Threat actors deploy multiple vectors to launch their cyberattack campaigns. Learn about recent attacks involving email phishing, server compromise, and credential-stealing malware.
There is a significant rise in IPFS phishing attacks in 2023, causing a considerable stir in the digital landscape. Read on to learn about IPFS phishing attacks, including their types and modus operandi, and how to stay secure from their clutches.
The latest in the crypto-cybersecurity landscape is the loss of around $6 million from about 5,000 people in a case of a phishing-as-a-service campaign by ‘Inferno Drainer.’ Read on to know everything about the incident.
Here is a close look into the details of the OCBC phishing scam, how it happened, the damage it caused, how OCBC handled it, and the masterminds behind it.
In one of the latest phishing scams, malicious actors are impersonating popular platforms like PayPal and MetaMask to target unsuspecting victims. The gravity of this cyber onslaught has been intense enough to prompt theFederal Trade Commission (FTC) to warn internet users.
US mobile carrier giant T-Mobile suffered another breach just four months into 2023, where the threat actors could use identity theft and spear phishing against the victims. Join us as we share the T-Mobile data breach, how it happened, what data was accessed, and how to get phishing protection.
Undoubtedly, famous public cloud services providers like Amazon, Google, Microsoft, and Western Digital offer a more secure cloud environment than on-premise servers. But what if the hackers target them, locking you out and hampering productivity? Follow this article to learn about the latest attack on Western Digital.
Western Digital recently announced today that an unauthorized party breached its network, gaining access to its multiple company systems. After discovering the breach, the firm launched an investigation into the incident (which is in the early stages) and informed the law enforcement authorities.
A major security breach has recently hit the US Marshals Service, putting sensitive information at risk, according to senior law enforcement officials. Learn more about the details of the breach, how it happened, the data at risk, and the steps being taken to address it.
The US Marshals Service was hit by a major security breach this month, with hackers breaking into and stealing data from a computer system that contained personal information about investigative targets and agency employees, as confirmed by a spokesman for the service on Monday.
TELUS, the Canadian telecom giant, is investigating a potential data breach after a threat actor leaked what appears to be employee data and source code. TELUS has initiated an investigation in response to the breach to assess the scope of the incident and safeguard its customers and staff from any potential risks. Stay updated with the latest developments on this incident with this article as we share what happened, how it happened, and what TELUS is doing.
In today’s constantly evolving threat landscape, attackers are always on the lookout for the next opportunity to obtain valuable personal data, making everyone vulnerable to phishing attacks regardless of their industry or sector. In this week’s update, we bring you the latest news stories related to phishing and data breaches.
In the latest cybersecurity breach news, web hosting giant GoDaddy has revealed that malicious actors have been stealing its source code for several years. This article shares a look at the multi-year data breach campaign and describes how you can protect yourself if you use a hosting service.
The recent security breach and phishing campaign that occurred at Namecheap, a domain registrar, serves as a stark reminder of the persistent and evolving threats posed by cybercriminals. In this post, we will delve into the details of the breach and the phishing campaign and offer some essential tips to help protect against phishing scams.
The web hosting company and domain registrar Namecheap recently suffered a security breach when its email account was hacked. This breach resulted in a phishing campaign that targeted the cryptocurrency wallet MetaMask and the logistics company DHL, intending to obtain personal and cryptocurrency wallet information from susceptible users.
Threat actors managed to infiltrate the popular social media platform Reddit and access internal documents, code, and some internal business systems, highlighting the need for individuals and organizations to take robust measures to safeguard their information. This text shares the details of the attack, what information was accessed, what Reddit is doing, and how to stay protected.
Threat actors made away $120,000 from an innocent victim by duping them with a sophisticated scam. This text shares the details of the cyberattack and shows how you can protect yourself.
As technology advances at a dizzying pace, so does the cunning of those seeking to exploit it for their nefarious purposes. One such example of this unfortunate reality can be seen in the recent surge of ‘Phishing-as-a-service‘ kits, which provide a turnkey solution for would-be thieves to engage in digital fraud and easily steal sensitive information. This malign development is fueling an alarming uptick in incidents of theft, with victims ranging from individuals to large corporations.
The latest online status symbol is getting verified on popular platforms like Instagram, Apple AppStore, or Twitter. Users trust verified accounts more; similarly, third-party OAuth app publishers get verified by Microsoft. However, researchers recently discovered the latest malicious third-party OAuth app campaign abusing Microsoft’s “verified publisher” status. Read on to learn more about the story.
Microsoft recently disabled many fraudulent, verifiedMPN (Microsoft Partner Network) accounts for designing malicious OAuth apps that breached business cloud environments to steal emails.
The Google Fi platform was breached due to one of its unsecured network providers, opening the platform’s customers up to SIM-swapping attacks. This text describes the data breach, how it happened, what data was taken, the details of the SIM swapping attacks, and how to protect yourself against these.
Your private information may be at risk as a massive Google Fi data breach has opened the doors to a dangerous new threat – SIM swapping attacks. Google’s US-only telecommunications and mobile internet service, Google Fi, has informed its customers that one of its private network providers suffered a data breach leading to the exposure of personal data that led to SIM swapping attacks.
Threat actors have switched to a new type of file for their malicious purposes, this time in the form of Microsoft OneNote attachments in emails to deploy information-stealing malware. Join us as we provide an in-depth view into the new attack campaign and how to protect against it.
The growing cybercriminal wave and headlines of novel attack campaigns have a new addition, this time in the form of OneNote attachments. Threat actors have evolved their phishing campaigns and are using OneNote attachments that infect the victim systems with malware to gain remote access to gain access for malicious purposes.
Nearly 35,000 PayPal customers were the victim of a credential stuffing attack where threat actors got access to their personal and financial information. This text shares details about the attack, what actually happened, how PayPal handled the case, what the organization is doing for the affected customers, and how you can protect your PayPal accounts and data.
ChatGPT is changing the phishing game for threat actors who can use it for crafting phishing emails and bypassing MFA. This text shares the power of ChatGPT in the hands of phishing actors, how it can be used for email crafting, and how you can protect yourself from AI-powered phishing.
ML (Machine Learning) Models and AI (Artificial intelligence) chatbot technology has come a long way in recent years, and one of the most advanced models is ChatGPT. Making headlines worldwide with its ability to understand and respond to natural language inputs, ChatGPT is a valuable tool in multiple industries.
However, like two sides of a coin, ChatGPT can significantly impact innocent lives in the hands of threat actors. In this article, we will explore how ChatGPT is changing the phishing game and the potential implications of this technology for both businesses and individuals.
The Emergence of ChatGPT and its Role in Phishing
ChatGPT, OpenAI’s large language model, has brought about significant progress in the field of NLP (Natural Language Processing), with applications ranging from customer service, virtual assistants, and even phishing detection and prevention, which is ironical since it can also be used for malicious purposes of phishing and targeting innocent individuals without much effort.
As technology continues to develop, we can expect to see ChatGPT being used more and more innovatively, making it a mighty tool for shaping the future. But we can also see it being used by threat actors to overcome the challenges of crafting phishing emails leading to more sophisticated campaigns with this AI chatbot. But how exactly does ChatGPT fit with phishing and cyberattacks?
ChatGPT Assisting Phishers in Social Engineering and Email Crafting
Phishing is a common tactic used by cybercriminals to trick individuals into sharing sensitive information, such as login credentials or financial information. However, the phishing game is changing with the emergence of AI chatbot technology like ChatGPT. Where ChatGPT can be trained to detect and respond to phishing attempts, making it a valuable asset in the fight against cybercrime, it also takes care of the challenges that low-level cybercriminals face while crafting phishing emails.
Threat actors, or individuals who engage in phishing attacks, face several challenges when crafting phishing emails. Crafting a successful phishing email is a complex task that requires a significant amount of skill and knowledge.
One of the main challenges is making the email appear as legitimate as possible to increase the likelihood of the recipient falling for the scam or social engineering tactic, which almost always involves creating a sense of urgency or fear in the recipient to prompt them to act quickly without thinking. ChatGPT can take care of this to continually craft phishing email templates for mass phishing campaigns enabling threat actors to cause all kinds of harm.
For example, when researchers at HoxHunt were checking how capable the AI chatbot was in crafting phishing emails, they asked it to prepare a BEC (Business Email Compromise) phishing attack impersonating the CEO (Chief Executive Officer) for a defunct organization by the name Standard Oil. ChatGPTdelivered a phishing email with the CEO reaching out to individuals for their immediate attention, informing them of financial restructuring, and asking them to redirect invoices to a new account.
Threat actors can and are already utilizing the AI chatbot for crafting malicious phishing emails. Just like RaaS (Ransomware as a service) models transformed ransomware attacks, enabling threat actors to target more organizations for financial gains, ChatGPT can be a similar catalyst for phishing campaigns to target individuals and enterprise workforce. But how is ChatGPT helping threat actors? Let us see.
How Threat Actors can Utilize ChatGPT for Phishing
ChatGPT has advanced coding capabilities that enable threat actors to carry out malicious activities. However, limiting the topic to ChatGPT’s ability to provide writing is an impressive and dangerous feat. Furthermore, since the chatbot improves quickly and offers various ways to write emails that are indistinguishable from the ones that humans write, phishing actors can utilize the AI chatbot and similar platforms to create anything they need to dupe innocent individuals on the Internet, including fake web personas, fake website presence, and more.
Here are two areas where ChatGPT can help attackers:
Translation
ChatGPT has over 20 languages, including English, Chinese, Korean, and more, but individuals on the Internet have tested nearly 100, and ChatGPT comes through. Now that language is no bar, any individual could explain to ChatGPT what they need as an output, and it would provide the writing promptly, even if the writing were a phishing email. Even though the AI chatbot is blocked in Russia, individuals and threat actors have found ways to use the chatbot via VPNs (Virtual Private Networks) and foreign numbers.
Bypassing MFA
With the boom of NLP, ChatGPT can convincingly carry on conversations in a human-like manner and can be used to bypassMFA (Multi-Factor Authentication). In the past, threat actors have used SMSRanger, BloodOTPbot, and other similar bots in turbo-charged phishing attacks to automatically follow up credential harvesting attacks, asking the victim for the OTP (One Time Password) code and making a fool of 2FA (Two Factor Authentication).
When threat analysts at Hoxhunt asked the chatbot how it could bypass MFA, it said, “These chatbots can engage with people in a human-like manner and trick them into revealing their personal information or MFA credentials. For example, an attacker may use a chatbot to impersonate a trusted individual or organization and request that the victim provide their password or security token.”
Since NLP-enabled and AI chatbots are more intelligent, they can keep up with individuals and move with the flow of the conversation to dupe them out of security codes, helping the threat actor bypass MFA.
How to Protect Yourself from Phishing in the age of AI-powered Phishing Campaigns?
The legacy approaches of always being cautious of unsolicited messages and never clicking on links or downloading attachments from unknown or suspicious sources work. And leveraging anti-phishing tools and software, such as email filters and browser extensions, to detect and block phishing attempts can add a layer of protection. But here are some tips to protect yourself from phishing in the age of AI-powered phishing campaigns:
Offering a simple method for reporting suspicious emails.
Scrutinizing web traffic through a secure web gateway to safeguard both on-premises and remote users.
Verifying URLs (Uniform Resource Locator) for malicious content or typosquatting.
Implementing email security protocols such as DMARC (Domain-based Message Authentication, Reporting, and Conformance), DKIM (DomainKeys Identified Mail), and SPF (Sender Policy Framework) to combat domain spoofing and content tampering.
Isolating Word documents and other attachments in a sandbox environment to prevent them from accessing corporate networks.
Final Words
AI chatbots like ChatGPT can become powerful tools for threat actors to carry out phishing attacks. They can mimic human behavior and communication patterns to make their phishing attempts more convincing and automate the process to increase their chances of success, which is why it is imperative for organizations to stay informed about the latest phishing tactics and to implement advanced security measures, such as AI-based threat detection and response, to detect and respond to these threats.
Despite the potential risks and the potential of ChatGPT on the other side, the benefits of ChatGPT in transforming the world and implementing AI chatbots in security are undeniable and will continue to play an important role of phishing protection in the future.
The BitRAT malware was used to target the Columbian Cooperative Bank, where the threat actors made away with records of over 400,000 individuals. The threat actors are using the information from these records for a massive spear phishing campaign. This text sheds light on the event, shares what BitRAT is, the BitRAT Columbian Cooperative Bank breach, an analysis of the latest BitRAT sample, why BitRAT is a grave threat, and shares how organizations can protect against BitRAT malware.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.