Tag: SPAM

Microsoft Research Reveals – Phishing Campaign Impersonates Booking(.)com, Delivers a Suite of Credential-Stealing Malware
A phishing campaign identified by Microsoft Threat Intelligence targets the hospitality industry, impersonating Booking.com and utilizing the ClickFix social engineering technique to deliver credential-stealing malware. The campaign, ongoing since December 2024, aims at financial fraud by tricking users into executing malicious commands. Affected: hospitality organizations, Booking.com…
Read More
ClickFix Widely Adopted by Cybercriminals, APT Groups
Summary: Since August 2024, state-sponsored hackers and cybercriminals have been using a technique called ClickFix to deploy information stealer malware. This method involves social engineering through malicious JavaScript that manipulates users into executing harmful commands. Group-IB reports an increase in this attack vector, particularly targeting users on various platforms that offer free content or software.…
Read More
Ramadan Scams on the Rise: Fake Giveaways, Crypto Traps & Fraudulent Donations | CloudSEK
This report highlights the rise of Ramadan-related cyber scams, particularly targeting charitable contributions and crypto investments. Cybercriminals are exploiting the goodwill associated with Ramadan to spread fraudulent schemes, often using social engineering tactics to deceive victims. Understanding these scams is essential for safeguarding against potential losses.…
Read More
Scammers Send Fake Texts From E-ZPass and Other Toll Services to Siphon Payments
Summary: A new smishing scam is targeting individuals by masquerading as toll providers demanding payment for unpaid tolls through fraudulent text messages. The messages often threaten consequences for non-payment and include suspicious links designed to harvest personal information. Victims are urged to report and delete the messages, and to take protective measures for their sensitive data if they’ve interacted with the scammers.…
Read More
Phantom-Goblin: Covert Credential Theft and VSCode Tunnel Exploitation
A newly identified malware operation, named “Phantom Goblin,” utilizes social engineering to deceive users into executing a malicious LNK file that triggers a PowerShell script to download and execute additional payloads. These payloads enable the malware to extract sensitive data, maintain unauthorized remote access via Visual Studio Code tunnels, and exfiltrate the stolen data to a Telegram bot.…
Read More
Google expands Android AI scam detection to more Pixel devices
Summary: Google is expanding its AI-powered scam detection features for Android to combat increasingly sophisticated phone and text scams. These features aim to identify and protect users from conversational scams that manipulate victims into sharing sensitive information. The rollout includes enhancements for both Google Messages and phone call detection, prioritizing user privacy while providing real-time alerts for scam attempts.…
Read More
PayPal’s “no-code checkout” abused by scammers
This article highlights a new scam targeting PayPal customers through misleading Google ads that mimic official PayPal links. Scammers exploit Google’s advertisement policies to direct potential victims to fraudulent pay pages, leading to personal information theft. Affected: PayPal customers, Google search users.

Keypoints :

Scammers are creating fraudulent ads impersonating PayPal, using compromised advertiser accounts.…
Read More
Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw
Summary: A significant spam campaign has exploited a vulnerability in Krpano, a widely used virtual tour software, leading to malicious redirects affecting numerous major organizations worldwide. The reflected XSS vulnerability allowed attackers to embed ads or redirect users to inappropriate sites. Despite a previous patch issued in 2020, the issue lingered, prompting renewed notifications and fixes from Krpano developers after the exploitation was reported.…
Read More
Fake WordPress Plugin Impacts SEO by Injecting Casino Spam
This article discusses the tactic of attackers using fake WordPress plugins to inject malware, particularly casino spam, into websites. By disguising malicious plugins as innocuous, attackers evade detection and compromise site integrity. The narrative follows an investigation into a client’s compromised site, examining the methods of detection and removal of the fake plugin, emphasizing the importance of website security.…
Read More

https://github.com/jivoi/awesome-osint

A curated list of amazingly awesome open source intelligence tools and resources. Open-source intelligence (OSINT) is intelligence collected from publicly available sources. In the intelligence community (IC), the term “open” refers to overt, publicly available sources (as opposed to covert or clandestine sources).

This list is to help all of those who are into Cyber Threat Intellience (CTI), threat hunting, or OSINT.…

Read More
“SafetyCore” Exposed: Google’s Secret AI on Your Phone
Summary: Google faces criticism after the silent installation of “SafetyCore,” an image-scanning feature on Android devices without user notification. This controversial system conducts local scans for undesirable content, raising privacy issues reminiscent of a similar controversy involving Apple. Experts call for transparency and user consent in the implementation of such technologies to rebuild trust among users.…
Read More
Hackers Exploited Krpano Framework Flaw to Inject Spam Ads on 350+ Websites
Summary: A cross-site scripting (XSS) vulnerability in the Krpano virtual tour framework has been exploited in a large-scale campaign, affecting over 350 websites and allowing malicious actors to manipulate search results and serve spam ads. Security researcher Oleg Zaytsev reported that this operation utilizes trusted domains to distribute ads for pornography, diet supplements, and fake news.…
Read More
Beware: PayPal “New Address” feature abused to send phishing emails
Summary: A PayPal email scam is deceiving users into thinking their accounts have been compromised by sending fraudulent purchase notifications. The scam exploits PayPal’s address settings, tricking recipients into calling scammer-operated numbers and granting them remote access to their devices. It is essential for users to verify their accounts directly through PayPal rather than responding to or calling the provided phone numbers in the emails.…
Read More