Cofense

Phishers Spoof Power BI to Visualize Your Credential Data

The Cofense Phishing Defense Center (PDC) has observed a new phishing campaign that harvests Microsoft credentials by impersonating Power BI emails as its a trusted software.

Missed Voice Message: A New Phishing Tactic

The end users are notified about missed voice messages from a British Telecom landline. The link directs recipients to a website that isn’t in any way associated with BT or any other telecom service.

Phishing as a Ransomware Precursor

As ransomware continues to be delivered based on decisions and actions taken by human attackers, it becomes increasingly important to look upstream at the chain of events that lead to that decision.

IT Support Lures Users into Mimecast Phish

The Cofense Phishing Defense Center (PDC) intercepted a new phishing technique that uses information technology (IT) support-themed emails to get users to enter their old password.

Mobile Messaging Service Abused for Phishing

Vzwpix allows Verizon customers to send texts as emails to recipients instead of phone messages. Threat actors can utilize these services to mass deliver texts that do not show the name of the sender.

False Payment Promises Lead To Microsoft Credential Phish

Researchers at Cofense observed a phishing campaign imitating a well-known banking service, releasing fake remittance payment documents, in a bid to exfiltrate users’ personal data.

Phishing Your Calendar for A Court Date

The email subject, “Supreme Court: Contract Agreement,” may cause the recipient to further open the attachment. When the recipient opens the attachment, they will see a standard calendar invite.

Online Scammers Impersonate the Australian Taxation Office for Tax Season

With the government sending out tax communications, stimulus checks and more in the wake of COVID-19, scammers are taking advantage of the fact that an email from the ATO would not seem out of place.

Office 365: Phishing Variant Bypasses Microsoft’s Own Secure Email Gateway

The body of the email explains that Microsoft service has expired; in this case, it's their “Business Basic package.” The threat actor ensured their campaign looked similar to Microsoft-themed emails.

PayPal Credential Phishing Accomplished through Live Chat Service

Upon visiting the fraudulent live chat, the threat actor utilizes automated scripts to start communication with the target to extract personal data such as their address, email, and phone number.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags