phising

PoisonSeed Targets CRM and Bulk Email Providers in New Supply Chain Phishing Attack

PoisonSeed is a phishing campaign targeting CRM and bulk email providers, using compromised credentials to send phishing emails aimed at stealing cryptocurrency funds. Attackers create fake login pages for popular platforms, steal credentials, export email lists, and send phishing emails promoting fake wallet setups. This method delays the theft of funds by using misleading seed phrases provided to victims during wallet creation. The campaign represents a new threat evolution, combining supply chain compromise with cryptocurrency scams. Organizations are advised to monitor for related indicators of compromise and reinforce email security.

https://gbhackers.com/poisonseed-targets-crm-and-bulk-email-providers/

Evolution of Sophisticated Phishing Tactics: The QR Code Phenomenon

Extreme TLDR:
Phishing tactics have evolved to include QR codes, making it easier for attackers to disguise malicious URLs and exploit user behavior. These attacks involve redirection via legitimate sites, human verification processes, and targeted credential harvesting. Increased sophistication complicates detection and emphasizes the need for enhanced security measures and user awareness.

https://unit42.paloaltonetworks.com/qr-code-phishing/

Phishing Platform ‘Lucid’ Behind Wave of iOS, Android SMS Attacks

, ,

Phishing platform ‘Lucid,' operated by the XinXin group, targets 169 entities across 88 countries using iMessage and RCS for SMS attacks. Sold on a subscription model, it provides phishing domains and tools to attackers. Lucid sends 100,000 smishing messages daily, bypassing spam filters with encrypted messaging tech. The operation employs device farms and impersonates legitimate services to steal personal data, including financial information, often demonstrating ease of use through public videos.

https://www.bleepingcomputer.com/news/security/phishing-platform-lucid-behind-wave-of-ios-android-sms-attacks/

Phishing Attack Hides JavaScript Using Invisible Unicode Trick

Phishing attacks are exploiting a new JavaScript obfuscation technique using invisible Unicode characters to hide malicious code. This method encodes payloads as spaces in JavaScript objects and employs advanced tactics for evasion, making detection difficult. Targeting affiliates of a U.S. political action committee, these attacks are highly personalized and include anti-debugging measures. The technique was disclosed in late 2024 and has rapidly been weaponized by attackers, indicating a potential for wider adoption.

https://www.bleepingcomputer.com/news/security/phishing-attack-hides-javascript-using-invisible-unicode-trick/

New Facebook Copyright Infringement Phishing Campaign

Check Point discovered a Facebook phishing campaign targeting over 12,279 companies since December 2024, impersonating copyright infringement notifications. It exploits Salesforce's mailing service, misleading recipients with genuine-looking emails, prompting them to fake Facebook support pages to harvest credentials. This poses risks for businesses using Facebook for operations, potentially leading to account breaches, loss of client trust, and regulatory penalties. Recommendations include setting security alerts, educating employees and customers, and having an incident response plan.

https://blog.checkpoint.com/security/new-facebook-copyright-infringement-phishing-campaign/

Microsoft Advertisers Phished Via Malicious Google Ads

, ,

Malicious Google ads target Microsoft advertisers, attempting to steal login info for Microsoft's ad platform. Attackers use cloaking techniques to redirect users and evade security, ultimately leading to a phishing page that mimics the legitimate site. The campaign highlights ongoing phishing threats in online advertising, urging users to verify URLs, utilize two-factor authentication, monitor accounts, and report suspicious ads.

https://www.malwarebytes.com/blog/news/2025/01/microsoft-advertisers-phished-via-malicious-google-ads

Phishing Texts Trick Apple iMessage Users Into Disabling Protection

,

Phishing texts are tricking Apple iMessage users into disabling phishing protection by prompting them to reply to messages. Users who respond to these texts inadvertently enable links, making them vulnerable to attacks. Cybercriminals exploit this tactic, especially targeting individuals who may be less aware of such scams. It's advised not to respond to unknown messages with disabled links and to verify their legitimacy directly with the sender.

https://www.bleepingcomputer.com/news/security/phishing-texts-trick-apple-imessage-users-into-disabling-protection/

AI-generated Phishing Emails Are Getting Very Good at Targeting Executives

,

AI-generated phishing emails are increasingly targeting corporate executives. Companies like Beazley and eBay report a rise in hyper-personalized scams using personal details gathered via AI analysis. Experts highlight that AI enables hackers to craft convincing phishing emails that bypass security measures. Phishing is the starting point for over 90% of cyberattacks, with the global cost of data breaches rising. AI's role in identifying vulnerabilities enhances the sophistication of these scams, making them more difficult to detect.

AI-generated phishing emails are getting very good at targeting executives

Scroll to Top