REDMOND, WA - Microsoft has issued a new security alert to users of its Microsoft Advertising platform, warning of a wave of OAuth consent phishing attacks - a sophisticated form of credential theft designed to look completely legitimate. In its notice, Microsoft explained that malicious actors are sending out fake login or permission prompts that appear identical to the company’s official consent screens. Once a user clicks “Accept”, the attacker gains access to sensitive … [Read more...]
Search Results for: phishing
Hackers Utilizing Russian Domains for Rising Number of Complex Phishing Attacks
REDMOND, WA - Cybersecurity experts have noted a large increase in the number of phishing attacks recently as hackers have been altering their attack avenues in order to work their way around increasingly complex email security systems designed to circumvent their efforts. Both the volume and complexity of malicious emails have been on the rise and are proving to be increasingly able to bypass Secure Email Gateways (SEGs) such as Microsoft and Proofpoint, according … [Read more...]
Investigation Uncovers 40,000 Phishing Domains Linked To LabHost Scam Operation
UNITED KINGDOM - The LabHost phishing-as-a-service (PhaaS) platform, which had tens of thousands of phishing domains linked to it and thousands of users worldwide, has had its infrastructure completely disrupted and 37 suspects have been arrested – including the original developer – following a year-long global law enforcement operation. Originally launched in 2021, LabHost was a resource for cybercriminals that – for a monthly subscription fee – provided them … [Read more...]
Threat Intelligence Firm Recommends Blocking All .ZIP Domains Due to Phishing
SUNNYVALE, CA - FortiGuard Labs reports that they have discovered many .ZIP domains are responsible for phishing attacks on users by automatically downloading a malicious executable titled “file.exe” to their computers. Phishing attacks have been a thorn in the side of computer users for years due to the fact that they often are able to camouflage themselves as innocuous programs or prompts that seemingly pose no threat, but in reality can cause a great deal of … [Read more...]
Amazingly Convincing Facebook Phishing Scam Takes Place on Facebook.com Itself
PALM BEACH, FL – I have been reviewing and writing about email phishing scams for years and I have seen a ton of them, from outright laughable in their easy discoverability to incredibly convincing, but this latest one I must write about because its one of the most convincing I have ever seen, and it has been happening for over a year now. I know it well as I once fell for it. The reason this is one of the most convincing I’ve ever seen is because unlike most phishing … [Read more...]
This AMEX Email Phishing Scam Wants You Homeless & Poor, With A Zero FICO Score
PALM BEACH, FL - Nothing could better destroy your holiday spirit than a compromise of your most secure personal information in the form of a phishing expedition. Here is one of the latest email scams circulating what is probably hundreds of thousands of inboxes, just in time for Christmas. Here is how it all plays out: You receive an email which appears to be from American Express, but it isn't, it's from some scrupulous hacker hiding somewhere behind a computer who is … [Read more...]
Email Phishing Campaign Using Legitimate Top-Level Domain to Evade Spam Filters
PALM BEACH, FL – A sophisticated email phishing campaign is making the rounds while evading email filters by using a Google domain redirect. According to ThreatPost.com, a leading source of information about IT and business security, the campaign uses percentage-based URL encoding to deceive users. The campaign makes use of what’s called percentage-based URL encoding – a basic URL-encoding technique in which normal ASCII characters (i.e., “abc” and “123”) are converted … [Read more...]
FedEx Email Phishing Scam Attempt: Not That Clear What Actual Motive Is
NEW YORK, NY – From time to time I like to point out some phishing scams that are out there in hopes to help some people not fall for these email-traps; today is one of those day. This email stuck out not for its sophistication but for more of its non-sophistication, and recurring delivery. For instance, I’ve received these at least 4 times in the last couple of days. This scam pictured below is trying to capture FedEx users regarding the non-delivery of their package; a … [Read more...]
Phishing: Watch-out for New Dangerous Godaddy Email Phishing Attempt
NEW YORK, NY - This is just a quick reminder to remain vigilant of all sorts of threats from hackers, email-spoofers, phishers and scammers; you can never let your guard down these days when it comes to your accounts, financial information and especially your domain accounts, because loss of your domain name can be loss of your business and will likely be permanent. Just this week news broke about an Equifax hack that hit credit histories of up to 143 million … [Read more...]
Weak Attempt at Phishing Network Solutions Account Holders
LONG ISLAND, NY - Network Solutions is a popular provider of domain names and web hosting accounts in addition to other tools used for Internet services. They're a common target due to the ability to hijack web sites and steal domain names when and if someone gains access to the account. Damages can be horrific as it is possible to permanently shut down and steal your asset or online business. Below is a weak attempt at gaining access to my Network Solutions account through … [Read more...]
Verizon Wireless Phishing Email: Scams & How to Avoid Them (Part 2)
Back in May 17th 2012 I wrote a very detailed post about a fake Verizon Wireless phishing email I received. I decided to write the post because I know there are a lot of people who receive these types of emails and I wanted to help educate people about this sort of thing. I’m sometimes taken back by how ramped this problem is and how many people are likely taken advantage of by just not knowing what to look for to keep them and their privacy safe. I also wrote it because … [Read more...]
October: National Cybersecurity Awareness Month: Is Your Business Truly Protected?
WEST PALM BEACH, FL - Every October, businesses across the country are reminded of a simple but critical truth: cybersecurity is no longer optional. As cybercriminals refine their tactics, small and medium-sized businesses have increasingly become their top targets. Phishing emails, ransomware, and malware aren’t just problems for Fortune 500 companies - they’re threats to any business with valuable data and daily digital operations. This year’s National Cybersecurity … [Read more...]
Massive “Combo List 93M” Surfaces on Dark Web, Exposing Millions of Emails
WEST PALM BEACH, FL - A newly circulated credential database called Combo List 93M has emerged on underground forums, raising concerns for millions of email account holders. The massive compilation - reportedly containing over 93 million records - is being distributed within cybercriminal communities for use in credential-stuffing and phishing campaigns. What Is Combo List 93M? Unlike a traditional “data breach” tied to a single company, Combo List 93M appears to be an … [Read more...]
TransUnion Data Breach Exposes Personal Information of 4.4 Million Consumers
WEST PALM BEACH, FL - TransUnion, one of the nation’s three major credit reporting agencies, has confirmed a data breach that exposed sensitive personal information of more than 4.4 million U.S. consumers. The incident was discovered on July 30, 2025, just two days after hackers gained access to a third-party application used by TransUnion’s U.S. consumer support operations. While the company stressed that its core credit databases and credit reports were not compromised, … [Read more...]
Hackers Claim PayPal Credential Dump Exposes 15.8 Million Accounts
SAN JOSE, CA - A massive set of PayPal login credentials has surfaced for sale on a dark web marketplace, with hackers alleging it contains information on nearly 15.8 million accounts worldwide. The dataset reportedly includes email addresses, plaintext passwords, and associated PayPal login URLs - a combination that, if authentic, could enable criminals to commit widespread identity theft and financial fraud. Hackers’ Claims The seller is advertising the database, … [Read more...]