A new phishing attack targeted Microsoft users has emerged, according to researchers. The phishing campaign seeks to steal Office 365 credentials via leveraging a fraudulent Google reCAPTCHA system. The operation appears to be sophisticated due to the reCAPTCHA ploy and top-level domain landing pages featuring logos of the victim’s companies.

On March 5, the US Justice Department issued a warning informing the public that cyber-criminals have launched a campaign impersonating state workforce agencies in an attempt to lure in unemployed Americans and steal personal data. The Justice Department published the advisory after several reports that threat actors had been creating

According to a Tuesday report by Cofense, cybercriminals are increasingly using Microsoft services such as Outlook, Teams, and Office to launch themed phishing attacks and steal credentials from their targets. According to Cofense, almost half of phishing attacks in 2020 aimed to steal Microsoft credentials using lures related to the

Microsoft users are receiving phishing emails fraudulently claiming to be from mail couriers FedEx and DHL Express. However, malicious links within the message steal credentials from victims. The recent attacks targeted at least 10,000 Microsoft users, according to the tech giant. The scams used phishing pages hosted on legitimate domains

The UK’s financial regulator, the Financial Conduct Authority (FCA), was hit by nearly 240,000 malicious emails in the first quarter of 2020 alone, the FOI found. This highlights the pressure weighing on high profile organizations to protect their assets and maintain high levels of cybersecurity and awareness. A litigation firm

According to researchers at Amorblox, a new phishing campaign is able to evade Microsoft security defenses seeking to steal Office365 credentials. Security researchers at Amorblox discovered the campaign when they noticed invoice themed emails sent to at least 20,000 inboxes. The emails ask recipients to share information about an electronic

On Tuesday, Microsoft published a series of posts to Twitter warning of a visible uptick in BEC attacks targeting K-12 school teachers. This time, the operators behind the BEC attacks are impersonating teachers’ colleagues with gift-card themed emails. According to Microsoft Security Intelligence, the attackers create fake email accounts impersonating

The Emotet Trojan, after undergoing a makeover, is back at the top of malware charts, according to Check Point’s Global Threat Index for December 2020. Emotet was re-designed to boast more evasive strategies that prevent detection. The malware was in fifth place in the Global Threat Index in November but

Scammers were able to spoof the New York Department of Labor, sending out emails to thousands of residents from the domain “noreply@labor.ny .gov,” claiming to be sending Covid-19 relief money. The emails bear the NY state logo and capitalize on struggling Americans seeking to claim Covid-19 stimulus checks. The email

According to Barracuda Networks, business email compromise attacks have surged in 2020, alongside Covid-19 related scams seeking to lure victims into surrendering passwords or money. During the period of August to October 2020, Barracuda Networks found that the total number of targeted email threats was a whopping 2.3 million. Spear