Skip to main content

Home/ Digit_al Society/ Group items tagged phishing

Rss Feed Group items tagged

dr tech

A massive Google Docs hack is spreading like wildfire - Recode - 0 views

  •  
    "Gmail users are under attack in a gigantic phishing operation that's spreading like wildfire across the internet right now. People took to Twitter to report receiving an email that looks like an invitation to join a Google Doc from someone they know. But when you click on the link to open the file, you are directed to grant access to an app that looks like Google Docs but is actually a program that sends spam emails to everyone you've emailed, according to a detailed outline of the attack on Reddit. "
dr tech

Alexa and Google Home abused to eavesdrop and phish passwords | Ars Technica - 0 views

  •  
    "Now, there's a new concern: malicious apps developed by third parties and hosted by Amazon or Google. The threat isn't just theoretical. Whitehat hackers at Germany's Security Research Labs developed eight apps-four Alexa "skills" and four Google Home "actions"-that all passed Amazon or Google security-vetting processes. The skills or actions posed as simple apps for checking horoscopes, with the exception of one, which masqueraded as a random-number generator. Behind the scenes, these "smart spies," as the researchers call them, surreptitiously eavesdropped on users and phished for their passwords."
dr tech

Beware of This Dangerously Convincing Google Docs Phishing Scam - 0 views

  •  
    ""The fake page is actually hosted on Google's servers and is served over SSL, making the page even more convincing," Symantec security expert Nick Johnston explained in a blog post. "The scammers have simply created a folder inside a Google Drive account, marked it as public, uploaded a file there, and then used Google Drive's preview feature to get a publicly accessible URL to include in their messages.""
dr tech

Wall Street phishers show how dangerous good syntax and a good pitch can be - Boing Boing - 0 views

  •  
    "Major Wall Street institutions were cracked wide open by a phishing scam from FIN4, a hacker group that, unlike its competition, can write convincingly and employs some basic smarts about why people open attachments."
dr tech

Phishers steal San Diego school data going back to 2008 / Boing Boing - 0 views

  •  
    "After a successful phishing attack that captured over 50 accounts, hackers stole 500,000 records from the San Diego Unified School District, for staff, current students, and past students going all the way back to 2008; including SSNs, home addresses and phone numbers, disciplinary files, health information, emergency contact details, health benefits and payroll info, pay information, financial data for direct deposits."
dr tech

'Dyre' malware re-surfaces as 'TrickBot', targets Australian banks * The Register - 0 views

  •  
    "Fidelis malware mangler Jason Reaves says the TrickBot malware has strong code similarities to the Dyre trojan, a menace that ripped through Western banks and businesses in the US, the UK, and Australia, inflicting tens of millions of dollars in damages through dozens of separate spam and phishing campaigns since June 2014. Dyre stole some US$5.5 million from budget carrier Ryanair and fleeced individual businesses of up to $1.5 million each in substantial wire transfers using stolen online banking credentials."
dr tech

Google Chrome: Phishing Scam 'Practically Impossible to Spot' | Fortune.com - 0 views

  •  
    "Indeed, this scam is far subtler. It works like this: fraudsters are able to register domains with characters plucked from various alphabets other than the default Latin script. When displayed, it's all but impossible to tell apart a Greek "O" from a Cyrillic "O" from a Latin "O," for instance."
dr tech

Train firm's 'worker bonus' email is actually cybersecurity test | Rail transport | The... - 0 views

  •  
    "West Midlands Trains emailed about 2,500 employees with a message saying its managing director, Julian Edwards, wanted to thank them for their hard work over the past year under Covid-19. The email said they would get a one-off payment as a thank you after "huge strain was placed upon a large number of our workforce". However, those who clicked through on the link to read Edwards' thank you were instead emailed back with a message telling them it was a company-designed "phishing simulation test" and there was to be no bonus. It warned: "This was a test designed by our IT team to entice you to click the link and used both the promise of thanks and financial reward.""
dr tech

Google says Chinese hackers who targeted Biden campaign are faking McAfee software - Th... - 0 views

  •  
    "Google said in a new blog post that hackers linked to the Chinese government have been impersonating antivirus software McAfee to try to infect victims' machines with malware. And, Google says, the hackers appear to be the same group that unsuccessfully targeted the presidential campaign of former Vice President Joe Biden with a phishing attack earlier this year. A similar group of hackers based in Iran had tried to target President Trump's campaign, but also was unsuccessful."
dr tech

Serious Security: Phishing without links - when phishers bring along their own web page... - 0 views

  •  
    "As explained above, filling in the forms in the fake HTML pages above will send off your password to websites controlled by the criminals. Of course, email passwords are amongst the most valuable credentials for crooks to acquire, simply because many people use their email account for password resets on a multitude of other accounts."
dr tech

The Celebrity Photo Hack Goes Far Beyond iCloud - 0 views

  •  
    "iTunes phishing scams Compromised phones or computers Celebrity passwords/emails as part of a larger password dump (such as the Adobe hack) Mobile-phone or computer-repair individuals abusing access Password reset questions guess Brute force"
dr tech

Stolen data reaches five continents and 22 countries in 12 days on the Dark Web - 14 Ap... - 0 views

  •  
    "The files were then downloaded through the Bitglass proxy service, in which a unique watermark was applied to each copy, so that the company could track when the data was viewed and/or downloaded from that point forward. The firm used a basic "phishing" technique to entice criminals on the Dark Web. The data had been viewed over 200 times in just a few days, and in 12 days it had received more than 1,000 clicks, and had spread across the globe in 22 different countries, in five different continents."
dr tech

Phishing email that knows your address - BBC News - 0 views

  •  
    ""The email has good spelling and grammar and my exact home address...when I say exact I mean, not the way my address is written by those autofill sections on web pages, but the way I write my address. "My tummy did a bit of a somersault when I read that, because I wondered who on earth I could owe £800 to and what was about to land on my doormat." She quickly realised it was a scam and did not click on the link."
dr tech

50 ways to leave your lover, but four to sniff browser history * The Register - 0 views

  •  
    ""History sniffing" promises a nose full of dust or, you're talking about web browsers, a whiff of the websites you've visited. And that may be enough to compromise your privacy and expose data that allows miscreants to target you more effectively with tailored attacks. For example, a phishing gambit that attempts to simulate your bank login page has a better chance of success if it presents the web page for a bank where you actually have an account."
dr tech

Finance worker pays out $25 million after video call with deepfake 'chief financial off... - 0 views

  •  
    " A finance worker at a multinational firm was tricked into paying out $25 million to fraudsters using deepfake technology to pose as the company's chief financial officer in a video conference call, according to Hong Kong police. The elaborate scam saw the worker duped into attending a video call with what he thought were several other members of staff, but all of whom were in fact deepfake recreations, Hong Kong police said at a briefing on Friday. "(In the) multi-person video conference, it turns out that everyone [he saw] was fake," senior superintendent Baron Chan Shun-ching told the city's public broadcaster RTHK. Chan said the worker had grown suspicious after he received a message that was purportedly from the company's UK-based chief financial officer. Initially, the worker suspected it was a phishing email, as it talked of the need for a secret transaction to be carried out. However, the worker put aside his early doubts after the video call because other people in attendance had looked and sounded just like colleagues he recognized, Chan said."
dr tech

Heartbleed - What Can You Do To Stay Safe? - 0 views

  •  
    "Naturally, you should do this - but be aware that this situation presents an ideal opportunity to phishers to start sending fake emails, complete with embedded links to the "change password" page - in reality, a website designed to harvest your details."
1 - 20 of 22 Next ›
Showing 20 items per page