Phishing news & analysis | SC Media

Phishing

DHS election lead warns state secretaries of phishing threat leading up to 2020

A Department of Homeland Security (DHS) official warned a Santa Fe, N.M., gathering of secretaries of state to beware of phishing attempts that might target their state and local election systems and workers. “We know that phishing is how a significant number of state and local government networks become exploited,” an ABC News report cited…

Fake Facebook political pages tricked Libyans into downloading RATs

A mysterious hacker has for years been tricking Libyan citizens into infecting themselves with mobile and desktop malware by luring them to weaponized Facebook pages that impersonate key local figures and purport to deliver news of interest to the civil war-torn nation’s people. Researchers from Check Point Software Technologies have traced the campaign – dubbed…

Researches: Wipro breach part of much larger gift card fraud operation

The group responsible for conducting a phishing attack against Indian IT consulting firm Wipro and its clients has since mid-2016 been conducting a far-reaching gift card fraud operation targeting an array of businesses, a new report states. What’s more, the malicious activity bear certain hallmarks of a state-sponsored actor with financial motives, according to a…

Sodinokibi ransomware campaigns span growing array of attack vectors

Since its discovery of Sodinokibi ransomware last April, cybercriminals have reportedly been attempting to infect networks with the malicious encryption program through a growing number of vectors, including supply chain attacks, spam, and malvertisements that redirect victims to an exploit kit. Sodinokibi encrypts data found in the user directory and prevents data recovery by leveraging…

Social Engineered hacked, user data leaked, dumped on rival site

User data from Social Engineered, which bills itself as a forum for the “Art of Human Hacking,” was leaked in mid-June and posted on a rival site. “Mybb had a vulnerability yet again and the site got breached along other websites using Mybb,” Social Engineered founder, Snow101, confirmed in a blog post. “We moved over…

Phishing campaign impersonates email alerts from DHS

An ongoing email-based phishing scam is attempting to fool recipients into opening malicious attachments disguised as notifications from the U.S. Department of Homeland Security (DHS), according to the Cybersecurity and Infrastructure Security Agency, in a warning posted on the official US-CERT web site this past Tuesday. “The email campaign uses a spoofed email address to…

IRS

IRS warns users of post-tax season phishing scams

The IRS once again is warning taxpayers to be on the lookout for phishing scams even after tax season has ended. The agency has identified two new variations of tax related scams with one threatening to cancels a victim’s social security while the other claims to threaten victims with an IRS lien or levy, according…

New Hawkball backdoor attacks government sector in Central Asia

A newly discovered malicious backdoor by the name of Hawkball was recently observed in a campaign apparently targeting one or more Russian-speaking government entities in Central Asia, according to a blog post this week from FireEye Labs. Upon successful infection, Hawkball offers the unidentified attackers a range of malicious capabilities, writes FireEye blog post author…

Next post in Malware