@facebookmail.com Invites Exploited to Phish Facebook Business Users
If you manage Facebook advertising for a small or medium-sized business, open your inbox with suspicion, because attackers…
phishing
Fake 0-Day Exploit Emails Trick Crypto Users Into Running Malicious Code
Bolster AI reveals a new scam using a simple JS code via Emkei’s Mailer to fake 37% profits and steal crypto. Act fast to secure your wallet.
What keeps phishing training from fading over time
When employees stop falling for phishing emails, it is rarely luck. A new study shows that steady, mandatory phishing training can cut risky behavior over time. After one year of continuous simulations and follow-up lessons, employees were half as like…
Microsoft Help Desk Phishing Attempt
I received this email the other day to my personal email account. It is a “Security Alert” from “Microsoft Helpdesk.” Oh, my!
Massive China-Linked Smishing Campaign Leveraged 194,000 Domains
The malicious Smishing Triad domains were used to collect sensitive information, including Social Security numbers.
The post Massive China-Linked Smishing Campaign Leveraged 194,000 Domains appeared first on SecurityWeek.
New Phishing Wave Uses OAuth Prompts to Take Over Microsoft Accounts
A new phishing campaign is targeting Microsoft account holders by using a clever twist on OAuth authentication prompts. Instead of asking users to hand over their passwords directly, attackers are tricking people into granting permission to malicious a…
Researchers expose large-scale YouTube malware distribution network
Check Point researchers have uncovered, mapped and helped set back a stealthy, large-scale malware distribution operation on YouTube they dubbed the “YouTube Ghost Network.” The network published more than 3,000 videos across compromised or…
The evolving landscape of email phishing attacks: how threat actors are reusing and refining established techniques
Common email phishing tactics in 2025 include PDF attachments with QR codes, password-protected PDF documents, calendar phishing, and advanced websites that validate email addresses.
New Phishing Emails Pretend to Offer Jobs to Steal Facebook Logins
Sublime Security warns of a massive credential phishing scam using fake job offers from brands like KFC and Red Bull to steal Facebook login details. Don’t fall for the trap.
Malicious Perplexity Comet Browser Download Ads Push Malware Via Google
Attackers are exploiting Google Ads with fake Comet Browser download links to spread malware disguised as Perplexity’s official installer. The campaign, tracked by DataDome, has ties to DarkGate.