This Apple Pay phishing campaign is designed to funnel victims into fake Apple Support calls, where scammers steal payment details.
Tag: phishing
LastPass is warning users about phishing emails that pressure users to back up their vaults within 24 hours.
Another well-crafted phishing campaign uses Google Cloud Integration Application infrastructure to bypass email filters.
A “purchase order” PDF blocked by Malwarebytes led to a credential-harvesting phishing site. So we analyzed the attack and where the data went next.
We follow the trail of a simple insurance text scam to show how it can spiral into full-blown identity theft.
The Phishing-as-a-Service kit Sneaky 2FA was found to use Browser-in-the-Browser attacks to steal login credentials.
Think twice before clicking that “Secure Message” alert from your organization’s spam filters. It might be a phish built to steal your credentials.
Even a sloppy, low-skill phish can wreck your day. We go under the hood of this basic credential-harvesting campaign.
Stolen iPhones are hard to hack, so thieves are phishing the owners instead. How fake ‘Find My’ messages trick victims into sharing their Apple ID login.
Attackers are using realistic-looking 1Password emails to trick users into handing over their vault logins.