Received another one of those toll-related SMS #phishing messages. #ioc #cybersecurity
URL:
hxxps://getipass.com-btg[.]top/us
Cc: @rmceoin i think you are tracking these?
Recent searches
Search options
#phishing
77 posts59 participants16 posts today
New SMS Phishing Attack Weaponizes Google AMP Links to Evade Detection https://gbhackers.com/new-sms-phishing-attack-weaponizes-google-amp-links/ #CyberSecurityNews #cybersecurity #CyberAttack #Phishing
Cofense: Custom-Crafted, Qantas-Spoofing Emails Target Australian Victims https://cofense.com/blog/custom-crafted,-qantas-spoofing-emails-target-australian-victims @Cofense #cybersecurity #Infosec #phishing
CofenseCustom-Crafted, Qantas-Spoofing Emails Target Australian Victims
Cybercrime: Komplize Google
Google unterstützt alle Arten von Cybercrime auf vielfältige* Weise. Darüber habe ich schon häufig berichtet. Das Motiv der Firma dürfte finanzieller Natur sein. Direkt nimmt die Firma Geld ein, indem sie Daten auch an SPAMmer verkauft oder Werbeplätze an Betrüger oder Malware-Verbreiter. Indirekt
https://www.pc-fluesterer.info/wordpress/2025/04/23/cybercrime-komplize-google/
www.pc-fluesterer.infoCybercrime: Komplize Google | pc-flüsterer bremen
#Phishing aktuell: #DKB-Kundschaft zu Kontobestätigung im Rahmen der DSGVO aufgefordert: https://www.verbraucherzentrale.nrw/phishing
Yeah, phishing is still a major pain, let's be honest. But banking *solely* on a firewall these days? Sorry, that's just not gonna cut it anymore.
Think about it: attackers are constantly leveling up their social engineering game, and yep, they're even finding ways around MFA now. 
This is precisely where browser-based detection starts looking way smarter. Instead of just flagging known bad indicators (IoCs), it actually analyzes the *entire* page content. It's checking out the attackers' Tactics, Techniques, and Procedures (TTPs), which gives you a much clearer picture. And the crucial part? It does this in real-time! 
Why the focus on the browser? Well, because that's where pretty much everything happens online! Plus, relying heavily on blocklists is kind of a losing battle – the bad guys switch up their IPs and domains so fast, those lists are often outdated the moment they're published. 
So, here’s the bottom line: It's time to get serious about browser security. Alongside that, keep hammering home good password hygiene and make sure your team is getting regular, relevant security training!
What about you? Are you already using any browser-based security solutions? We'd love to hear what your experience has been like. Share your thoughts below! 
Attackers phish OAuth codes, take over Microsoft 365 accounts https://www.helpnetsecurity.com/2025/04/23/microsoft-365-oauth-phishing/ #government-backedattacks #accounthijacking #Microsoft365 #Don'tmiss #Hotstuff #phishing #Volexity #OAuth #News #APT
Help Net Security · Attackers phish OAuth codes, take over Microsoft 365 accounts - Help Net Security
More from 
Zeljka Zorz
#Phishing emails delivering infostealers surged 84% in 2024. Cybercriminals shifted to stealthier tactics, focusing on credential theft while #ransomware attacks declined. Critical infrastructure was targeted in 70% of attacks
https://www.helpnetsecurity.com/2025/04/23/cybercriminals-credential-theft-tactics/
Help Net Security · Phishing emails delivering infostealers surge 84% - Help Net SecurityCybercriminals continued to shift to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks declined.
https://www.europesays.com/uk/42394/ Responsibility declines as attacks continue: UK cybersecurity survey #AppOmni #Britain #CyberAttacks #Cybercrime #Cybersecurity #DataSecurity #England #GreatBritain #NorthernIreland #Phishing #Proofpoint #Scotland #SocialEngineering #SoftwareAsAService(SaaS) #UK #UKGovernment #UnitedKingdom #Wales
After attempted blackmail at Life360: Data of 443,000 users probably leaked
Following a ransomware incident at "Life360", a popular tracker app for families, a criminal has published data in the underground forum.
heise online · After attempted blackmail at Life360: Data of 443,000 users probably leaked
Fortinet: Infostealer Malware FormBook Spread via Phishing Campaign – Part I https://www.fortinet.com/blog/threat-research/infostealer-malware-formbook-spread-via-phishing-campaign-part-i @fortinet #cybersecurity #Infosec #malware #phishing
Fortinet Blog · Infostealer Malware FormBook Spread via Phishing Campaign – Part I | FortiGuard LabsFortiGuard Labs observed a phishing campaign in the wild that delivered a malicious Word document as an attachment. Learn more.…
Bitdefender: Scammers Masquerade as Google in Sophisticated Phishing Campaign https://www.bitdefender.com/en-us/blog/hotforsecurity/scammers-masquerade-as-google-in-sophisticated-phishing-campaign @bitdefender #cybersecurity #Infosec #Google #scam #phishing
Hot for SecurityScammers Masquerade as Google in Sophisticated Phishing CampaignCriminals are spoofing an official Google address to send highly convincing rogue emails in a cunning phishing scam.
Phishing 2.0: How Google Security Flaws Fuel Sophisticated Scams
A new wave of phishing scams is leveraging Google’s own infrastructure to deceive users with alarming effectiveness. As these scams become more sophisticated, understanding their mechanics can help de...
https://news.lavx.hu/article/phishing-2-0-how-google-security-flaws-fuel-sophisticated-scams
Trust is the foundation of our digital world but what happens when it’s exploited?
Every day, we rely on trust: in the emails we open, the websites we browse, and the calls we answer. But #cybercriminals exploit this trust through #spoofing, a deceptive tactic that hijacks familiar names, brands, and channels to blur the line between legitimacy and fraud.
The consequences? Breaches, financial loss, and eroded confidence.
Read our latest article where we break down:
- The most common types of spoofing
- Its real-world impact
- How to defend yourself and your organization
Don’t wait until it’s too late.
Knowledge is your best defense: https://crowdsec.net/glossary/what-is-spoofing
crowdsec.netWhat Is Spoofing? | CrowdSecUnderstand what is spoofing, the types of spoofing methods, their devastating impact, and, how to protect yourself and your organization.
Possible Phishing 
on: hxxps[:]//decsxreener[.]com/metamask_recovery[.]html
Analysis at: https://urldna.io/scan/68052f8a3b7750000adb7bf8
#cybersecurity #phishing #infosec #urldna #scam #infosec
Whoa, that Google phishing scam was pretty wild, wasn't it? Seriously, DKIM replay *and* abusing Google Sites... somebody got *really* creative there.
Look, we all know phishing isn't new. But the ingenuity attackers are showing lately? It's genuinely getting a bit unnerving. And the real kicker? Too many companies still think a simple automated scan has their back. Spoiler: it doesn't. Catching sophisticated stuff like this often takes a proper penetration tester who knows where to look.
It's always a good feeling when we help clients spot these things before they blow up. Honestly, though, security really needs to be driven from the top and actually get the budget it deserves.
Makes you think, huh? How long 'til we see the first wave of AI-driven phishing attacks that are *scarily* good? Gives me the chills!
Legacy Google Service Abused in Phishing Attacks https://www.securityweek.com/legacy-google-service-abused-in-phishing-attacks/ #Googlephishing #EmailSecurity #emailsecurity #Phishing #phishing #OAuth
Legacy Google Service Abused in Phishing Attacks https://www.securityweek.com/legacy-google-service-abused-in-phishing-attacks/ #Googlephishing #EmailSecurity #emailsecurity #Phishing #phishing #OAuth
Heutiges #Phishing: Kontosperrung aufgrund ungewöhnlicher Aktivitäten im Namen von #Amazon: https://www.verbraucherzentrale.nrw/phishing
