A fake purchase order attachment turned out to be a phishing page designed to harvest your login details.
Tag: phishing
The once popular Outlook add-in AgreeTo was turned into a powerful phishing kit after the developer abandoned the project.
This Apple Pay phishing campaign is designed to funnel victims into fake Apple Support calls, where scammers steal payment details.
LastPass is warning users about phishing emails that pressure users to back up their vaults within 24 hours.
Another well-crafted phishing campaign uses Google Cloud Integration Application infrastructure to bypass email filters.
A “purchase order” PDF blocked by Malwarebytes led to a credential-harvesting phishing site. So we analyzed the attack and where the data went next.
We follow the trail of a simple insurance text scam to show how it can spiral into full-blown identity theft.
The Phishing-as-a-Service kit Sneaky 2FA was found to use Browser-in-the-Browser attacks to steal login credentials.
Think twice before clicking that “Secure Message” alert from your organization’s spam filters. It might be a phish built to steal your credentials.
Even a sloppy, low-skill phish can wreck your day. We go under the hood of this basic credential-harvesting campaign.