Phishers are forever devising new tricks and finding new services to exploit and impersonate in their phishing campaigns. Today we talk about phishing emails that appear to come from Docusign, the world’s most popular e-signature service. How Docusign-themed phishing works The attack begins with an email, typically designed to resemble a legitimate Docusign communication. In … [Read more...] about Docusign-themed phishing emails | Kaspersky official blog
emails
Hijacking GitHub accounts using phishing emails
We recently wrote about how attackers have learned to use legitimate social media infrastructure to deliver plausible-looking warnings about the blocking of business accounts, leading to password theft. It turns out that for several months now, a very similar method has been used to attack developer accounts on GitHub, which is a cause for concern for corporate information … [Read more...] about Hijacking GitHub accounts using phishing emails
Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails
Nov 30, 2023NewsroomMachine Learning / Email Security Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. "RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, … [Read more...] about Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails
New WailingCrab Malware Loader Spreading via Shipping-Themed Emails
Nov 23, 2023NewsroomMalware / Threat Analysis Delivery- and shipping-themed email messages are being used to deliver a sophisticated malware loader known as WailingCrab. "The malware itself is split into multiple components, including a loader, injector, downloader and backdoor, and successful requests to C2-controlled servers are often necessary to retrieve the next stage," … [Read more...] about New WailingCrab Malware Loader Spreading via Shipping-Themed Emails
Why you shouldn’t scan QR codes in emails
There’ve been more and more cases of users receiving emails seemingly from large internet companies (for example, Microsoft or its cloud service Office 365) containing QR codes. The body of these emails have a call to action: in a nutshell, scan the QR code to maintain access to your account. This post examines whether it’s worth reacting to such messages. Scan the QR code, or … [Read more...] about Why you shouldn’t scan QR codes in emails
Scam e-mails from “cloud-mining platform”
Despite some instability over the past six months, the cryptocurrency market is still seen by many as a get-rich-quick scheme. Accordingly, the stream of scammers feeding off this topic won’t be running dry any time soon. To lure victims into their traps, they continue to come up with new ploys, each more innovative than the last. Today we look at a novel scheme that invites … [Read more...] about Scam e-mails from “cloud-mining platform”
Wells Fargo phishing e-mails | Kaspersky official blog
Scammers often pose as well-known companies: video streaming services, job hunting websites, internet stores and so on. This time, phishers are targeting customers of Wells Fargo, one of the four largest US banks, providing services in more than 40 countries. Counting on the bank’s trustworthiness, the cybercriminals don’t limit themselves to stealing bank card details, but go … [Read more...] about Wells Fargo phishing e-mails | Kaspersky official blog
How DMARC Can Stop Criminals Sending Fake Emails on Behalf of Your Domain
21st-century technology has allowed Cybercriminals to use sophisticated and undetectable methods for malicious activities. In 2020 alone, a survey revealed that 65% of US-based companies were vulnerable to email phishing and impersonation attacks. This calls for upgrading your organization's security with DMARC, which if not implemented, will enable cyber-attackers … [Read more...] about How DMARC Can Stop Criminals Sending Fake Emails on Behalf of Your Domain
Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers
A decade-old botnet malware that currently controls over 450,000 computers worldwide has recently shifted its operations from infecting machines with ransomware or crypto miners to abusing them for sending out sextortion emails to millions of innocent people.Extortion by email is growing significantly, with a large number of users recently complaining about receiving sextortion … [Read more...] about Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers