Phishing Blog News(35) - 2024 2023 2022 2021 2020 2019 2018
APT blog Attack blog BigBrother blog BotNet blog Cyber blog Cryptocurrency blog Exploit blog Hacking blog ICS blog Incident blog IoT blog Malware blog OS Blog Phishing blog Ransom blog Safety blog Security blog Social blog Spam blog Vulnerebility blog
DATE | NAME | Info | CATEG. | WEB |
| 14.6.25 | Phishing for Codes: Russian Threat Actors Target Microsoft 365 OAuth Workflows | Since early March 2025, Volexity has observed multiple suspected Russian threat actors conducting highly targeted social engineering operations aimed at gaining access to the Microsoft 365 (M365) accounts of targeted individuals. | Phishing blog | VELOXITY |
| 14.6.25 | Over 20 Crypto Phishing Applications Found on the Play Store Stealing Mnemonic Phrases | CRIL discovers over 20 malicious apps targeting crypto wallet users with phishing tactics and Play Store... | Phishing blog | Cyble |
| 14.6.25 | Copyright Phishing Lures Leading to Rhadamanthys Stealer Now Targeting Europe | Cybereason issues Threat Alerts to inform customers of emerging impacting threats, critical vulnerabilities and attacker campaigns. Cybereason Threat Alerts summarize these threats and provide practical recommendations for protecting against them. | Phishing blog | Cybereason |
| 1.6.25 | A Flyby on the CFO's Inbox: Spear-Phishing Campaign Targeting Financial Executives with NetBird Deployment | On May 15th, Trellix's email security products alerted on a highly targeted spear-phishing operation aimed at CFOs and finance executives at banks, energy companies, insurers, and investment firms across Europe, Africa, Canada, the Middle East, and South Asia. | Phishing blog | Trelix |
| 25.5.24 | FIN7: Silent Push unearths the largest group of FIN7 domains ever discovered | 4000+ IOFA domains and IPs found. Louvre, Meta, and Reuters targeted in massive global phishing and malware campaigns. | Phishing blog | Silent Push |
| 24.5.24 | Horabot Unleashed: A Stealthy Phishing Threat | FortiGuard Labs observed a phishing campaign "Horabot" resurfacing with a sophisticated multi-stage attack, blending phishing, credential theft, and propagation. | Phishing blog | FOTINET |
| 17.5.24 | Horabot Unleashed: A Stealthy Phishing Threat | FortiGuard Labs observed a phishing campaign "Horabot" resurfacing with a sophisticated multi-stage attack, blending phishing, credential theft, and propagation. | Phishing blog | FOTINET |
| 10.5.24 | CoGUI Phish Kit Targets Japan with Millions of Messages | Proofpoint has observed a notable increase in high-volume Japanese language campaigns targeting organizations in Japan to deliver a phishing kit that Proofpoint researchers refer to as CoGUI. Most of the observed campaigns abuse popular consumer or payment brands in phishing lures, including Amazon, PayPay, Rakuten, and others. | Phishing blog | PROOFPOINT |
| 10.5.24 | State-of-the-art phishing: MFA bypass | Threat actors are bypassing MFA with adversary-in-the-middle attacks via reverse proxies. Phishing-as-a-Service tools like Evilproxy make these threats harder to detect. | Phishing blog | CISCO TALOS |
| 10.5.24 | Catching a phish with many faces | Here’s a brief dive into the murky waters of shape-shifting attacks that leverage dedicated phishing kits to auto-generate customized login pages on the fly | Phishing blog | Eset |
| 10.5.24 | Beware of phone scams demanding money for ‘missed jury duty’ | Phishing blog | Eset | |
| 10.5.24 | Toll road scams are in overdrive: Here’s how to protect yourself | Have you received a text message about an unpaid road toll? Make sure you’re not the next victim of a smishing scam. | Phishing blog | Eset |
| 5.4.25 | Evolution of Sophisticated Phishing Tactics: The QR Code Phenomenon | Since late 2024, Unit 42 researchers have observed attackers using several new tactics in phishing documents containing QR codes. One tactic involves attackers concealing the final phishing destination using legitimate websites' redirection mechanisms. | Phishing blog | Palo Alto |
|
22.3.25 |
SonicWall Detects Credential-Stealing SVG File in Phishing Campaign | This week, the SonicWall Capture Labs threat research team performed an analysis of a phishing email that included an SVG file attachment, which contains HTML and JavaScript code designed to capture user credentials. | Phishing blog | SonicWall |
| 1.3.25 | JavaGhost’s Persistent Phishing Attacks From the Cloud | Unit 42 researchers have observed phishing activity that we track as TGR-UNK-0011. We assess with high confidence that this cluster overlaps with the threat actor group JavaGhost. The threat actor group JavaGhost has been active for over five years and continues to target cloud environments to send out phishing campaigns to unsuspecting targets. | Phishing blog | Palo Alto |
|
22.12.24 | Network Abuses Leveraging High-Profile Events: Suspicious Domain Registrations and Other Scams | Threat actors frequently exploit trending events like global sporting championships to launch attacks, including phishing and scams. Because of this, proactive monitoring of event-related domain abuse is crucial for cybersecurity teams. | Phishing blog | |
|
21.12.24 |
In this report, Cybereason confirms the ties between Cuckoo Spear and APT10 Intrusion Set by tying multiple incidents together and disclosing new information about this group’s new arsenal and techniques. | |||
|
21.12.24 |
CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective |
In this report, Cybereason confirms the ties between Cuckoo Spear and APT10 Intrusion Set by tying multiple incidents together and disclosing new information about this group’s new arsenal and techniques. | ||
|
2.11.24 | Threat actors use copyright infringement phishing lure to deploy infostealers | * Cisco Talos has observed an unknown threat actor conducting a phishing campaign targeting Facebook business and advertising account users in Taiwan. * The decoy email and fake PDF filenames are designed to impersonate a company's legal department, attempting to lure the | Phishing blog | Cisco Blog |
28.9.24 | Investigating Infrastructure and Tactics of Phishing-as-a-Service Platform Sniper Dz | We have been monitoring a widely popular phishing-as-a-service (PhaaS) platform named Sniper Dz that primarily targets popular social media platforms and online services. A large number of phishers could be using this platform to launch phishing attacks, since the group behind this kit has thousands of subscribers on its Telegram channel. Our research revealed over 140,000 phishing websites associated with the Sniper Dz PhaaS platform over the past year. | Phishing blog | Palo Alto |
31.8.24 | TLD Tracker: Exploring Newly Released Top-Level Domains | We investigated 19 new top-level domains (TLDs) released in the past year, which revealed large-scale phishing campaigns, distribution of potentially unwanted programs, torrenting websites, and even pranking and meme campaigns. | ||
24.8.24 | PWA phishing on Android and iOS – Week in security with Tony Anscombe | Phishing using PWAs? ESET Research's latest discovery might just ruin some users' assumptions about their preferred platform's security | Phishing blog | Eset |
6.7.24 | No room for error: Don’t get stung by these common Booking.com scams | From sending phishing emails to posting fake listings, here’s how fraudsters hunt for victims while you’re booking your well-earned vacation | Phishing blog | Eset |
| 29.6.24 | Worldwide 2023 Email Phishing Statistics and Examples | Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in 2023. | Phishing blog | Trend Micro |
| 4.5.24 | How space exploration benefits life on Earth: Q&A with David Eicher | The investigation uncovered at least 40,000 phishing domains that were linked to LabHost and tricked victims into handing over their sensitive details | Phishing blog | Eset |
| 28.4.24 | Major phishing-as-a-service platform disrupted – Week in security with Tony Anscombe | The investigation uncovered at least 40,000 phishing domains that were linked to LabHost and tricked victims into handing over their sensitive details | Phishing blog | Eset |