Phishing news & analysis | SC Media

Phishing

Power plant Russia

Second phishing campaign featuring LookBack malware targets U.S. utilities

A malicious threat actor continued to target the U.S. utilities sector with LookBack malware last August, launching a new phishing campaign that targeted organizations with emails impersonating a certification test administrator. Discovered earlier this year by researchers at Proofpoint, LookBack includes a proxy mechanism and a remote access trojan module. In July, the attackers behind…

Millions of YouTube accounts hijacked through phishing and compromised 2FA

Cybersecurity executives blamed YouTube’s continued use of multifactor authentication and relying on user credentials instead of more advanced forms authentication as the reasons behind why millions of accounts were hijacked over the last few days. The attackers used phishing attacks that convinced account owners to give up their Google account login credentials, used that information…

Restaurant Depot customers targets of phishing emails

Customers of commercial food service wholesaler Restaurant Depot received phishing emails asking for payment of an (attached) outstanding invoice or else the company would deduct the balance from their accounts. Some of those recipients began tweeting to the company’s customer service department with one noting that he “finally got through to tell them. They’re aware.…

The fairly convincing phishing scam is being hosted on a compromised EA Games server.

Fake résumé emails attempt to spread Ordinypt Wiper to German recipients

Attention German HR departments: You may want to cross off a certain “Eva Richter” from your list of employment candidates. Especially because her so-called résumé actually infects recipients with the destructive Ordinypt Wiper malware, according to a new report. The fake résumé phishing campaign began on Sept. 11 and is specifically aimed at German-speaking employers,…

Researchers: Iranian phishing campaign targets universities with fake library emails

The Mabna Institute, an Iranian firm whose members were indicted last year for cyberattacks against U.S. universities and other organizations, appears to have launched a new global phishing operation targeting the education sector last July and August. This past’s summer campaign follows the same basic m.o. as previous attacks that the same threat group has…

LYCEUM threat group targets oil and gas, critical infrastructure orgs in MidEast

A LYCEUM threat group targeting critical infrastructure entities – including oil and gas and telecommunications organizations in the Middle East – went undetected for more than a year, according to researchers at the Dell SecureWorks Counter Threat Unit (CTU). “Stylistically, the observed tradecraft resembles activity from groups such as COBALT GYPSY (which is related to…

The fairly convincing phishing scam is being hosted on a compromised EA Games server.

Instagram phishing scam uses fake 2FA code to appear trustworthy

Researchers recently spotted a sneaky phishing scam that uses a phony two-factor authentication request to trick email recipients into entering their Instagram login credentials. “Someone tried to log in to your Instagram account. If this wasn’t you, please use the following code to confirm your identity,” according to the fraudulent email, which provides a six-digit…

U.S. indicts three over alleged phishing campaign targeting universities, businesses

The Department of Justice has indicted two Americans and a Nigerian on multiple charges for their alleged roles in a phishing scheme that targeted college employees, banks and other businesses from May 2013 through June 2014. Filed on Tuesday in U.S. District Court in New Mexico, the indictment identifies the defendants as Nigerian citizen Otuokere…

Microsoft Office 365

Scams use false alerts to target Office 365 users, admins

Malicious actors have recently been targeting Microsoft Office 365 users in two separate scams – one that distributes the TrickBot information-stealing trojan via a fake website and a phishing campaign that sends fake alerts with the intent to take over the accounts of email domain administrators. The scams are respectively detailed in a pair of…

election hacking

FEC ruling allows political campaign to accept discounted services from security firms

Political campaigns can accept low-cost help from private cybersecurity firms to protect campaigns in the 2020 election cycle, the Federal Election Commission (FEC) ruled Thursday. The commission, which viewed the discounted services as an in kind donation under current rules, had indicated it would reject the initiative but changed course. Because Area 1 Security, the…

Next post in Security News