BEC scammers use email auto-forward rules to gather intel, hide activity

The FBI made public a private industry notification warning that BEC scammers are exploiting web-based email clients’ auto-forwarding rules to secretly gather intel on their targets.

Philly Food Bank Loses $1m in BEC Scam

It appears as if the non-profit was hit by a classic BEC scam, where attackers compromise an employee’s email account and then silently monitor messages sent back and forth.

Compounder Finance DeFi project allegedly pulls the rug from under investors, $11 million stolen

According to a cached version of a Medium blog post describing the project Compounder Finance claimed to be an automated farming system offering compound interest on digital assets.

IBM warns hackers targeting COVID vaccine 'cold chain' supply process

The company said in a blog post published on Thursday that it had uncovered "a global phishing campaign" focused on organizations associated with the COVID-19 vaccine "cold chain."

Zoom Impersonation Attacks Aim to Steal Credentials

Another recent variant of the attack has been a message welcoming some recipients to the platform and requesting they click on a link to activate the account, said the BBB.

Phishing targets US brokerage firms using FINRA lookalike domain

US securities industry regulator FINRA warned brokerage firms earlier this week of ongoing phishing attacks using a recently registered web domain spoofing a legitimate FINRA website.

HMRC phishing scam abuses mail service to bypass spam filters

While SendGrid is itself a legitimate service, threat actors have been abusing some of its features to bypass spam filters and email security products, according to a security researcher TheAnalyst.

At quick glance, 'expertly framed' Quickbooks phishing email looks legit

Attackers impersonating Quickbooks on the Microsoft 365 platform create a sense of urgency to compel their victims to “promptly” pay fake invoices allegedly from a legitimate vendor.

'Return to Office' Phishing Emails Aim to Steal Credentials

Researchers at Abnormal Security have uncovered a credential-stealing phishing campaign that spoofs internal company memos concerning returning to the office, to target over 100,000 inboxes.

Back-to-Work Phishing Campaign Targeting Corporate Email Accounts

Abnormal Security detected one of the campaign’s attack emails that masqueraded as an internal notification from the recipient’s company by using spoofing techniques to disguise the sender address.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags