A fake purchase order attachment turned out to be a phishing page designed to harvest your login details.
Tag: phishing
The once popular Outlook add-in AgreeTo was turned into a powerful phishing kit after the developer abandoned the project.
This Apple Pay phishing campaign is designed to funnel victims into fake Apple Support calls, where scammers steal payment details.
LastPass is warning users about phishing emails that pressure users to back up their vaults within 24 hours.
Another well-crafted phishing campaign uses Google Cloud Integration Application infrastructure to bypass email filters.
A “purchase order” PDF blocked by Malwarebytes led to a credential-harvesting phishing site. So we analyzed the attack and where the data went next.
The Phishing-as-a-Service kit Sneaky 2FA was found to use Browser-in-the-Browser attacks to steal login credentials.
Even a sloppy, low-skill phish can wreck your day. We go under the hood of this basic credential-harvesting campaign.