Cybercrime

Cybercrime / Industry Updates

“Nickel” APT Group: What We Found About Microsoft’s Latest Domain Seizure

Threat actors reportedly attacked 29 government agencies worldwide in a recent malicious campaign. The attacks were attributed to China-based advanced persistent threat (APT) group Nickel, which has been known to trail its sights on governments and nongovernmental organizations (NGOs) across Europe, the Americas, and the Caribbean. more

Are Mypressonline.com’s Free Subdomain Creation Services Being Abused?

It’s not uncommon to see free web hosting providers get abused as part of phishing campaigns. IBM X-Force Exchange, in fact, published three indicators of compromise (IoCs) related to such an incident. more

What WHOIS History Reveals about 3,800+ Verified Phishing Hosts

The ability to retrieve historical WHOIS information can be essential for the cybersecurity community, particularly when it comes to threat hunting and cybercrime investigation. This investigative capability is highlighted in our latest downloadable white paper "Digging Up Zombie Domains: What WHOIS History Reveals about 3,800+ Verified Phishing Hosts" where we analyzed thousands of verified phishing hosts and their historical WHOIS records. more

Telcos Are on Phishers’ Radar, Who Is at Risk?

The November 2021 PhishLabs Quarterly Threat Trends & Intelligence Report indicated the finance, social media, and telecommunications industries as phishers’ most targeted sectors. Last month, we analyzed a squatting campaign targeting U.S. Bancorp to determine if other banks were at risk, this time we’ll look into the top 3 phishing industry target – telecommunications. more

Locky Ransomware: Still a Threat as List of IoCs Grows

Locky has been around since 2016, contributing to the total amount lost to ransomware worldwide, which has to this day reached US$20 billion in the U.S. alone. It usually gets delivered to users’ computers via emails with malicious attachments in the form of macro-laden Word documents. more

Facebook Is Now Meta, Will Threat Actors Ride the Wave?

Facebook CEO Mark Zuckerberg, on 28 October in Connect 2021, introduced Meta, which will be Facebook’s parent company, along with the organization’s various apps and technologies. According to Zuckerberg, "Meta’s focus will be to bring the metaverse to life and help people connect, find communities, and grow businesses." more

Are Banks and Their Customers Once Again at Risk of Typosquatting Woes?

A typosquatting campaign targeting U.S. Bancorp was uncovered a few weeks ago, potentially posing a threat to the financial institution and its customers. As of this writing, four domains and their IP resolutions were identified as indicators of compromise (IoCs). more

Shopping Online for Toys Safely: Protecting Consumers in the Holiday Season

When the holidays roll around every year, online searches for toys increase, giving counterfeiters the opportunity to sell knock-offs of popular items. This time of year can prove expensive -- not just in terms of cash flow, but safety too. Consumers looking for a bargain may not even think about toy safety, or recognize that they're buying a fake, inferior product. more

Are Cybersquatting Campaigns Targeting Airlines Taking Off?

Details about an ongoing cybersquatting campaign targeting Turkish Airlines were recently unveiled, naming 13 malicious domains connected to the threat. As one of our primary goals is to expand published lists of indicators of compromise (IoCs), we dug deeper into the campaign to determine if the threat is confined to Turkish Airlines or if other industry players are at risk as well. more

Cybersecurity During the Busiest Shopping Days of the Year

The holiday season is just around the corner, and with that, shoppers are starting to make their lists. According to an Adobe Report, the 2020 holiday season exceeded $188 billion in online sales in the United States alone, an increase of 32% compared with 2019. more