonate the WHO to deliver FormBook trojan

Coronavirus sparks phishing, disinformation, tabletop exercises and handwashing

Choppy waters: Data breach impacts Princess and Holland America cruise lines

Phishing campaign targets Americas with new variant of Loda RAT

FBI tallied 467K cybercrime complaints in 2019, totaling $3.5B in losses

Phishing emails lure victims with news of coronavirus’ impact on shipping

TA505 phishing campaign uses HTML redirectors to spread info stealer

MOST POPULAR

Want to read more?

Hacker pleads guilty to stealing Nintendo secrets