Crypto scam apps infiltrate Apple App Store and Google Play

Operators of high-yielding investment scams known as "pig butchering" have found a way to bypass the defenses in Google Play and Apple's App Store, the official repositories for Android and iOS apps.

Porsche halts NFT launch, phishing sites fill the void

Porsche cut its minting of a new NFT collection short after a dismal turnout and backlash from the crypto community, allowing threat actors to fill the void by creating phishing sites that steal digital assets from cryptocurrency wallets.

Microsoft’s Verified Publisher Status Abused in Email Theft Campaign

The campaign mainly targeted Microsoft customers in Ireland and the UK. The tech giant has taken steps to disrupt the operation and it has published an article on how users can protect against these threats, which the company calls consent phishing.

DocuSign Brand Impersonation Attack Bypasses Security Measures, Targets Over 10,000

“At first glance, the email seems to be a legitimate communication from DocuSign, with the sender name being manipulated by the attacker, reading Docusign,” reads the technical write-up by Armorblox.

Phishing Page Changes as per User's Email Address

Phishing Page Changes as per User's Email Address - Cybersecurity news - Identity Theft, Fraud, Scams
ASEC stumbled across phishing emails warning users that their accounts would be shut down unless they perform a particular action. Hackers used Google's favicon feature to trick users into revealing their credentials. The account credentials entered on the phishing page were sent to a C2 whose addr ... Read More

Google Ads Now Hijacked to Target Password Manager Users

Google Ads Now Hijacked to Target Password Manager Users - Cybersecurity news - Identity Theft, Fraud, Scams
A new malvertising campaign has surfaced that abuses Google Ads to target users searching for password managers and, in fact, directed them to fake sponsored websites. Previously, the FBI had warned about the explosion of such attacks that impersonated websites involved in finances and duped u ... Read More

Shady Reward Apps on Google Play Amass 20 Million Downloads

The applications promote themselves as health, pedometer, and good habit-building apps, promising to give users random rewards for staying active in their daily lives, reaching distance goals, etc.

New 'Pig Butchering' Scam in West Africa Impersonates US Financial Advisors

Recently discovered by cybersecurity experts at DomainTools, the 'pig butchering' operation uses a complex network of social engineering techniques to defraud victims in West Africa.

Phishing Attackers Take Aim at Bitwarden Password Vaults Using Google Ads

On Tuesday, Bitwarden users began seeing a Google ad titled 'Bitward - Password Manager' in search results for "bitwarden password manager." The domain used in the ad was 'appbitwarden.com' and, when clicked, redirected users to a spoofed login page.

QR Code-Based Phishing Attack Impersonates Chinese Ministry

QR Code-Based Phishing Attack Impersonates Chinese Ministry - Cybersecurity news - Identity Theft, Fraud, Scams
FortiGuard Labs unearthed a phishing campaign aiming at Chinese language users through malicious QR codes. The email spoofs the Chinese Ministry of Finance and contains a Microsoft Word attachment that has a QR code enclosed. Unsuspecting users scanning it may lose their credentials to the websites ... Read More

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags