IRS Warns of Holiday-Themed Shopping Scams

The US Internal Revenue Service (IRS) has issued an advisory warning taxpayers to be on the lookout for holiday-themed shopping scams.
Continue Reading

FBI Warns of Cybercriminals Using Generative AI to Launch Phishing Attacks

The US Federal Bureau of Investigation (FBI) warns that threat actors are increasingly using generative AI to increase the persuasiveness of social engineering attacks.
Continue Reading

Malicious Google Ads Target Users Seeking Solutions to Printer Problems

Scammers are abusing Google ads to target users searching for help with printer problems, according to researchers at Malwarebytes.
Continue Reading

Phishing Attacks Impersonating Big Brands Start to Zero in on Just One Brand

The latest data on brand phishing trends shows one brand dominating quarter over quarter, but also continuing to take on a larger share of the brand impersonation.
Continue Reading

China Threat Actor Targets Individuals and Entities in Japan Via Spear Phishing Campaign

Researchers at Trend Micro warn that the China-aligned threat actor Earth Kasha has launched a new spear phishing campaign targeting individuals and organizations in Japan.
Continue Reading

Malicious Loan Apps Target Android Users in Africa, South America and Asia

Researchers at McAfee warn of a surge in malicious loan apps targeting Android users across South America, Southern Asia, and Africa.
Continue Reading

Nearly Every Hacker Believes AI Tools Have Created a New Attack Vector

A new survey of hackers shows that AI is not only empowering hackers to be more effective, but that AI itself is “ripe for exploitation.”
Continue Reading

Chinese Threat Actor Targets Black Friday Shoppers With Phishing Campaign

Researchers at EclecticIQ warn that the financially motivated Chinese threat actor “SilkSpecter” has launched a phishing campaign targeting Black Friday shoppers across Europe and the US.
Continue Reading

U.K. Residents are Victims of the Latest Phishing Scam Targeting Starbuck Customer Credentials

Analysis of a new phishing attack highlight just how easy it can be to spot these kinds of attacks if recipients were properly educated.
Continue Reading

Phishing Emails Use SVG Files to Avoid Detection

Phishing emails are increasingly using Scalable Vector Graphics (SVG) attachments to display malicious forms or deliver malware, BleepingComputer reports.
Continue Reading

[Heads Up] Bad Actor Uses Deepnude AI Image Generator to Lure And Infect Users

The threat group FIN7 is using the lure of generating nude images of favorite celebrities to get victims to download their NetSupport RAT.
Continue Reading

Phishing Attacks Exploits the Open Enrollment Period

A phishing campaign is impersonating HR to target employees who are making annual insurance changes during the open enrollment period, according to researchers at Abnormal Security.
Continue Reading

Fraud Awareness Week

The Association of Certified Fraud Examiners (ACFE) recently released a report Occupational Fraud 2024: A Report to the Nations, where they estimated that most organizations lose about 5% ...
Continue Reading

Out of 29 Billion Cybersecurity Events, Phishing was the Primary Method of Initial Attack

The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access.
Continue Reading

Beware of Fake Tech Support Scams

About five years ago, I was having trouble with an expensive brand-name refrigerator that my wife and I had bought. It was a great refrigerator feature-wise. My wife and I initially loved ...
Continue Reading

Threat Actors are Sending Malicious QR Codes Via Snail Mail

The Swiss National Cyber Security Centre (NCSC) has warned of a QR code phishing (quishing) campaign that’s targeting people in Switzerland via physical letters sent through the mail, ...
Continue Reading

Phishing Attacks Exploit Microsoft Visio Files and SharePoint

Threat actors are exploiting Microsoft Visio files and SharePoint to launch two-step phishing attacks, according to researchers at Perception Point.
Continue Reading

Half of all Ransomware Attacks This Year Targeted Small Businesses

New data shows just how crippling ransomware has been on small businesses that have fallen victim to an attack and needed to pay the ransom.
Continue Reading

Criminal Threat Actor Uses Stolen Invoices to Distribute Malware

Researchers at IBM X-Force are tracking a phishing campaign by the criminal threat actor “Hive0145” that’s using stolen invoice notifications to trick users into installing malware.
Continue Reading

Nation-State Threat Actors Rely on Social Engineering First

A new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews