A new social engineering tactic, “MFA Fatigue,” has been gaining prominence across the cybercriminal landscape as more threat actors employ it. Researchers stated that this social engineering method is created exclusively for targeting corporate credentials and breaching network securities. Multiple malicious threat groups have recently started utilising the MFA Fatigue in their campaigns against different...Continue Reading
A newly discovered malicious entity called Chiffon Herring group has been linked to a particular Business Email Compromise (BEC) scam campaign that targets academic institutions. The report shows that the group employs a new payroll diversion attack to target its victims. Researchers stated that this new threat group has been relatively new to the cybercriminal...Continue Reading
A current malvertisement campaign is pushing ads in MS Edge’s news feed to redirect visitors to tech support scam websites. Edge is the ongoing default web browser on devices that runs the Windows OS and currently has a 4.3% market share globally. The tech scam campaign has been operating for a couple of months now....Continue Reading
The notorious North Korean advanced persistent threat (APT) group Lazarus is conducting a new social engineering campaign that impersonates the Coinbase company to target employees in fintech firms through fake job offers. The initial sequence of the attack is through approaching the targets in the LinkedIn platform. Subsequently, the attackers will offer a job and...Continue Reading
Online scammers have recently targeted the fans of the popular sport football after reports were heard about them selling non-existent football tickets. Furthermore, analytics reveal that over £410 was the average loss per victim, with an uptick rate of 68% in cases from January to June. These scammers have leveraged the sport’s popularity to defraud...Continue Reading
Google Ads that appear legitimate and trustworthy have been redirecting users to tech support scamming websites. Based on reports, these scams are disseminating fake security alerts that impersonate a function from Windows Defender. An ongoing massive malware advertisement campaign exploits Google Ads. If users search for YouTube-related keywords on Google, the first result will be...Continue Reading
Fraudsters exploit a computer graphics processor firm Nvidia to conduct a fake giveaway scam to steal cryptocurrency funds from their targets that bite the bait. A report stated that the scammers are abusing the 30th anniversary of the firm by luring its targets with a 50,000 BTC free giveaway. Based on a recent analysis, the...Continue Reading
WhatsApp’s CEO published an advisory on Twitter after fake versions of the messaging application were spotted circulating in numerous app stores. According to the messaging platform, WhatsApp users should be careful of downloading from unknown sources since they are being impersonated by a malicious application that poses as legitimate. The incident happened after the company’s...Continue Reading
The New York State Department of Motor Vehicles (DMV) has published a threat advisory to warn its customers about a phishing scam that can steal sums by exfiltrating credentials. Based on reports, the phishing scam attempts to steal its targeted victims’ credentials and other essential information. The phishing attack includes spam messages containing malicious links...Continue Reading
A new ransom group dubbed Luna Moth is said to have been utilising social engineering tactics, remote access trojans (RATs), and other legitimate commercially available software to be able to hack into their victims’ computers and extort ransom payments in exchange for their data. According to the reports published about Luna Moth, its operators execute...Continue Reading
