Nach Erkenntnissen des Bundesamtes für #Verfassungsschutz (#BfV) ist seit Ende 2022 von konkreten Ausspähversuchen der #APT-Gruppe #CharmingKitten gegen iranische Personen und Organisationen in Deutschland auszugehen.
Insbesondere warnt das BfV im "Cyber-Brief Nr. 01/2023" vom 10. August 23 vor #Phishing-Angriffen gegen #Dissidenten-Organisationen und Einzelpersonen – wie Juristen, Journalisten oder #Menschenrechtsaktivisten – innerhalb und außerhalb des #Iran.
russian APT phished government employees via Microsoft Teams
An #APT group linked to russia’s Foreign Intelligence Service has hit employees of several dozen global organizations with #phishing attacks via Microsoft Teams, says #Microsoft
Microsoft says that the targets in this campaign were government and non-government organizations, and organizations in the IT services, technology, discrete manufacturing, and media sectors
I think I'm being target of a phishing attack to my cellphone sent through "Flash SMS".
I frequently receive a message that's automatically displayed in my screen about having won a TV, with yes/no buttons underneath. No matter what I do, a web page automatically opens. The URL points to qrl[.]adc[.]bz/[...]. To mitigate this, I put my phone in airplane mode as quick as possible.
Does anyone here have information about these attacks?
Woke up to another #phishing#email caught by new #Avanan security for my #office365. It’s basically a requirement to have an e-mail security product these days if you have any kind of exposure as a public facing entity or person like I am with someone who has almost 340K followers on #tiktok
Krijg je een mail, app, telefoontje of sms van ‘de Belastingdienst’ waarin gevraagd wordt een belastingschuld te betalen?
Dan kun je er donder op zeggen dat het #phishing is.
We vragen je nooit op die manier om een betaling te doen. En er zitten ook nooit links in onze mails.
My new #email#security from #Avanan caught my first #phishing email today since deployment last week. Credential harvesting attack it looks like. Still a bit aggressive on spam, further training required but definitely better than stock #office365 or #google. Something Linus Tech Tips could have definitely used to possibly prevent their issues
If companies like #Microsoft keep sending out emails with big login buttons in them, how do they expect people to learn not to click buttons and links in #phishing emails. Corporate marketing people need to be fired for sending emails like this. Period. No second chances. Send a link in an email, lose your job. Immediately.
Ich wäre gerade fast auf #Phishing hereingefallen. Die Mail passte zu gut zu Sachen, die ich gerade gemacht habe. Ich war nur zu faul, meine Zugangsdaten für den falschen Login rauszusuchen. Als ich zurück in die Mail-App gewechselt bin, ist es mit dann aufgefallen. Ja, aber wenn das in einer von einer Millionen Fälle funktioniert, kann man damit wohl genug ergaunern, dass es sich lohnt.
Credit card phone phishing scam going around #ottawa
Pre-recorded message plays claiming your credit card has some large, suspicious transactions from "a shopping website" and "ebay" and has been "red-flagged".
The call is suspicious because:
banks don't make these calls. They'll just lock the card and wait for you to call them.
no validating info is offered by the caller. No name. No name of institution or type of card. No partial card number or other details.
the next part is to start asking ME to validate myself to THEM, by offering up MY details, but I didn't stick around. It might've asked me to input something.
If you proceed beyond that point, once they know you're dumb enough, they'll get a human to take over and try to get you to cough up the credit card number, expiry, cvv, and your name/address, after which they have everything needed to make fraudulent charges.
You could just as easily find some elaborate method of persuading regular #ChatGPT to help write some convincing #phishing emails, hell just having mostly correct spelling and grammar would be a massive boost to believability and Microsoft Word could help with that as is. https://thehackernews.com/2023/07/wormgpt-new-ai-tool-allows.html
Would you fall for this fake email written by AI? This video shows the AI message that attackers used to try to steal things like your password, email account and money.