scamMessage boards hit by new video-call scam
Scammers posing as buyers snatch one-time codes during online product demos.
phishing
225 articles
You’ve been sent a “gift” — a Telegram Premium subscription
Cybercriminals are enticing Telegram users with free subscriptions. Is this an unexpected act of generosity or just another scam?
Two-minute guide to cybersafety
Five dead simple tips to greatly improve your defenses against cybercriminals.
How (not) to play tanks and catch a backdoor
Cybercriminals have devised a new ruse: luring gamers to a modish crypto tank-game to gain full access to their computers.
Phishing emails and Docusign electronic signature
Phishers have adopted another trick: they send emails pretending to be from Docusign with a fake link to a document that the recipient must sign.
Overcooking the phish
This phishing campaign incorporates ghost spoofing, embedded text in images, a PDF file, a QR code, DocuSign imitation, and Cloudflare verification — yet it still completely misses the mark.
SambaSpy: a new remote access Trojan
We’ve discovered a new Trojan that’s very selective about its victims.
phishingAutomated phishing
Telegram bot sells subscriptions to phishing tools to hack Microsoft 365 accounts, including 2FA bypass.
2FAHow the adversary-in-the-middle technique is used in spearphishing attacks
Cybercriminals are using AitM techniques to compromise accounts of company executives. How do they do this, and how to protect against it?
Сrypto trap for the greedy, or how to steal from a thief
“Gentle grafters” are attacking dishonest crypto users by imitating wallet leaks and manipulating their victims for months.
products
Summer scams in Paris
Scammers prepared carefully for this very sporty summer. First they targeted soccer fans during the Euros; now they’re setting their sights on spectators at the Paris 2024 Olympics. How can you stay safe from scams during the Games?
Turnkey phishing
A turnkey home? A turnkey website? How about turnkey phishing? Scammers now sell turnkey phishing services to other scammers. Read on to find out how it works.
Phishing on GitHub through job offers to… developers
Developers’ accounts are being hijacked using fake job offers sent from a legitimate GitHub address.
Progressive phishing: How PWAs can be used to steal passwords
A new phishing technique uses progressive web apps (PWAs) to mimic browser windows with convincing web addresses to steal passwords.
How to watch soccer safely
Tips on how to watch the UEFA Euro 2024 tournament while keeping your money safe and your mood good.
Phishing using FB infrastructure stealing business-account passwords
Cybercriminals are using genuine Facebook infrastructure to send phishing emails threatening to block accounts.
When two-factor authentication is useless
Two-factor authentication protects your account from theft — until you yourself give away your one-time password.
How to sell your TV without losing your shirt (and banking data)
Scammers posing as buyers are targeting sellers on message boards. We explain the details of this scam, and offer tips for safe online trading.
Two-stage Dropbox spear phishing
Cybercriminals prey on corporate credentials by sending phishing links through Dropbox after priming the victim.