Hacker Uses Zoom Invites To Steal Credentials Through Sendgrid

There’s a mix of bad news and good in the ongoing war against the hackers of the world. For the bad news, security professionals have recently detected a sophisticated phishing campaign that makes use of SendGrid and convincing replicas of Outlook on the Web and Office 365 logins to harvest credentials. The attack works like this: SendGrid is a trusted …

Email Phishers Going After Online Shoppers This Holiday Season

Black Friday wasn’t as big of a shopping day as it could have been this year, and we have the pandemic to thank for that. In response to that, retailers have extended the holiday shopping season by starting earlier and offering more deals online, and holiday shoppers have responded to those changes. While Black Friday’s in store sales may have …

New Phishing Attack Uses Unique Method To Avoid Security

Hackers are always looking for a new angle, and recently, they’ve found a particularly good one. Image recognition software is becoming increasingly sophisticated. So if hackers are interested in building a fake landing and login page designed to spoof some other company, they have to get it exactly right, including the background image, or most AV software will see through …

Email heist image

The anatomy of a $15 million cyber heist on a US company

By Ionut Ilascu of Bleeping Computer Experienced fraudsters made off with $15 million from a U.S. company after carefully running an email compromise that took about two months to complete. The cybercriminal executed their plan with surgical precision after gaining access to email conversations about a commercial transaction. They inserted themselves in the exchange to divert the payment and were …

New Damaging Phishing Attacks Are Targeting Pandemic SBA Loans

The CISA (Cybersecurity & Infrastructure Security Agency) has recently published an advisory, warning of a new phishing campaign that specifically targets business owners who have received pandemic relief in the form of loans from the Small Business Administration. Apparently, according to the advisory, the campaign was launched toward the end of July 2020 by an as yet unknown group of …

New Netflix Payment Phishing Emails Appear Legitimate

Do you have a Netflix account? If so, you’re certainly not alone. Since the start of the pandemic, the company has experienced unprecedented growth, and is now the video streaming service of choice for tens of millions. If you’re one of those, be aware that an as yet unknown group of hackers has developed an exceptionally convincing looking phishing scam …

Don’t Fall For Office 365 Zoom Notification Phishing Email

Do you use Microsoft Office 365? Do you also use Zoom? If so, be advised that there’s a new phishing campaign designed with you specifically in mind, the goal of which is to ultimately make off with your Office 365 login credentials. Since the start of the global pandemic, Zoom and other video conferencing solutions have seen an explosion in …

Cyber Attack graphic

What’s Selling On The Dark Web?

When you picture what sells in Dark Web markets, you’re probably thinking about things like stolen corporate data, pirated software, and lists of passwords. But that’s not the whole picture – and what you don’t know can hurt you, because it might just fuel the next cyberattack against your business. 60% of the Information for Sale on the Dark Web …

SBA And CDC Phishing Emails Can Carry Malware

According to Microsoft, its machine learning threat detection models have helped its research teams uncover multiple mal-spam campaigns. These campaigns have been tied together by the common theme of incorporating poisoned disk image files used as attachments. Each campaign has been aimed at a different target population, but all use some variant of COVID-19 in their subject lines, and all …

Gmail Blocks Millions Of COVID-19 Phishing Emails Daily

Google’s popular Gmail service has been busy. In a typical day, the company’s email system blocks more than a hundred million phishing emails. During the last week alone, the company reports that their system saw a massive spike in phishing emails related to COVID-19, with more than 18 million such messages being blocked in just the last seven days. As …