Fake “I Can’t Believe He’s Gone” Posts Seek to Steal Facebook Credentials

A new scam relies on a victim's sense of curiosity, brand impersonation, and the hopes of a new login to compromise Facebook credentials.
Continue Reading

New Phishing-As-A-Service Kit with Ability to Bypass MFA Targets Microsoft 365 Accounts

A phishing-as-a-service platform called “Greatness” is facilitating phishing attacks against Microsoft 365 accounts, according to researchers at Sucuri.
Continue Reading

Vendor Email Compromise Attacks Against Financial Services Surge 137% Last Year

Analysis of 2023 attacks shows how the financial services industry had a very bad year, with increases in both vendor email compromise (VEC) and business email compromise (BEC) attacks, ...
Continue Reading

Microsoft Teams: The New Phishing Battlefront - How Attackers Are Exploiting Trusted Platforms

Attackers are abusing Microsoft Teams to send phishing messages, according to researchers at AT&T Cybersecurity.
Continue Reading

81% of Underwriters Expect Cyber Insurance Premiums to Increase as Risk is Expected to Soar

New data from cyber insurance underwriters shows what they think the biggest threats will be in 2024 and what organizations should do about it.
Continue Reading

Ransomware Payments On The Decline As Cyber Attackers Focus on The Smallest, And Largest, Organizations

New data for Q4 of 2023 reveals a sizable shift in the cyber threat landscape, with serious implications regarding ransomware and social engineering attacks targeting both the largest and ...
Continue Reading

FBI Cyber Alert: Tech Support Scams Steal Cash or Precious Metals

The US Federal Bureau of Investigation (FBI) has issued an alert that scammers are tricking victims into converting their savings into cash or precious metals, then sending couriers to ...
Continue Reading

The Percentage of Organizations Globally Struck by Ransomware Hits an All-Time High

Check Point’s review of ransomware shows that the percent of organizations worldwide hit by this greatest of cyberthreats rose by a whopping 33% in 2023.
Continue Reading

Open Redirects Used to Disguise Phishing Links

Phishing attacks are increasingly using open redirects to evade detection by security filters, according to researchers at Trustwave.
Continue Reading

Forget Deepfake Audio and Video. Now There’s AI-Based Handwriting!

Researchers have developed AI technology that can mimic someone’s handwriting with only a few paragraphs of written content. Experts worry about the possibility of misuse.
Continue Reading

Malvertising Targets Chinese-Speaking Users

Researchers at Malwarebytes warn that a malvertising campaign is targeting Chinese-speaking users with phony ads for encrypted messaging apps. The ads impersonate apps that are restricted ...
Continue Reading

Scammers Use Airdrops to Lure Users With Phony NFTs

Researchers at Check Point warn that scammers are using airdrops to distribute phony non-fungible tokens (NFTs) that direct users to malicious sites.
Continue Reading

Bravo Host Andy Cohen Scammed Out of a “Sizable” Amount of Money by Fraudsters Posing as the Bank

Bravo host Andy Cohen tells how he became the victim of an impersonation scam that gave scammers access to control his bank account.
Continue Reading

The Number of Ransomware Attack Victims Surge in 2023 to over 4000

The surge in Ransomware-as-a-Service affiliates is likely the reason behind the dramatic increase in the number of victimized organizations, with all indicators suggesting that this trend ...
Continue Reading

New Evasive Phishing Technique “Legacy URL Reputation Evasion" (LURE)

Researchers at Menlo Security observed a 198% increase in browser-based phishing attacks over the past six months.
Continue Reading

Social Engineering Attacks Rising in the Trucking Industry

Spear phishing and voice phishing (vishing) are on the rise in the trucking industry, according to a new report from the National Motor Freight Traffic Association (NMFTA).
Continue Reading

New Deepfake Video Scam has “Taylor Swift” Offering Free French Cookware

A new wave of ads utilizing video of well-known celebrities seemingly promoting video games, fake giveaways, and more are starting to popup, and fans are falling for this trap.
Continue Reading

Use of Generative AI Apps Jumps 400% in 2023, Signaling the Potential for More AI-Themed Attacks

As the use of Cloud SaaS platforms of generative AI solutions increases, the likelihood of more “GPT” attacks used to gather credentials, payment info and corporate data also increases.
Continue Reading

North Korean Threat Actor Targeting Cybersecurity Researchers With Spear Phishing Attacks

A suspected North Korean state-sponsored threat actor called “ScarCruft” is launching spear phishing attacks against cybersecurity professionals, according to researchers at SentinelOne.
Continue Reading

Facebook Phishing Scams Target Concerned Friends and Family

BleepingComputer describes a phishing scam that’s been running rampant on Facebook for the past several months, in which threat actors use hacked accounts to post links to phony articles ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews