#Phishing aktuell: #DKB-Kundschaft zu Kontobestätigung im Rahmen der DSGVO aufgefordert: https://www.verbraucherzentrale.nrw/phishing
Recent searches
Search options
#phishing
17 posts17 participants1 post today
Whoa, that Google phishing scam was pretty wild, wasn't it? 
Seriously, DKIM replay *and* abusing Google Sites... somebody got *really* creative there.
Look, we all know phishing isn't new. But the ingenuity attackers are showing lately? It's genuinely getting a bit unnerving. And the real kicker? Too many companies still think a simple automated scan has their back. Spoiler: it doesn't. Catching sophisticated stuff like this often takes a proper penetration tester who knows where to look.
It's always a good feeling when we help clients spot these things before they blow up. Honestly, though, security really needs to be driven from the top and actually get the budget it deserves.
Makes you think, huh? How long 'til we see the first wave of AI-driven phishing attacks that are *scarily* good? Gives me the chills!
Heutiges #Phishing: Kontosperrung aufgrund ungewöhnlicher Aktivitäten im Namen von #Amazon: https://www.verbraucherzentrale.nrw/phishing
The Witcher 4 Scam-Alarm: Phishing-Falle tarnt sich als Beta-Test-Einladung
#Gaming #OnlineBetrug #BetaTest #CDProjektRed #FakeEinladung #Phishing #Scam #Witcher4 https://sc.tarnkappe.info/301b0a
TARNKAPPE.INFO · The Witcher 4 Scam-Alarm: Phishing-Falle tarnt sich als Beta-Test-EinladungCD Projekt klärt aktuell auf: Hinter angeblichen Testeinladungen zu The Witcher 4 steckt eine Phishing-Kampagne.
Is this website legit? 
https://www.macaissedepargnehautsdefrancemerepond.fr/
At first glance, the domain name looks suspicious. But when we checked Passive DNS data, it turns out the domain has existed for over two years and has been seen before. Was it taken over, or has it always been active?
Interestingly, there’s no login form on the page, which might suggest it’s not part of a phishing campaign.
So… could it actually be legit? Again PassiveDNS helps a lot but sometime creativity in domain creation makes everything uncertain.
LookyLoo https://lookyloo.circl.lu/tree/79f3d4f0-3e98-426b-a5df-e4b79398200a
Russians lure European diplomats into #malware trap with wine-tasting invite - https://www.theregister.com/2025/04/16/cozy_bear_grapeloader/ "Vintage #phishing varietal has improved with age"
The Register · Russians lure European diplomats into malware trap with wine-tasting invite
Abnormal published a intel like report for a newer AI/Vibe platform used in phishing, but withheld any useful indicators or patterns for building detections or policies.
Fine, I'll do it myself.
Dev console: gamma.app
Websites: {pagename}-{guid}.gamma.site
Documents/Slides: gamma.app/docs/{docname}-{guid}
Email notifications (add collaborator): notifications@gamma.app
Email Invitation URL: gamma.app/invitations/docs/{guid}?{params}
API: api.gamma.app
i am highly amused (and this is a warning to all user of the intertubz, because i know some of you are not paying proper attention.)
i recently received a phishing SMS message about alleged overdue ezpass fees (not uncommon these days). the link i was supposed to click is in the .xin top level domain (in theory a peer of .com, .org, .net, etc...). this is obviously suspicious to anyone who pays more than cursory attention. but wait, there's more. 1/ #phish #phishing
Polizei warnt vor Betrug bei britischer Einreiseerlaubnis – mit falscher URL
Für Reisen nach Großbritannien braucht man eine elektronische Erlaubnis. Bei einer Warnung vor einer Betrugsmasche unterläuft der Polizei selbst ein Fehler.
heise online · Polizei warnt vor Betrug bei britischer Einreiseerlaubnis – mit falscher URL
Bankbetrug durch KI: Rentner im Visier digitaler Betrüger
#ITSicherheit #OnlineBetrug #CindyTriest #Cybercrime #HaraldKiesewetter #Kreditkartenbetrug #KünstlicheIntelligenz #Phishing https://sc.tarnkappe.info/c1816c
TARNKAPPE.INFO · Bankbetrug durch KI: Rentner im Visier digitaler BetrügerEin Rentner wird zum Opfer von KI-gestütztem Bankbetrug. Wie die Täter vorgehen und was man tun kann, um sich zu schützen, erfahrt ihr hier.
Benutzer von Outlook müssen wirklich seeehr geduldig sein.
Meiner Meinung nach einer der miesesten #EMail-Clients (aber leider der beste #Groupware-Client) und dann noch die ständigen #Cloud-Zwänge, das Abschnorcheln der Passwörter durch #Microsoft (iOS/Android/neues #Outlook), quasi optimiert als Einfallstor für #Phishing und #Malware und dann noch solche Kleinigkeiten:
Fehler in Microsoft Outlook kann das System massiv verlangsamen
https://www.derstandard.at/story/3000000266163/fehler-in-microsoft-outlook-kann-das-system-massiv-verlangsamen
Leute, ich frage mich ernsthaft, warum die Menschen nicht scharenweise zu zumindest #Thunderbird wechseln, wo man fast alle Outlook-Nachteile mit einem Schlag verliert. Auch bei Benutzung via #Exchange.
DER STANDARD · Fehler in Microsoft Outlook kann das System massiv verlangsamenUnter bestimmten Umständen kann der E-Mail-Client die Hälfte der CPU-Ressourcen beanspruchen – behelfen kann man sich derzeit nur mit einem Workaround
#Phishing: Kontaktverifizierung erforderlich bei der #Targobank: https://verbraucherzentrale.nrw/phishing
heise+ | Vertrauenswürdige E-Mail: Spoofing-Schutz über DNS einrichten
Domain-Inhaber können E-Mail-Spoofing deutlich erschweren, wenn sie über das Domain Name System (DNS) standardisierte Informationen zur Verfügung stellen.
iX MagazinVertrauenswürdige E-Mail: Spoofing-Schutz über DNS einrichtenDomain-Inhaber können E-Mail-Spoofing deutlich erschweren, wenn sie über das Domain Name System (DNS) standardisierte Informationen zur Verfügung stellen.
New #ClickFix scam targets US users with fake MS Defender and CloudFlare pages.
The scam page is hosted on a domain registered back in 2006, pretending to be the Indo-American Chamber of Commerce.
The #phishing page loads only for US-based victims, as observed during analysis with a residential IP in #ANYRUN Sandbox.
Analysis session: 
URL: iaccindia[.]com
The page hijacks the full-screen mode and displays a fake “Windows Defender Security Center” popup.
It mimics the Windows UI, locks the screen, and displays urgent messages to panic the user.
Victims are prompted to call a fake tech support number (+1-…), setting the stage for further exploitation.
The phishing page may also display a fake CloudFlare message tricking users to execute a #malicious Run command.
Take a look: https://app.any.run/tasks/e83a5861-6006-4b1d-aba8-8536dcaa8057/?utm_source=mastodon&utm_medium=article&utm_campaign=clickfix_scam&utm_term=160425&utm_content=linktoservice
#IOCs:
supermedicalhospital[.]com
adflowtube[.]com
knowhouze[.]com
ecomicrolab[.]com
javascripterhub[.]com
virtual[.]urban-orthodontics[.]com
Streamline threat analysis for your SOC with #ANYRUN 
#ExploreWithANYRUN
Continued thread
The @SophosXOps @thepacketrat report also notes the now common Microsoft Teams "vishing" calling / phishing technique to social engineer end users into downloading and running software to facilitate further malicious activity. Check out the referenced report on Teams-based #phishing here: https://news.sophos.com/en-us/2025/01/21/sophos-mdr-tracks-two-ransomware-campaigns-using-email-bombing-microsoft-teams-vishing/
Sophos News · Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”Sophos MDR identifies a new threat cluster riffing on the playbook of Storm-1811, and amped-up activity from the original connected to Black Basta ransomware.
#Phishing aktuell: Vermeintliche Aktualisierung der Zahlungsmethode bei #Netflix erforderlich: https://verbraucherzentrale.nrw/phishing
I've written a blog post about my recent experience of a phishing attempt through booking.com in relation to two Slovakian hotel bookings.
Have a look here at what happened and what I did, and didn't do
Old People on Tour! · Phishing emails through Booking.comI've generally used booking.com for my hotel reservations over the last few years - and I've never had a hitch until this month.