Phishing news & analysis | SC Media

Phishing

Restaurant Depot customers targets of phishing emails

Customers of commercial food service wholesaler Restaurant Depot received phishing emails asking for payment of an (attached) outstanding invoice or else the company would deduct the balance from their accounts. Some of those recipients began tweeting to the company’s customer service department with one noting that he “finally got through to tell them. They’re aware.…

The fairly convincing phishing scam is being hosted on a compromised EA Games server.

Fake résumé emails attempt to spread Ordinypt Wiper to German recipients

Attention German HR departments: You may want to cross off a certain “Eva Richter” from your list of employment candidates. Especially because her so-called résumé actually infects recipients with the destructive Ordinypt Wiper malware, according to a new report. The fake résumé phishing campaign began on Sept. 11 and is specifically aimed at German-speaking employers,…

Researchers: Iranian phishing campaign targets universities with fake library emails

The Mabna Institute, an Iranian firm whose members were indicted last year for cyberattacks against U.S. universities and other organizations, appears to have launched a new global phishing operation targeting the education sector last July and August. This past’s summer campaign follows the same basic m.o. as previous attacks that the same threat group has…

LYCEUM threat group targets oil and gas, critical infrastructure orgs in MidEast

A LYCEUM threat group targeting critical infrastructure entities – including oil and gas and telecommunications organizations in the Middle East – went undetected for more than a year, according to researchers at the Dell SecureWorks Counter Threat Unit (CTU). “Stylistically, the observed tradecraft resembles activity from groups such as COBALT GYPSY (which is related to…

The fairly convincing phishing scam is being hosted on a compromised EA Games server.

Instagram phishing scam uses fake 2FA code to appear trustworthy

Researchers recently spotted a sneaky phishing scam that uses a phony two-factor authentication request to trick email recipients into entering their Instagram login credentials. “Someone tried to log in to your Instagram account. If this wasn’t you, please use the following code to confirm your identity,” according to the fraudulent email, which provides a six-digit…

U.S. indicts three over alleged phishing campaign targeting universities, businesses

The Department of Justice has indicted two Americans and a Nigerian on multiple charges for their alleged roles in a phishing scheme that targeted college employees, banks and other businesses from May 2013 through June 2014. Filed on Tuesday in U.S. District Court in New Mexico, the indictment identifies the defendants as Nigerian citizen Otuokere…

Microsoft Office 365

Scams use false alerts to target Office 365 users, admins

Malicious actors have recently been targeting Microsoft Office 365 users in two separate scams – one that distributes the TrickBot information-stealing trojan via a fake website and a phishing campaign that sends fake alerts with the intent to take over the accounts of email domain administrators. The scams are respectively detailed in a pair of…

election hacking

FEC ruling allows political campaign to accept discounted services from security firms

Political campaigns can accept low-cost help from private cybersecurity firms to protect campaigns in the 2020 election cycle, the Federal Election Commission (FEC) ruled Thursday. The commission, which viewed the discounted services as an in kind donation under current rules, had indicated it would reject the initiative but changed course. Because Area 1 Security, the…

What is workforce’s biggest cyber knowledge gap? ID’ing phishing threats, says study

An analysis of workers’ cyber knowledge gaps found that ends users last year struggled most with identifying phishing threats and protecting data throughout its lifecycle, according to a new report from Proofpoint. Titled “Beyond the Phish 2019, the report incorporated data gathered from roughly 130 million answers to questions that were posed to endpoint users…

What fresh hell is this? Fileless malware campaign spread Astaroth backdoor last spring

Microsoft’s Defender ATP Research Team yesterday revealed its discovery of a late-spring, fileless malware campaign that used “living-off-the-land” techniques to infected victims with information-stealing Astaroth backdoor. The attackers behind this particular campaign abused a multiple of legitimate services in order to deliver the final payload, including the Windows Management Instrumentation Command-line tool (WMIC), the BITSAdmin command-line…

Next post in Malware