18 Mar 2022

Phishers Using Ukraine Invasion to Solicit Cryptocurrency

Cybercriminals are reportedly impersonating legitimate aid organizations with the end goal of stealing financial donations intended for the people of Ukraine. Expel recently released new research pertaining to the campaign, in which they detail multiple phishing emails referencing the invasion of Ukraine to target cryptocurrency. Malicious emails detected included headlines

Read More
16 Mar 2022

Phony Instagram ‘Support Staff’ Emails Hit Insurance Company

A new phishing campaign targeting insurance companies has been detected by researchers. The phishing messages attempt to steal Instagram login credentials by threatening to shut the account down. The message also claims that the user receiving the notice reportedly shared fake content on the social media platform. The phishing campaign

Read More
10 Mar 2022

Russian APTs Furiously Phish Ukraine – Google

DDos attacks and phishing activity against Ukrainian sites are on the rise, capitalizing on the conflict. APT groups that are backed by Russia or are supporters are perpetrating phishing and other attacks on Ukrainian and European targets in cyberspace. Researchers from Google’s TAG have seen an increase in activity from

Read More
10 Mar 2022

Chinese hackers attempted phishing on emails affiliated with US government

Google’s Threat Analysis Group (TAG) alerted multiple Gmail users affiliated with the US government of an attempted phishing attack by a Chinese-backed hacking group, ATP31, in February. The attempted attack was unsuccessful as the emails were automatically marked as spam and filtered by Gmail.  There is no evidence that the

Read More
08 Mar 2022

Ukraine and US targeted by cybersecurity attacks in run-up to Russian invasion

New reports have emerged of hacking campaigns linked directly and indirectly to Russia’s war in Ukraine, with the stories shedding more light on an opaque element of the invasion: cyberwarfare. Many experts predicted that Russia would launch significant cyber attacks in Ukraine, shutting down the country’s electrical grid for example.

Read More
07 Mar 2022

Phishing Campaign Targeted Those Aiding Ukraine Refugees

Cyberattackers allegedly hijacked a Ukrainian military email address and leveraged its credibility to spread malicious email macros among EU personnel helping Ukrainians during the crisis with Russia. Among those targeted includes EU government employees who have been involved in managing the logistics of Ukrainians who are fleeing the country due

Read More
28 Feb 2022

Ukraine security agencies warn of Ghostwriter threat activity, phishing campaigns

Ukraine’s Computer Emergency Response Team (CERT-UA) has warned of continuing phishing and Ghostwriter activities targeting Ukrainian organizations. According to the team, Ghostwriter is primarily focusing on targets in Belarus, Russia, Poland, and Ukraine and is believed to be of Belarusian origin. According to CERT-UA, Ghostwriter’s members are officers of the

Read More
23 Feb 2022

OpenSea Phisher Stole $2m Worth of NFTs

A threat actor has allegedly stolen over $2 million from customers of the OpenSea non-fungible token (NFT) trading platform after launching a phishing attack against the marketplace. Researcher at Check Point stated that the attack occurred earlier this week, when OpenSea published an article about an upcoming contract upgrade, inspiring

Read More
18 Feb 2022

Microsoft warns of emerging ‘ice phishing’ threat on blockchain, DeFi networks

Microsoft has warned of new threats impacting blockchain technologies and Web3 including “ice phishing” campaigns.  The blockchain, decentralized technologies, DeFi, smart contracts, the concept of a ‘metaverse’ and Web3 — the decentralized foundation built on top of cryptographic systems that underlay blockchain projects — all have the potential to produce

Read More
17 Feb 2022

Massive LinkedIn Phishing, Bot Attacks Feed on the Job-Hungry

LinkedIn has confirmed a series of attacks impersonating its brand to target job hunters who also face the threat of huge data-scraping bot attacks. According to LinkedIn, users who are specifically vulnerable include those who are willing to offer up any information that would guarantee them the position. This includes

Read More