Business email compromise attack, or shortly BEC, is a relatively new vector of cyberattacks. Dealing primary damage by exposing potentially sensitive information, also allows hackers to use the email for further attacks. The potential efficiency of these attacks is thrilling, and cyber criminals already apply them to conduct chain attacks. Let’s figure out a precise… Continue reading What is Business Email Compromise (BEC) Attack?
Tag: Phishing
Attackers Can Use .Zip and .Mov Domains for Phishing
Experts’ fears that attackers will use new .zip and .mov domains for phishing are beginning to be justified. A new phishing kit called File Archivers in the Browser has been demonstrated, displaying fake WinRAR or Windows File Explorer windows in the victim’s browser to convince the user to run the malware. .Zip and .Mov Domains… Continue reading Attackers Can Use .Zip and .Mov Domains for Phishing
GoDaddy Refund Phishing Emails Spread Infostealer
Hackers started using GoDaddy Refund Emails as a disguise to trick the users into installing malware. In order to deploy the payload, they opted for a particularly new tactic or, well, combination of ones. As a payload, a unique free open-source Invicta Stealer is used. GoDaddy Refund Email Phishing Being a widely popular web hosting… Continue reading GoDaddy Refund Phishing Emails Spread Infostealer
Fake Windows Update in Browser Deliver Aurora Stealer
Fake Windows Update became a malware spreading way once again. Updates are a pretty routine part of the Windows user experience. Over the last 7 years, Windows users mostly used to see the familiar update icon in the tray. Inexperienced people, however, do not know the mechanics of Windows update, and can be trapped with… Continue reading Fake Windows Update in Browser Deliver Aurora Stealer
APT43 Funds Cybercrime With Stolen Crypto
Researchers have identified a new state-backed hacker group in North Korea. The group in question is the North Korean hacker group APT43, which has targeted government organizations in Europe, the United States, South Korea, and Japan for the past five years. What is APT43? APT43 (sometimes called “Kimsuky”) is a North Korean group that became… Continue reading APT43 Funds Cybercrime With Stolen Crypto
Financial Assistance Department Email Scam to call (855)-XXX-XXXX
Email is one of the oldest ways to exchange information over the Internet. So, email scams are the most common type of scam that originated, as it is believed, back in 1995. However, Financial assistance department scam is a relatively new type of scam that has recently emerged. In this article, we will look at… Continue reading Financial Assistance Department Email Scam to call (855)-XXX-XXXX
ImBetter: New Information Stealer Spotted Targeting Cryptocurrency Users
Today, phishing sites are commonplace. But unfortunately, this seemingly old, deceptive tactic, which everyone seemed to have figured out long ago, still brings enormous profits to scammers today. The problem is that while Internet users are becoming more cautious, cyber scammers are developing more sophisticated ways to trick them. One such method is ImBetter malware.… Continue reading ImBetter: New Information Stealer Spotted Targeting Cryptocurrency Users
СhatGPT Became a Source of Phishing
As the digital world continues to evolve, so do the tactics of online scammers who seem to have an unending well of creativity when it comes to their fraudulent schemes. ChatGPT, one of the latest breakthroughs in the field of AI, recently became resident to numerous newspaper headletters. Being a language model, it can generate… Continue reading СhatGPT Became a Source of Phishing
Domain Registrar Namecheap Sent Phishing Emails to Its Customers
Domain registrar Namecheap’s email was hacked last weekend and the company sent a flurry of phishing emails (allegedly from MetaMask and DHL) to users. In this way, hackers tried to steal recipients’ personal information and cryptocurrency from their wallets. Let me remind you that we also wrote about IceBreaker Backdoor Emerged, Exploiting New Phishing Way,… Continue reading Domain Registrar Namecheap Sent Phishing Emails to Its Customers
Microsoft Will Block Excel XLL Files Downloaded from the Internet
Microsoft developers are going to block some Excel add-in (.XLL) files for Microsoft 365. The new measures will include automatic blocking of such files downloaded from the Internet. Let me remind you that we also wrote that Hackers use the .NET library for creating malicious Excel files. Moreover, the media noted that For security reasons,… Continue reading Microsoft Will Block Excel XLL Files Downloaded from the Internet