phishing
-
Blog
Threat actors abuse Google Apps Script in evasive phishing attacks
Threat actors are abusing the ‘Google Apps Script’ development platform to host phishing pages that appear legitimate and steal login credentials. This new trend was spotted by security researchers at Cofense, who warn that the fraudulent login window is “carefully designed to look like a legitimate login screen.” “The attack uses an email masquerading as an invoice, containing a link…
Read More » -
Blog
Employee phishing training is working – but don’t get complacent
Increased phishing training is paying dividends for enterprises, according to new research, particularly in larger enterprises. Analysis from KnowBe4 shows awareness and resilience are improving based on what it describes as ‘Phish-prone Percentage’ (PPP) metrics. This tracks the percentage of employees likely to fall for social engineering or phishing attacks, the company said. According to the firm’s 2025 Phishing by…
Read More » -
Blog
CoGUI phishing platform sent 580 million emails to steal credentials
A new phishing kit named ‘CoGUI’ sent over 580 million emails to targets between January and April 2025, aiming to steal account credentials and payment data. The messages impersonate major brands like Amazon, Rakuten, PayPal, Apple, tax agencies, and banks. The activity culminated in January 2025, where 170 campaigns sent 172,000,000 phishing messages to targets, but the following months maintained…
Read More » -
Blog
Healthcare organizations are turning a blind eye to phishing attacks
The vast majority of phishing attacks against the healthcare sector go unreported to security teams, leaving organizations unable to fully learn from their mistakes. In a survey of 150 US-based healthcare IT leaders for secure email firm Paubox, six-in-ten said they had experienced at least one email security breach last year, and three-quarters that they expected even more security challenges…
Read More » -
Blog
Windows NTLM hash leak flaw exploited in phishing attacks on governments
A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. The flaw tracked as CVE-2025-24054 was fixed in Microsoft’s March 2025 Patch Tuesday. Initially, it was not marked as actively exploited and was assessed as ‘less likely’ to be. However, Check Point researchers report having…
Read More » -
Blog
Don’t Fall for This New Gmail Phishing Scheme
If you receive an email from Google that appears to be a legitimate security alert, do not proceed. Scammers are taking advantage of vulnerabilities in Google’s authentication protocols to send phishing messages that appear convincing enough to steal unsuspecting users’ account credentials. Here’s how to protect yourself. How this new Google phishing scam works As Android Authority reports, a developer…
Read More » -
Blog
Midnight Blizzard deploys new GrapeLoader malware in embassy phishing
Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. Midnight Blizzard, aka ‘Cozy Bear’ or ‘APT29,’ is a state-sponsored cyberespionage group linked to Russia’s Foreign Intelligence Service (SVR). According to Check Point Research, the new campaign introduces a previously unseen malware loader called ‘GrapeLoader,’ and a new variant of the ‘WineLoader’…
Read More » -
Blog
Tycoon2FA phishing kit targets Microsoft 365 with new tricks
Phishing-as-a-service (PhaaS) platform Tycoon2FA, known for bypassing multi-factor authentication on Microsoft 365 and Gmail accounts, has received updates that improve its stealth and evasion capabilities. Tycoon2FA was discovered in October 2023 by Sekoia researchers, who later reported significant updates on the phishing kit that increased its sophistication and effectiveness. Trustwave now reports that the Tycoon 2FA threat actors have added several…
Read More » -
Blog
‘Phishing kits are a force multiplier’: Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackers
While inflation is rising around the world, some things are getting cheaper – and one is the cost of launching a phishing attack. Phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25. This means that even criminals with minimal tech skills can easily steal personal…
Read More » -
Blog
E-ZPass toll payment texts return in massive phishing wave
An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. The messages embed links that, if clicked, take the victim to a phishing site impersonating E-ZPass, The Toll Roads, FasTrak, Florida Turnpike, or another toll authority that attempts to steal their personal information including…
Read More »