Tag Archives: Phishing

Monday.com removes feature after it was abused in phishing attacks

Popular project management and collaboration tool Monday.com was forced to disable one of its features after it was abused by a threat actor to send out phishing emails.

The “Share Update” feature allows users to share real-time updates, progress, or important information with team members, or stakeholders. Users can post updates, attach files or images, mention specific team members, and even set up automatic notifications for certain updates. 


Source link

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec – Krebs on Security

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “The Manipulaters,” a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claiming the group had turned over a new leaf and gone legitimate. But new research suggests that while they have improved the quality of their products and services, these nitwits still fail spectacularly at hiding their illegal activities.

In May 2015, KrebsOnSecurity published a brief writeup about the brazen Manipulaters team, noting that they openly operated hundreds of web sites selling tools designed to trick people into giving up usernames and passwords, or deploying malicious…


Source link

FCC and crypto firms are being hit in advanced phishing attacks using fake Okta logins

Security researchers have observed a highly sophisticated phishing campaign targeting employees of the US Federal Communications Commission (FCC), as well as popular crypto exchanges Binance, Coinbase, Kraken, and Gemini.

The as-yet-unidentified threat actor is going after people’s login credentials for Okta, researchers from Lookout found.


Source link

Tracking the Rise of SMS Phishing

The Innovative Role of Security Mechanisms in the Fight Against This Digital Threat

In the dynamically shifting terrain of cybersecurity threats, the phenomenon of SMS phishing—often termed “smishing”—stands out as an increasingly critical issue.

This particular style of phishing, characterized by the crafty dispatch of misleading text messages designed to pilfer personal information, has seen its prevalence swell in tandem with the ubiquitous adoption of mobile phones. As the schemes of cybercriminals gain in sophistication, the urgency for pioneering and effective security strategies has reached an unprecedented zenith. One notable instance is like Guardio prevents SMS phishing, marking a crucial advancement in the continuous fight against these digital…


Source link

MyHost customers caught up in new phishing attack

Since late yesterday, a new phishing attack has targeted customers of MyHost and our sister company, SiteHost. The emails have SiteHost’s name and logo on them, and they attempt to trick you into giving away passwords and credit card information.

If you have received any emails from the fake address info@sitehost-service.com, or with the subject line “Note on service renewal”, they are not from us. Please mark them as spam or delete them, and block the sender if you can.

Phishing attacks like these contain official-looking links to fake websites. In this case, the scam website asks people for their login information and then their credit card details.

These attacks are likely to evolve over time, so we are asking everyone to be extra-cautious when it comes to your MyHost account…


Source link