Also jetzt hab ich doch echt kurz überlegt, ob das wirklich sein kann, dass ich 1,95 Euro zahlen soll, damit mir weiterhin E-Mails zugestellt werden... und wollte mich schon aufregen, dass man als zahlender Kunde nun auch noch extra zahlen muss und so. 
Aber gut gemacht ist diese Spam-Mail ja...
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing – Source:hackread.com https://ciso2ciso.com/russias-storm-2372-hits-orgs-with-mfa-bypass-via-device-code-phishing-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #PhishingScam #CyberAttack #Storm2372 #Hackread #Phishing #security #SOCRadar #Russia #Scam #MFA
Tycoon 2FA Phishing Kit Uses Advanced Evasion Techniques to Bypass Endpoint Detection Systems https://gbhackers.com/tycoon-2fa-phishing-kit-uses-advanced-evasion-techniques/ #CyberSecurityNews #cybersecurity #Phishing #Browser
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing https://hackread.com/russia-storm-2372-hit-mfa-bypass-device-code-phishing/ #Cybersecurity #CyberAttacks #PhishingScam #CyberAttack #Storm2372 #Security #Phishing #SOCRadar #Russia #Scam #MFA
Possible Phishing 
on: 
hxxps[:]//muhammadammaratique[.]github[.]io/netflixClone/
Analysis at: https://urldna.io/scan/67f94ca63b77500011dda101
#cybersecurity #phishing #infosec #urldna #scam #infosec
Dzwoni do Ciebie numer zza granicy? ,,Dodaj mnie na WhatsApp’’ – nowa kampania phishingowa
W ostatnich dniach obserwujemy nową kampanię cyber zbójów. Schemat, który zaraz Wam opiszemy nie odbiega za bardzo od innych tego typu, ale tym razem skala działania jest naprawdę imponująca i pojawia się kilka ciekawych elementów. Dużo osób (w tym ekipa sekurak.pl) dostaje połączenia z zagranicznych numerów (kierunkowe, np. +44, +36),...
Wenn man wieder Phishing-Domains shopt und man dann doch die 18€ nicht ausgeben will weil man nur die von #Hochwertziel-Orgs sammelt. 
#fdp #phishing
Attention #Phishing sur #Bruxelles !
Un appel téléphonique de quelqu'un se prétendant du SPF Finances - Pension qui appelle suite à un courrier jamais reçu (perdu par la Poste à cause des grèves) et dont le but final est de soutirer des infos personnelles (ou peut-être pire).
Ne donnez jamais aucune info par téléphone sans être sûrs de qui vous avez en ligne. Au pire, dites-leur d'envoyer un mail ou un courrier.
Restez vigilant-es !
Chinese eCrime Group Targets Users in 120+ Countries to Steal Banking Credentials https://gbhackers.com/chinese-ecrime-group-targets-users-in-120-countries/ #CyberSecurityNews #cybersecurity #Phishing
A technical overview on phishing infrastructure and considerations for Red Teaming
Aktuelles #Phishing: Vermeintlich notwendige Verifizierung der Telefonnummer bei Neobank #N26: https://www.verbraucherzentrale.nrw/phishing
Reminds me to not check email.
How to identify a #phishing attack
https://bitwarden.com/blog/what-is-a-common-indicator-of-phishing/
#Phishing kits now vet victims in real-time before stealing credentials
Smishing Triad: Chinese eCrime Group Targets 121+ Countries, Introduces New Banking Phishing Kit
The Chinese eCrime group Smishing Triad has launched a global SMS phishing campaign targeting over 121 countries across various industries. Their infrastructure generates over one million page visits in 20 days, averaging 50,000 daily. The group has introduced a new 'Lighthouse' phishing kit focusing on banking and financial organizations, particularly in Australia and the Asia-Pacific region. Smishing Triad claims to have '300+ front desk staff worldwide' supporting their operations. They frequently rotate domains, with approximately 25,000 active during any 8-day period. The majority of phishing sites are hosted by Chinese companies Tencent and Alibaba. The campaign primarily targets postal, logistics, telecommunications, transportation, finance, retail, and public sectors.
Pulse ID: 67f80a4937d04f9036252cf7
Pulse Link: https://otx.alienvault.com/pulse/67f80a4937d04f9036252cf7
Pulse Author: AlienVault
Created: 2025-04-10 18:13:29
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
@ra6bit : When we visit a shop or bank in the center of town, chances are extremely small that it's a fake. Not so on the internet (and in North Korea).
There is a fix, in short:
1) If people visit a website for the first time, their browser should (before fetching content) show them all known relevant info about the website (and warn for typical phishing domain names, such as "example.com-whatever[.]tld"). And if known, *usable* identifying info of the entity who is responsible for the website. I'm not against anonymous websites, but too often their owners are criminals, so such sites are unsuitable for risky transactions.
2) We need more human readable info in certificates. The CA/B forum must be replaced by a consumer (plus governments) controlled organization.
3) User education.
More details below "WHAT IS A DECENT WEBPKI" in https://infosec.exchange/@ErikvanStraten/113079966331873386.
Smashing Security podcast #412: Signalgate sucks, and the quandary of quishing – Source: grahamcluley.com https://ciso2ciso.com/smashing-security-podcast-412-signalgate-sucks-and-the-quandary-of-quishing-source-grahamcluley-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #SmashingSecurity #grahamcluleycom #Grahamcluley #Encryption #whitehouse #Military #Phishing #Podcast #privacy #QRcode #Signal #ios
@paulasadoorian : the biggest factor, user knowledge, is missing in the diagram.
BTW it's not stupidity. People are made to believe that security is simple (it's not).
And it's even deliberately made hard by big tech. The site below has a certificate issued by "Google Trust Services" and it's IP-addresses belong to Cloudflare (tap Alt for more info).
![Screenshot of a fake website. It shows multiple stacked warning boxes (one moving a bit). A woman with a German voice and the German texts in the message boxes inform me that my Windows computer is compromised and has been blocked. I'm told to call Microsoft support using a telephone number in Ireland.
Note that this is in Chrome on Android, configured to use English, and I'm Dutch.
The website's domain name is:
jellyfish-app-3-jaimx·ondigitalocean[.]app
More info in https://www.virustotal.com/gui/domain/jellyfish-app-3-jaimx.ondigitalocean.app](https://media.infosec.exchange/infosec.exchange/media_attachments/files/114/314/647/288/635/163/original/a5f9aa5104ec47f8.jpeg "Screenshot of a fake website. It shows multiple stacked warning boxes (one moving a bit). A woman with a German voice and the German texts in the message boxes inform me that my Windows computer is compromised and has been blocked. I'm told to call Microsoft support using a telephone number in Ireland.
Note that this is in Chrome on Android, configured to use English, and I'm Dutch.
The website's domain name is:
jellyfish-app-3-jaimx·ondigitalocean[.]app
More info in https://www.virustotal.com/gui/domain/jellyfish-app-3-jaimx.ondigitalocean.app")
GOFFEE Deploys PowerModul in Coordinated Strikes on Government and Energy Networks https://gbhackers.com/goffee-deploys-powermodul-in-coordinated-strikes-on-government/ #CyberSecurityNews #cybersecurity #Phishing #Malware
