Home > Cyber Security News > #phishing

New Instagram Phishing Attack Steals 2FA Backup Codes

A new phishing campaign targeting Instagram users has been discovered which uses several different techniques to lure victims.

Revolut hack exposes data of 50,000 users, fuels new phishing wave

Revolut is sending out notices of a data breach to a small percentage of impacted users, informing them of a security incident where an unauthorized third party accessed internal data.

Thousands lured with blue badges in Instagram phishing attack

A new Instagram phishing campaign is underway, attempting to scam users of the popular social media platform by luring them with a blue-badge offer.

Novel Malware Hijacks Facebook Business Accounts

Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain.

Popular NFT Marketplace Phished for $540M

In March, a North Korean APT siphoned blockchain gaming platform Axie Infinity of $540M.

This Phishing Attack Used Malicious Chatbots To Steal Facebook Logins

The phishing attack employed malicious chatbots to initiate fake chats leading to web pages asking for data to steal Facebook accounts.

OpenSea discloses data breach, warns users of phishing attacks

OpenSea, the largest non-fungible token (NFT) marketplace, disclosed a data breach on Wednesday and warned users of phishing attacks that could target them in the coming days.

Attackers Target Intuit Users by Threatening to Cancel Tax Accounts

The usual tax-season barrage of cybercriminal activity is already underway with a phishing campaign impersonating the popular accounting and tax-filing software.

New Twitter phishing campaign targets verified accounts

A new phishing campaign has been targeting verified Twitter accounts, as seen by BleepingComputer. The phishing campaign follows Twitter's recent removal of the checkmark from a number of verified accounts, citing that these were ineligible for the legendary status, and verified in error.

IKEA email systems hit by ongoing cyberattack

IKEA is battling an ongoing cyberattack where threat actors are targeting employees in internal phishing attacks using stolen reply-chain emails.

Spear-Phishing Campaign Exploits Glitch Platform to Steal Credentials

Threat actors are targeting Middle-East-based employees of major corporations in a scam that uses a specific ‘ephemeral’ aspect of the project-management tool to link to SharePoint phishing pages.

Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks

Microsoft disclosed an "extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit, dubbed "TodayZoo."

Beware: Walmart phishing attack says your package was not delivered

A Walmart phishing campaign is underway that attempts to steal your personal information and verifies your email for further phishing attacks.

10K Microsoft Email Users Hit in FedEx Phishing Attack

Microsoft users are receiving emails pretending to be from mail couriers FedEx and DHL Express – but that really steal their credentials.

Malformed URL Prefix Phishing Attacks Spike 6,000%

Sneaky attackers are flipping backslashes in phishing email URLs to evade protections, researchers said.

Phishers tricking users via fake LinkedIn Private Shared Document

Phishers are trying to trick users into opening a "LinkedIn Private Shared Document" and sharing their login credentials.

Malaysia's biggest bank warns of fake Maybank website used by

SE Asia News -Users are being lured to the fake website through a promotional post on Facebook promising prizes.. Read more at straitstimes.com.

Pre-Valentine’s Day Malware Attack Mimics Flower, Lingerie Stores

Emails pretending to confirm hefty orders from lingerie shop Ajour Lingerie and flower store Rose World are actually spreading the BazaLoader malware.

TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks

A security flaw in TikTok could have allowed attackers to query the platform's database – potentially opening up for privacy violations.

Beware of active UK NHS COVID-19 vaccination phishing campaign

A very active phishing campaign is underway pretending to be from the UK's National Health Service (NHS), alerting recipients that they are eligible to receive the COVID-19 vaccine.

Facebook logo Twitter logo LinkedIn logo Instagram logo