byPaul DucklinLast week we wrote about a WhatsApp hoax that was spreading widely, warning people to look out for a cybersecurity catastrophe that simply wasn’t going to happen.That was known as the Martinelli/Dance of the Pope hoax, and it claimed that two dangerous videos are about to come out that will hack or wipe out your phone so it can’t b

byPaul DucklinIt’s not like cybercriminals to take advantage of a world event… and this is a rather large world event.Since COVID-19 hit the headlines, we’ve covered a selection of coronavirus-related scams, phishing attacks and malware campaigns in which crooks have adapted existing sextortion emails, mobile malware and password stealing t

IBM and FireEye have spotted a campaign that relies on fake “COVID-19 Payment” emails to deliver the Zeus Sphinx banking trojan to people in the United States, Canada and Australia.FireEye, which tracks the malware as SILENTNIGHT, reported seeing the malicious emails in the inboxes of “individuals at corporations across a broad set of industries and geograph

Security experts uncovered a new Coronavirus-themed phishing campaign, the messages inform recipients that they have been exposed to the virus. Experts continue to spot Coronavirus-themed attack, a new phishing campaign uses messages that pretend to be from a local hospital informing the victims they have been exposed to the virus and that they need urgen

Google says it has seen a drop in the number of warnings sent for potential government-backed phishing or malware attempts last year, mainly due to improved protection systems.For several years, the company has been alerting users when identifying accounts that appear to be targeted by state-sponsored attackers, and in 2019 it sent nearly 40,000 such warning

A watering hole was discovered on January 10, 2020 utilizing a full remote iOS exploit chain to deploy a feature-rich implant named LightSpy. The site appears to have been designed to target users in Hong Kong based on the content of the landing page. Since the initial activity, we released two private reports exhaustively detailing spread, exploits, infrast

byPaul DucklinThanks to the team at SophosLabs for sending us the SMS used in this scam.If you’re sitting at home right now, sheltering from the coronavirus pandemic – and there’s a good chance you are – then you are probably either thinking about a home delivery, or waiting for one.In the UK, for example, even people who have no symp

IntroductionLike many other phishing scams featured on this site, friends-and-family imposter scams are common. These scams usually begin with a phone call impersonating a friend or relative, or often a grandchild in trouble. That is the reason this scam is also known as a “grandchild scam.” Other attack avenues may include email, SMS, or social media

People who made purchases from the official Tupperware website over the past couple of weeks may have had their payment card information stolen, cybersecurity firm Malwarebytes warned on Wednesday.Cybercriminals apparently hacked tupperware[dot]com and planted malicious code designed to steal payment card information. The credit card skimmer was planted on t

Many U.S. government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding about Web site security and trust that phishers have been e

IntroductionWith the evolution of the internet, online services have grabbed the attention of every sector, including the government. Nowadays, online amenities are available in almost all government institutions, especially when it comes to visa applications, immigration, family and child registration, railway or airline tickets, e-banking, paying uti

Reading Time: ~ 3 min. Have you ever watched a movie and seen a character doing something you know how to do, and thought to yourself, “jeez, that’s totally wrong. Couldn’t they have done a little research?” That’s exactly what hackers think when they watch movies, too. For most of us, the image that comes to mind when we hear the word “hacker” is pretty

University of Utah Health revealed last week that it discovered unauthorized access to some employee email accounts, along with a malware infection on one of its workstations.The research and teaching hospital, located on the campus of the University of Utah, said the intrusion was the result of a phishing attack, and it took place sometime between January 7

Top 10 Brand Phishing Companies March 23rd, 2020 No Comments anti-phishing, Data Protection, Online Safety, Uncategorized By 2020, you’ve probably already experienced getting an email from a well-known company, such as Apple or Facebook, letting you

Reading Time: ~ 3 min. We’re all thinking about it, so let’s call it out by name right away. The novel coronavirus, COVID-19, is a big deal. For many of us, the structure of our lives is changing daily; and those of us who are capable of doing our work remotely are likely doing so more than we ever have before. It’s not likely that cybercriminals will cu