Attackers prey on Microsoft Teams accounts to steal credentials

Abnormal Security, which disclosed the attack method, maintains that the app has become a popular communication tool during the pandemic, making it an attractive brand for attackers to impersonate.

XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability

Browser lockers are only one element of a bigger plan to redirect traffic from certain sites, typically via malvertising chains from adult portals or sites that offer pirated content.

Malicious SharePoint and OneDrive links are a phishing scammer's dream

An analysis by cybersecurity firm Proofpoint revealed that in the first half of 2020, it collected approximately 5.9 million email messages featuring malicious SharePoint Online and OneDrive links.

Gift Voucher Scammers Impersonate the CEO of British Retailer Marks & Spencer

Posing as Marks & Spencer CEO Steve Rowe, the scammers have posted fraudulent adverts that promise victims the chance to win a gift voucher as part of a fictitious prize draw promotion.

Phishing scams use redirects to steal Office 365, Facebook credentials

Active since last week, the Office 365 operation has reached tens of thousands of inboxes through multiple connected campaigns spoofing apps like Microsoft Office, Microsoft Teams, and Zoom.

Coinbase phishing hijacks Microsoft 365 accounts via OAuth app

A new phishing campaign uses a Coinbase-themed email pretending to be a "New terms of service" that prompts users to install an Office 365 consent app that gives attackers access to a victim's email.

Massive New Phishing Campaigns Target Microsoft, Google Cloud Users

The campaigns are targeting accounts on Microsoft's Office 365 and Google's Gmail with tactics designed to provide a false sense of security or prey on curiosity about current events.

Hackers now abuse BaseCamp for free malware hosting

Phishing campaigns have started to use Basecamp, a web-based project management solution, as part of malicious phishing campaigns that distribute malware or steal users' login credentials.

BBB Warns of Health Insurance Open Enrollment Scams

With health insurance open enrollment season just around the corner, US consumers preparing to change or add to their health coverage should watch out for scammers, the Better Business Bureau warns.

Geofenced Amazon Japan Credential Phishing Volumes Rival Emotet

Since August 2020, Proofpoint researchers have tracked extremely high-volume Amazon Japan credential and information phishing campaigns, with suspected activity dating back to June 2020.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags