After researchers unmasked a prolific SMS scammer, a new operation has emerged in its wake

A new large-scale SMS phishing operation, dubbed Magic Mouse, has emerged following the takedown of the earlier scam campaign known as Magic Cat. Magic Mouse is now responsible for the theft of approximately 650,000 credit cards per month.

Smart Contract Scams | Ethereum Drainers Pose as Trading Bots to Steal Crypto

A widespread cryptocurrency scam campaign has been uncovered, where threat actors distribute malicious Ethereum smart contracts disguised as trading bots. These contracts have collectively stolen over $900,000 USD from unsuspecting users.

Fake Receipt Generators Fuel Rise in Online Fraud

A growing fraud-as-a-service ecosystem is leveraging fake receipt generators to facilitate online scams, particularly on resale platforms. MaisonReceipts and Receiptified.com, enable users to create highly realistic counterfeit receipts.

Threat actors downgrade FIDO2 MFA auth in PoisonSeed phishing attack

A PoisonSeed phishing campaign is bypassing FIDO2 security key protections by abusing the cross-device sign-in feature in WebAuthn to trick users into approving login authentication requests from fake company portals.

UK Pet Owners Targeted by Fake Microchip Renewal Scams

A sophisticated phishing campaign is targeting UK pet owners with fake microchip renewal emails. These emails appear highly credible, often including accurate pet details such as name, breed, and microchip number.

Identities of More Than 80 Americans Stolen for North Korean IT Worker Scams

A recent DOJ operation has uncovered a large-scale North Korean impersonation scheme involving the theft of over 80 American identities. These identities were used to fraudulently secure remote IT jobs at more than 100 U.S. companies.

The Case of Hidden Spam Pages

A campaign targeting WordPress websites involves attackers brute-forcing wp-admin credentials to deploy spam posts and pages for blackhat SEO purposes. The attackers use two malicious plugins to conceal their activity and maintain persistent access.

Sextortion email scammers increase their “Hello pervert” money demands

A new variant of the long-running "sextortion" scam campaign has emerged, featuring increased ransom demands, spoofed email addresses, and references to Pegasus spyware. The email usually starts with “Hello pervert.”

Home Office anti-encryption site pushes payday loan scheme

A UK government website originally created for the Home Office’s 2022 “No Place to Hide” anti-encryption campaign has been hijacked to promote a payday loan scheme. The campaign was initially expected to target Facebook Messenger.

Weaponized DMV-Themed Phishing Scam Targets U.S. Citizens to Steal Personal and Financial Data

A widespread and highly coordinated phishing campaign is targeting U.S. citizens by impersonating state Departments of Motor Vehicles (DMVs). The campaign uses smishing tactics to steal personal and financial data through fake DMV websites.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags