Browsing Category
Phishing BEC
7 posts
Mexican Banks Hit by GitHub-themed Phishing That Hijacks Customer Accounts
A modular operation abuses GitHub Pages and a spreadsheet API to harvest banking credentials across multiple Mexican brands.
Phishing Kits Abuse Microsoft Login Codes to Steal Cloud Access
LevelBlue says phishing kits are industrializing OAuth device-code attacks, giving attackers Microsoft 365 tokens without stealing a password first.
Fraud Has a New Playbook: Ads for Leads, WhatsApp for Trust, Calls to Close
Scams now operate like cross-channel sales funnels, with malicious ads, SMS follow-ups, messaging apps and voice calls working together to earn trust and steal money.
Scam, Scam, Scam: Australia Tops APAC Fraud Wave
Researchers have uncovered a sprawling malvertising ecosystem across the Asia-Pacific region, with Australia accounting for more than half of the scam campaigns observed.
FIFA World Cup Sparks Cybercrime Palooza
The FBI warns soccer fans about scams involving fake FIFA websites targeting ticket purchasers ahead of the 2026 World Cup, urging caution.
Iran-linked Hackers Used Ransomware Panic as Cover for Espionage
A Rapid7 report reveals suspected Iranian hackers, MuddyWater, utilized Chaos ransomware tactics for espionage, emphasizing social engineering and stealthy data exfiltration methods.
Sublime Security Shifts to Partner-led Email Security Sales
The company says its new channel program gives MSPs and resellers a bigger role as phishing, BEC and social engineering keep pressure on email defenses.