Commodity phishing attacks, known as Phishing-as-a-Service (PhaaS) kits, remain prevalent due to their low cost, anonymity, and ease of execution. Advanced in-the-middle (AiTM) techniques allow attackers to bypass additional security measures such as MFA.
Researchers have discovered a new phishing campaign utilizing Microsoft’s Word file recovery feature. In this campaign, threat actors exploit the corrupted file state to disguise the file type and evade detection by security tools. These emails pretend to be sent from human resources...
In 2023, SpyCloud reported that 61 percent of data breaches were associated with infostealer malware. Cyber threat actors use infostealers to exfiltrate sensitive data on the systems they infect, such as saved browser passwords and cookies, cryptocurrency wallets, and more.
A recently observed phishing campaign impersonates Amazon and states that the recipient’s Prime membership is set to renew; however, their payment method needs updating. The email includes a link that leads to a webpage with a Google Docs URL, claiming to be from Amazon.
The holiday season presents an attractive target for financially motivated cybercriminals who seek to exploit online retailers and shoppers. Despite the challenges posed by high inflation rates, the National Retail Federation (NRF) predicts a three to four percent increase in retail sales...
Consistent with open-source reporting, the NJCCIC detected increased attempts to exploit DocuSign APIs to deliver fraudulent invoices. Unlike traditional phishing scams, which rely on misleading emails and links, these attacks use real DocuSign accounts and templates to mimic companies.
LastPass Password Manager warned customers about a new social engineering campaign in which threat actors are leaving five-star reviews, posing as support on the LastPass extension review page on Google Chrome. In these reviews, they provide customers with a fake number...
Quick-response (QR) codes are convenient and easy to use in everyday life to access information and navigate to websites. Unfortunately, cyber threat actors continue to take advantage of the increased adoption of QR code scanning.
The NJCCIC’s email security solution has observed an uptick in phishing attacks impersonating Truist Bank and Wells Fargo Bank. These emails were flagged for using uncommon URL domains, abused URL services, and uncommon senders. Read more about signs to look for.
Octo2, the newest variant of Octo, has been observed in a campaign in several European countries. Originally spotted in 2016 as Exobot, Octo2 has undergone many upgrades and transformations since its humble beginnings as a banking trojan. After Octo’s source code was leaked...
