Porsche cut its minting of a new NFT collection short after a dismal turnout and backlash from the crypto community, allowing threat actors to fill the void by creating phishing sites that steal digital assets from cryptocurrency wallets.
The campaign mainly targeted Microsoft customers in Ireland and the UK. The tech giant has taken steps to disrupt the operation and it has published an article on how users can protect against these threats, which the company calls consent phishing.
ASEC stumbled across phishing emails warning users that their accounts would be shut down unless they perform a particular action. Hackers used Google's favicon feature to trick users into revealing their credentials. The account credentials entered on the phishing page were sent to a C2 whose addr ...Read More
A new malvertising campaign has surfaced that abuses Google Ads to target users searching for password managers and, in fact, directed them to fake sponsored websites. Previously, the FBI had warned about the explosion of such attacks that impersonated websites involved in finances and duped u ...Read More
On Tuesday, Bitwarden users began seeing a Google ad titled 'Bitward - Password Manager' in search results for "bitwarden password manager." The domain used in the ad was 'appbitwarden.com' and, when clicked, redirected users to a spoofed login page.
FortiGuard Labs unearthed a phishing campaign aiming at Chinese language users through malicious QR codes. The email spoofs the Chinese Ministry of Finance and contains a Microsoft Word attachment that has a QR code enclosed. Unsuspecting users scanning it may lose their credentials to the websites ...Read More