Fake DocuSign Emails: Don’t Get Hooked by Phishing Scams

DocuSign phishing attacks often masquerade as legitimate emails, complete with official branding and formats that closely mimic genuine DocuSign communications. Typically, the emails claim a document is awaiting the recipient’s signature.

'Payroll Pirates' Phishing Operation Targets HR Departments with Malicious Redirects

The phishing campaign has predominantly focused on high-profile organizations, including Workday clients and entities such as Macy’s, Kaiser Permanente, and the California Employment Development Department.

People Facing Printer Problems Scammed via Fake Driver Downloads

Victims clicking malicious Google ads are redirected to fake sites mimicking official printer brands, where scammers lure them into calling for support by offering printer drivers that fail to install.

Fake Betting Apps Using AI-Generated Voices to Steal Data

Cybercriminals are creating fake betting app ads to lure users and steal money and personal information. Over 500 fake ads and 1,377 malicious sites have been identified, targeting users in regions like Egypt, the Middle East, Europe, and Asia.

Novel Phishing Campaign Uses Corrupted Word Documents To Evade Security

A novel phishing attack abuses Microsoft's Word file recovery feature by sending corrupted Word documents as email attachments, allowing them to bypass security software due to their damaged state but still be recoverable by the application.

New Rockstar 2FA phishing service targets Microsoft 365 accounts

Like other AiTM platforms, Rockstar 2FA enables attackers to bypass multifactor authentication (MFA) protections on targeted accounts by intercepting valid session cookies.

Scammers use you're fired lures in phishing campaign

The attack begins with an email that appears to be a legal notice informing recipients their employment has been terminated. In one of these scams, the email uses the subject line "Action Required: Tribunal Proceedings Against You".

FBI, CISA warn of heightened risk of BEC attacks during holiday season

The FBI and Cybersecurity and Infrastructure Security Agency on Tuesday warned businesses to protect themselves against cybercriminals trying to fraudulently divert payments during the holiday season.

Sophisticated Phishing Campaign Targets a UK-based Insurance Firm

A sophisticated phishing campaign targeted a U.K.-based insurance firm, using a trusted sender's compromised email to deploy a deletion rule, evade detection, and trick users into credential theft via a fake Microsoft login page.

OpenSea NFT Phishers Aim to Drain Crypto Wallets

Researchers at Cofense discovered the campaign, in which adversaries impersonate the OpenSea website and claim a user has a new offer on a listing on the site to try to bait them into clicking on a malicious link.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags