Category: Phishing Attacks
-
Signal account targeting has escalated as state-linked cyber actors focus on high-profile users of the encrypted messaging platform. Security agencies warn that attackers rely on social engineering rather than technical flaws to gain access to private communications. The campaign shows how manipulation can bypass strong encryption without exploiting software vulnerabilities. How attackers access Signal accounts…
-
Exchange Online false phishing flags have disrupted email delivery after the service began misclassifying legitimate messages as malicious. Users and administrators reported that normal emails suddenly landed in quarantine without warning. The issue has interfered with both internal and external communication across affected environments. The problem highlights how sensitive email filtering systems can impact daily…
-
A new Apple Pay phishing scam shows how attackers can bypass two-factor authentication by manipulating users directly. The campaign relies on fake fraud alerts and convincing phone calls that pressure victims into sharing verification codes in real time. Security researchers warn that the method makes even strong account protections ineffective when users trust the wrong…
-
Hackers have reportedly bypassed internal security at major dating platforms through targeted voice phishing attacks. The Bumble OkCupid voice phishing incidents did not rely on software vulnerabilities but instead exploited employee trust through convincing phone calls. This approach highlights how human-focused attacks continue to succeed even when technical safeguards are in place. The incidents underline…
-
A new Chrome phishing extension malware service shows how cybercriminals now monetize browser abuse at scale. The service advertises guaranteed placement of malicious extensions inside the official Chrome Web Store. By promising to bypass review processes, it lowers the barrier for attackers who want to deploy phishing tools through trusted platforms. This development threatens user…
-
1Password phishing warnings now appear as pop-up alerts when users attempt to enter credentials on suspicious websites. The update targets phishing pages that imitate legitimate services and trick users into revealing usernames and passwords. The new feature aims to stop credential theft at the moment users are most vulnerable. How the phishing warnings work 1Password…
-
An India China phishing campaign has emerged that uses deceptive emails to install malware designed for long-term espionage rather than immediate financial theft. The operation targets recipients with messages that impersonate official communications and pressure victims into opening malicious attachments. Once executed, the malware establishes a persistent backdoor that allows attackers to monitor activity and…
-
A seized Bitcoin phishing scam has left South Korean law enforcement without access to cryptocurrency confiscated during a criminal investigation. The loss occurred after attackers exploited a phishing scheme that targeted officials responsible for managing seized digital assets. The incident has triggered internal reviews and raised broader concerns about how authorities store and protect cryptocurrency…
-
Cybercriminals are deploying live personalized phishing pages that change content in real time to deceive users more effectively. Instead of relying on static fake websites, attackers now modify pages dynamically after a visitor arrives. This approach allows scams to appear legitimate at first glance and transform into phishing traps only when a target interacts with…
-
Okta SSO vishing attacks are targeting enterprise employees through voice-based social engineering campaigns. Attackers impersonate IT support staff and convince victims to share login details during live phone calls. These attacks aim to steal single sign-on credentials that unlock access to multiple cloud services. The campaign shows how threat actors now combine human manipulation with…