The Cofense Phishing Defense Center (PDC) has observed a new phishing campaign that harvests Microsoft credentials by impersonating Power BI emails as its a trusted software.

The end users are notified about missed voice messages from a British Telecom landline. The link directs recipients to a website that isn’t in any way associated with BT or any other telecom service.

As ransomware continues to be delivered based on decisions and actions taken by human attackers, it becomes increasingly important to look upstream at the chain of events that lead to that decision.

The Cofense Phishing Defense Center (PDC) intercepted a new phishing technique that uses information technology (IT) support-themed emails to get users to enter their old password.

Vzwpix allows Verizon customers to send texts as emails to recipients instead of phone messages. Threat actors can utilize these services to mass deliver texts that do not show the name of the sender.

Researchers at Cofense observed a phishing campaign imitating a well-known banking service, releasing fake remittance payment documents, in a bid to exfiltrate users’ personal data.

The email subject, “Supreme Court: Contract Agreement,” may cause the recipient to further open the attachment. When the recipient opens the attachment, they will see a standard calendar invite.

With the government sending out tax communications, stimulus checks and more in the wake of COVID-19, scammers are taking advantage of the fact that an email from the ATO would not seem out of place.

The body of the email explains that Microsoft service has expired; in this case, it's their “Business Basic package.” The threat actor ensured their campaign looked similar to Microsoft-themed emails.

Upon visiting the fraudulent live chat, the threat actor utilizes automated scripts to start communication with the target to extract personal data such as their address, email, and phone number.