HackDig : Dig high-quality web security articles

iPhone calendar spam: What it is, and how to remove it

If you open up your iPhone and see a variety of messages claiming that you’ve been hacked, your phone is not protected, that viruses have damaged your phone, or, my personal favourite, “Click to get rid of annoying ads”, fear not. It’s quite possible you’ve accidentally wandered into a common form of scam: Calendar spam. Calenda
Publish At:2023-02-17 22:17 | Read:143802 | Comments:0 | Tags:Awareness News Scams iPhone calendar spam iOS mobile device

Why Crowdsourced Security is Devastating to Threat Actors

Almost every day, my spouse and I have a conversation about spam. Not the canned meat, but the number of unwelcomed emails and text messages we receive. He gets several nefarious text messages a day, while I maybe get one a week. Phishing emails come in waves — right now, I’m getting daily warnings that my AV software license is about to expire.
Publish At:2023-02-06 11:39 | Read:125921 | Comments:0 | Tags:Incident Response crowdsourcing Cybersecurity Phishing Phish

Romance scammer given 25 years of alone time

Romance scams are often low risk, high reward strategies for ciminals, who use them to steal large sums of money from vulnerable people in the cruellest ways possible. Once the victim wires the cash, there’s a good chance that it’s never coming back. The perpetrator has almost certainly covered their tracks, and both the criminal and their stolen
Publish At:2022-10-07 22:46 | Read:315762 | Comments:0 | Tags:News Scam spam phish BEC business email compromise romance f

Exchange servers abused for spam through malicious OAuth applications

Microsoft has published a security blog about an investigation into an attack in which threat actors used malicious OAuth applications to abuse Exchange servers for their spam campaign. The threat actor behind this attack has been active for many years, and has been running spam campaigns using various methods that provided them with high volume spamming opp
Publish At:2022-09-27 22:45 | Read:306788 | Comments:0 | Tags:News Exchange OAuth spam MFA Transport rules connector

WhatsApp spam offers up “B&Q Father’s Day Contest 2022”

Father’s Day in the UK (June 19) is almost upon us, and scammers are taking advantage of it—and the fractional possibility of some nice weather—using a barbeque-themed lure. A mysterious WhatsApp message The barbeque bait arrives out of the blue, from a somebody who has your number, as a random message bringing word of a supposed “B&Q F
Publish At:2022-06-10 12:59 | Read:347382 | Comments:0 | Tags:Scams B&Q barbeque messages messaging quiz spam weber gas ba

“Your AppI‌e‌ ‌l‌D‌ ‌‌h‌‌a‌‌s‌‌ ‌‌b‌‌e‌‌e‌‌n‌‌ ‌‌l‌‌ocke‌‌d‌‌” spam email takes you on a website mystery tou

p>Spam which claims your account has been locked out and needs to be fixed are common. They drive people to phishing campaigns on a daily basis. The mail below follows the same pattern with one key difference. It looks like a phish, but goes somewhere else entirely. No, your Apple ID has not been locked The mail claims to be from Apple, and is title
Publish At:2022-04-14 08:52 | Read:261708 | Comments:0 | Tags:Scams Apple campaign id locked mail spam URLs

SMS group spam promises free gifts in return for bill payment

p>We’re seeing lots of examples of peculiar SMS messages sent to random groups of people. Most of these messages promise free gifts and/or offers after having paid bills. Nobody has asked for these texts, and they’re not being sent by providers of any services. What’s going on? The set up Most of the messages we’ve seen, and indeed received ourselves,
Publish At:2022-04-13 12:48 | Read:639849 | Comments:0 | Tags:Scams bills freebies Mobile sms spam

Fake Royal Mail chatbot offers up…a new iPhone?

Royal Mail scams are always popular techniques for people up to no good. We’ve covered them several times over the last year or so. A quick reminder: Your parcel is waiting for delivery This is the go-to tactic for fake Royal Mail phishing attacks. You receive a text claiming there’s a parcel in your name, waiting for collection. The SMS contains a lin
Publish At:2022-03-16 08:51 | Read:454687 | Comments:0 | Tags:Social engineering delivery iPhone package royal mail scam s

Google takes on Docs notification spammers

Cloud-based document suites have always been a hot target for scammers. When it’s easy to dip in and out for collaboration purposes, or just share things generally, then it’s likely that bad people will want in on the action. In 2019, Google calendar users were wading through endless spam invites/event notifications when spammers worked out how to
Publish At:2022-03-08 08:51 | Read:388691 | Comments:0 | Tags:Privacy docs documents Google mail slides spam spammers

New Gmail Spam Filtering Rules: Check Your Spam Mailbox

If you use Gmail, as millions of people do, or if you send email to people who use that service, you may have noticed that the way Gmail filters spam has changed in the past couple of months. Gmail users are seeing many legitimate emails in their spam folders, and senders are finding that people don’t receive their emails. (Here are two Google suppor
Publish At:2022-02-24 08:29 | Read:843754 | Comments:0 | Tags:How To Gmail spam

Actor’s verified Twitter profile hijacked to spam NFT giveaways

When we refer to hijacked verified profiles on Twitter, it’s most commonly some sort of Elon Musk themed scam. The hijackers compromise the account, switch the picture to Elon, and then start spamming cryptocurrency links. Alternatively, they may keep the account as it is and spam images claiming Elon has approved a giveaway or something similar. Well, ti
Publish At:2022-01-31 08:50 | Read:625072 | Comments:0 | Tags:Malwarebytes news ape cat hijacked Metaverse NFT spam twitte

Microsoft warns of phishy OAuth apps

Microsoft is warning Office 365 users to watch out for a phishy emails asking you to install an app called Upgrade. The app requests multiple permissions which could cause problems on a network if granted: Creating inbox rulesRead and write emails and calendar itemsRead contacts This is only the beginning of a potentially very nasty scaling of the s
Publish At:2022-01-26 12:46 | Read:772449 | Comments:0 | Tags:Privacy microsoft OAuth permissions phishing spam

TrickBot helps Emotet come back from the dead

Probably one of the best known threats for the past several years, Emotet has always been under intense scrutiny from the infosec community. On several occasions, it appeared to take an early retirement, but then again it was back. However, when multiple law enforcement agencies seized control of its botnet and took it down in January 2021, confidence was
Publish At:2021-11-16 16:40 | Read:929847 | Comments:0 | Tags:Threat Intelligence emotet malspam ransomware spam trickbot

What is Twitch?

Twitch is primarily a site dedicated to live streaming content. It also offers the ability to chat with others in the Stream you happen to be in via text. The primary draw of Twitch streams is video games and e-sports, leading to the rise of many big name streamers and content creators. Is Twitch just for gaming? In addition to gaming streams, Twitch a
Publish At:2021-11-02 10:15 | Read:306800 | Comments:0 | Tags:101 gaming malware phishing prime prime gaming safety scams

Phishing Attacks Are Top Cyber Crime Threat, Easier Than Ever to Create and Deploy

Why is one of cyber crime’s oldest threats still going strong? The Anti-Phishing Working Group (APWG) reports that January 2021 marked an unprecedented high in the APWG’s records, with over 245,771 phishing attacks in one month. IBM X-Force’s 2021 Threat Intelligence Index found that phishing led to 33% of cyber attacks organizations had t
Publish At:2021-10-06 17:15 | Read:339189 | Comments:0 | Tags:Advanced Threats Incident Response Security Services cyber a

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud