Back to School Scams Expand As August Begins

For the next month, students and their parents should be vigilant.

As the new school season approaches, scammers target students and their parents. They use social engineering and offer free school kits and discounts to lure potential victims. Thus, back to school scams are gaining momentum. The Season of Back to School Scams Cybersecurity researchers discovered a scam campaign that uses PDF files. Under the guise… Continue reading Back to School Scams Expand As August Begins

Are .zip Domains Safe to Use and Visit?

Scammers have learned how to use .zip domains in spear phishing

The Internet has become our second home. Every time we surf the Internet, we scammed. And this time, cybercriminals did not miss their chance to deceive us using a new “.zip” domain. What’s a .zip domain? Some time ago, Google allowed new Top Level Domain (TLD) names for registration. Those are .zip, .mov, and .phd.… Continue reading Are .zip Domains Safe to Use and Visit?

Twitter Blue to X Phishing Breakout

Another unpleasant situation with Twitter is expanding around its transition to a new name - X

Amid the chaos of Twitter’s transition to the new name – X, scammers have devised yet another deception scheme. They offer Twitter Blue users to transfer their subscriptions to X, but the victim gives the attackers access to their Twitter account instead of moving. Twitter Blue to X Phishing Emails As Twitter’s global rebranding is… Continue reading Twitter Blue to X Phishing Breakout

Bahamut APT Targets Users With Fake SafeChat App

This Safe Chat app is not safe.

Attackers are using a fake SafeChat Android app to attack users in the South Asian region. The malware is designed to steal call logs, text messages, and GPS locations from targeted smartphones. India’s APT group “Bahamut” is probably behind all this mess. Bahamut Group Exploit Phony Android Application Recently, analysts came over advanced Android malware… Continue reading Bahamut APT Targets Users With Fake SafeChat App

FraudGPT Offers Phishing Email Generation to Cybercriminals

FraudGPT offers cybercriminals more effective methods for launching phishing attacks

It’s not just IT companies racing to develop AI-powered chatbots. Cybercriminals have also joined the fray. Recent reports indicate that a developer has built a dangerous AI chatbot called “FraudGPT” that enables users to engage in malicious activities. Earlier this month, security experts uncovered a hacker working on WormGPT. Also, the chatbot enables users to… Continue reading FraudGPT Offers Phishing Email Generation to Cybercriminals

Google Creates a Red Team to Attack AI Systems

Google says it is creating a red team that will specialize in “sophisticated technical attacks on AI systems.” Among examples of such attacks, the company’s report lists prompt engineering, extracting information from LLM training data, and so on. In its report, Google highlights the importance of the AI red team, and also lists the different… Continue reading Google Creates a Red Team to Attack AI Systems

Information Security Threats in Social Media

Social media compromises information security, but most people ignore it for some reason

Social media has become an important aspect of our everyday lives in this age of technology and information. Despite its numerous advantages, social media has raised concerns about protecting personal privacy. In particular, social networks pose a significant danger to information security – and it is mostly unspoken. But is this threat real? And how… Continue reading Information Security Threats in Social Media

Luca Stealer Spreads Via a Phishing Microsoft Crypto Wallet Site

A new phishing campaign targeting cryptocurrency users

With the ever-increasing number of cyber threats, hackers and cybersecurity specialists are taking the initiative. This time, cybercriminals went ahead of the curve. They created a phishing website to coincide with the news that Microsoft was developing a crypto wallet exclusively for its Edge browser. Such a scheme is used to spread Luca Stealer. Microsoft… Continue reading Luca Stealer Spreads Via a Phishing Microsoft Crypto Wallet Site

Fake Ads on Facebook Promote Scam AI Services

Growing interest in AI has prompted attackers to take advantage of it

Facebook has been hit by a wave of fake ads that offer what looks like AI services. In fact, those are scam pages that trick people into installing malware. AI Scam in Facebook Ads The use of social media for cybercrime, in general, is nothing new. However, to maintain effectiveness, sometimes fraudsters have to adjust… Continue reading Fake Ads on Facebook Promote Scam AI Services

WormGPT Helps Cybercriminals to Launch Sophisticated Phishing Attacks

LLM development gave an obvious and predicted boost to phishing emails

SlashNext noticed that cybercriminals are increasingly using generative AI in their phishing attacks, such as the new WormGPT tool. WormGPT is advertised on hacker forums, and it can be used to organize phishing mailings and compromise business mail (Business Email Compromise, BEC). WormGPT Is Massively Used for Phishing WormGPT is based on the GPTJ language… Continue reading WormGPT Helps Cybercriminals to Launch Sophisticated Phishing Attacks