One notable case spotted by analysts at INKY involves the spoofing of Verizon, a large U.S.-based telecommunication service provider. In this case, the actors are using a square root symbol, a logical NOR operator, or the checkmark symbol itself, all helping to create a slight optical differentiation that could trick AI-based spam detectors.
Despite all the money major brands spend on logo design, people are terrible at remembering them. And it only makes it easier for scammers to trick people into clicking on malicious links. On average, each month, a company sees 90 domains impersonating their business. These fake pages are set up by cybercriminals or even state-sponsored threat actors to conduct fraud.
A new phishing campaign has been uncovered targeting companies that may work with the US Department of Transportation. The campaign, discovered by security company INKY, found that phishers are impersonating the US Department of Transportation (DOT) in an effort to harvest Microsoft Office 365 credentials, INKY's Roger Kay wrote in a blog post.
Threat actors impersonated the U.S. Department of Transportation (USDOT) in a two-day phishing campaign that used a combination of tactics – including creating new domains that mimic federal sites so as to appear to be legitimate – to evade security detections. Between Aug. 16-18, researchers at e-mail security provider INKY detected 41 phishing emails dangling the lure of bidding for projects benefitting from a $1 trillion infrastructure package recently passed by Congress, according to a report written by INKY’s Roger Kay, vice president of security strategy, that was published on Wednesday.
A recently uncovered phishing campaign used fake COVID-19 vaccination forms - and took advantage of confusion over whether employees will return to their offices this fall - to harvest workers' email credentials, according to analysts with security firm INKY. See Also: Automating Security Operations During this phishing campaign, which was active earlier this month, the fraudsters appeared to have used compromised email accounts to send realistic-looking emails to employees that purported to come from the targeted company's human resources department, according to INKY researchers. These messages contained a malicious PDF link that would take victims to a phishing page to harvest their Microsoft Outlook credentials.
A trio of phishing reports is shedding light on the eclectic arsenal of techniques that cybercriminals have at their disposal, including using current events such as vaccine news to craft timely and urgent lures, as well as exploiting legitimate services and platforms, like Verizon’s multimedia messaging service and the UPS.com website. Scammers pose as HR deptment seeking vaccine documents Inky this week observed a spate of phishing activity this summer in which cyber criminals were pretending to be the HR department, asking email recipients to submit a COVID-19 vaccination form.
The rise in the value of cryptocurrencies has inevitably drawn the eye of criminals, and the concentration of crypto in the cryptocurrency exchanges has focused that attention. Coinbase is the largest exchange in the U.S., and researchers have detected numerous phishing campaigns against Coinbase users. The size/value of Coinbase is impressive. It claims to have more than 56 million verified users in more than 100 countries. Its traded volume is around $335 billion, and it has $223 billion in assets on the platform.
Authentico, The IT security company headquartered in Gothenburg, Sweden, today announced it has entered into a partnership with INKY Technology Corporation, a pioneer in next-gen email phishing protection.
According to the Japan Times, the organizing committee for the Tokyo Olympics has suffered a data breach as a consequence of Fujitsu's recent compromise. The Record reports that Cox Media livestreams were interrupted yesterday in what multiple sources tell the Record was a ransomware attack.
Experts insist that following the basic principles of cyber security will go a long way to lowering the odds of being victimized by an attacker. The latest proof is last month’s ransomware attack on Colonial Pipeline in the U.S. Hackers got in by exploiting a compromised username and password, according to an official of FireEye’s Mandiant threat intelligence service. Mandiant was called in to investigate the breach. The executive told Bloomberg News the password for a virtual private network account was no longer in use, but was still valid. That password was posted on the dark web, which raises the possibility a current or former Colonial employee used the same password on another account that had been hacked.