Extortion Gang Sends In-Person Attackers to Exfiltrate Data

An extortion gang tracked as “Silent Ransom Group” is targeting US law firms with voice phishing and in-person social engineering attacks, according to researchers at Mandiant and ...

New Extortion Scam Uses IT Impersonation to Breach Organizations

A newly surfaced extortion brand called “Pink” is using voice phishing and fake IT support calls to breach organizations, the Register reports. The threat actor may be a rebrand of prior ...

The Silent Invitation: A Deep Dive into Calendar Invite Phishing

Lead Analysts: Jeewan Singh Jalal and Prabhakaran Ravichandhiran

Alert: Extortion Groups Are Using Phishing Kits to Automate Their Attacks

Researchers at Push Security have analyzed a phishing platform used by organized criminal threat actors like ShinyHunters and BlackFile, finding more than 400 domains linked to attacks ...

Voice Phishing Kits Give Threat Actors Real-Time Control Over Attacks

Researchers at Okta warn that a series of phishing kits have emerged that are designed to help threat actors launch sophisticated voice phishing (vishing) attacks that can bypass ...

Be Careful of That Warrant for Your Arrest

A popular phone call/voicemail scam (i.e., vishing) involves someone calling you, claiming to be law enforcement with a warrant for your arrest, and then offers you an opportunity to ...

Protect Yourself From Voice Phishing Attacks Targeting Salesforce Instances

Google’s Mandiant has published guidance on defending against an ongoing wave of social engineering attacks targeting organizations’ Salesforce instances.

If You Have Not Realized It, Vishing Is Really Taking Off

Fighting voice-based phishing needs to be a big part of your human risk management (HRM) plan.

Anatomy of a Vishing Scam

I hear about a ton of similar-sounding scam calls, where the scammer is pretending to be from a service you use (or used), offering you a substantial monthly discount (30% or more) if you ...

Warning: Scammers are Targeting WhatsApp Users

Researchers at Bitdefender warn of a wave of social engineering attacks targeting WhatsApp accounts.