Phishing | SC Media Phishing

Phishing

FTCODE ransomware acquires info-stealing powers

The recently discovered ransomware FTCODE has evolved to include new information-stealing capabilities, and is now infecting victims via VBScript links in phishing emails. Researchers from the Zscaler ThreatLabZ team, who say they first discovered the PowerShell-based malware, detailed the latest changes in a blog post late last week. The new iteration, version 1117.1, contains code…

The first half of 2013 saw a 355 percent uptick in social spam. Facebook is a big target.

Renewed Emotet phishing activity targets UN, government and military users

Since resuming operations after a holiday hiatus, the malicious actors behind the Emotet banking trojan network have reportedly targeted at least 82 countries with spam and crafted a special phishing campaign targeting the United Nations. Meanwhile, an additional report has revealed an increase in Emotet phishing activity targeting government and military entities over the last…

Researchers detail BEC scams

Texas school district phished for $2.3 million

The Manor Independent School District fell victim to an apparent phishing scam to the tune of $2.3 million. Officials for the Texas school system did not release many details other than to say in a January 10 statement posted on Facebook that the incident was caused by a phishing email and that the local police…

No immediate cyberthreat seen over Soleimani killing, but preparation is key

The most recent military portion or the United States’ on-going confrontation with Iran appears to be completed, but chatter is being detected among Iran’s supporters indicating anger over recent events, but none indicate an immediate threat. However, that does not mean government agencies, companies and others who may find themselves in Iran’s crosshairs should be…

Cyberattack hits Las Vegas on opening day of CES

Las Vegas had an unwelcome visitor in the form of a cyberattack that struck early in the morning of January 7 that caused some service interruptions that have since been resolved. On the same day that the massive International CES event kicked off, city officials reported what they called a “cyber compromise” taking place at…

2020 cybersecurity predictions

Curtis Simpson, CISO, Armis Voice Deepfakes will become the new phishing bait: C-level executives, politicians and other high-profile individuals are already high-risk targets for standard email phishing attacks given their level of access and financial decision making within their organization. With advancements in the deepfake voice technology, I expect a rise of voice phishing schemes…

Names, Social Security numbers exposed in Moss Adams breach

The accounting, consulting and wealth management firm Moss Adams has posted a cybersecurity incident notice centered on an employee email account that was accessed by an unauthorized person compromising PII. In the statement, which appeared on the California Attorney General’s data breach website, Moss Adams stated that on October 10, 2019 a staffer’s email account…

Rising sea and spam levels? Emotet campaign uses Greta Thunberg as lure

An Emotet banking trojan phishing campaign was spotted using the name of activist Greta Thunberg as a lure to target individuals concerned with climate change. The attackers behind the campaign recently sent out fake invitations to a nonexistent “climate crisis” demonstration supposedly led by the young Swedish activist, who was named Time’s 2019 Person of…

Phishing operation picking on Canadian banks since at least 2017

Researchers recently discovered a large-scale phishing email operation that has been targeting primarily customers of Canadian banking chains since at least 2017. The emails generally attempt to trick recipients into revealing their credentials on a phishing page that utilizes a lookalike domain and impersonates a log-in screen. Researchers with Check Point Software Technologies uncovered the…

It’s a trap! Cybercriminals use Star Wars: Rise of Skywalker as bait

Star Wars: The Rise of Skywalker is just being released into theaters today but cybercriminals were already assembling fake websites and social media profiles to deliver malware to fans, instead of something useful like the Death Star’s plans. Kaspersky researchers have found 30 fraudulent websites and social media profiles disguised as official movie accounts advertising…

Next post in Malware