PhishProtection.com “Phishing Watchdog” Is A Timeline of All Major Phishing Attacks Reported As They Breakout
An Updated Feed of All Significant Phishing Attacks
This is a comprehensive and frequently updated resource page that lists all the significant Phishing Attacks as they are discovered and happen online. Each attack is summarized here with links to further information about each attack. The list below is updated instantly with threat details as soon as the attack is verified to be authentic.
Please Sign Up To Get Instant Phishing Attack Alerts by Email
New Orleans Mayor: Ransomware Attack Cost City $7 Million
16th January 2020 | Target: New Orleans | Reported Here
A ransomware attack on New Orleans has racked up at least $7 million in financial damage to The City That Care Forgot, its mayor said.
New Orleans was able to get back $3 million through a cyber insurance policy, the mayor told WVUE, which also cited Chief Administrative Officer Gilbert Montano as saying the city has an IT backlog in the wake of the December attack.
Texas school district lost $2.3 million in a phishing email scam
12th January 2020 | Target: Manor School | Reported Here
The Manor Independent School District fell victim to an apparent phishing scam to the tune of $2.3 million.
Officials for the Texas school system did not release many details other than to say in a January 10 statement posted on Facebook that the incident was caused by a phishing email and that the local police and FBI are currently working the case.
The Manor Police Department told CNN the scam included three separate fraudulent transactions that took place in November.
UK Banks Foiled by Travelex Ransomware Attack
8th January 2020 | Target: Travelex | Reported Here
The New Year’s Eve cyber-attack on currency exchange bureau Travelex is disrupting services for UK bank customers.
Travelex took all its systems offline as a precautionary measure after being hit by what it initially described as a “software virus” on December 31. On January 7, the company released a statement fingering the culprit as a type of ransomware known as Sodinokibi and also commonly referred to as REvil.
‘Serious cyber-attack’ on Austria’s foreign ministry
5th January 2020 | Target: Austrian Foreign Ministry | Reported Here
The Austrian Foreign Ministry sounded the alarm bells of an ongoing “serious cyber-attack” that started in the late hours of Saturday January 4, 2019. Considering the signatures and the pattern of the attack, experts suggest this cyber-attack could possibly be carried out by a state sponsored threat actor. The attack, which began on Saturday night, was continuing and, “as per experts it could last several days,” a foreign ministry spokesman added.
Canadian Territory Nunavut Suffers Ransomware Attack
4th November 2019 | Target : Nunavut | Reported Here
The Government of Nunavut is the latest victim of a sophisticated ransomware attack. In an official statement, the Premier of Nunavut, Joe Savikataaq, stated he noticed a new and advanced type of ransomware that affected their network systems across the territory on November 2, 2019.
The attack encrypted individual files on various servers and workstations impacting all government online services. “All government services requiring access to electronic information stored on the Government of Nunavut (GN) network are impacted, except Qulliq Energy Corporation,” said Savikataaq.
Marriott announces exposure of associate’s Social Security numbers
1st November 2019 | Target : Marriott | Reported Here
Marriott has once again suffered a cyber attack. This time, Marriott warns some of its associates about a security breach affecting their Social Security Numbers. What makes this incident tricky is that Marriott is facing trouble contacting some of the victims.
Marriott Security Breach Affects Associates Marriott International Inc.
has recently warned of a security breach affecting some associates. Precisely, the incident exposed the Social Security Numbers of the associates to an unknown attacker. As revealed via a security notice, the incident primarily hit a third party vendor who once collaborated with Marriott.
North Korean Malware Found at Indian Nuke Plant
31st October 2019 | Target: Nuclear Power Station | Reported Here
The network of one of India’s nuclear power plants was infected with malware created by North Korea’s state-sponsored hackers, the Nuclear Power Corporation of India Ltd (NPCIL) confirmed today.
News that the Kudankulam Nuclear Power Plant (KNPP) might have been infected with a dangerous strain of malware first surfaced on Twitter on Monday.
Pukhraj Singh, a former security analyst for India’s National Technical Research Organization (NTRO), pointed out that a recent VirusTotal upload was actually linked to a malware infection at the KNPP.
The particular malware sample included hardcoded credentials for KNPP’s internal network, suggesting the malware was specifically compiled to spread and operate inside the power plant’s IT network.
UN, NGOs targeted by ongoing phishing attack
25th October 2019 | Target: UN, NGOs | Reported Here
Security researchers are warning of an ongoing mobile-aware phishing campaign targeting the United Nations and various NGOs for Okta, Office 365 and Outlook account credentials.
The two domains hosting the phishing content have been live since March 2019, with most of the the SSL certificates used valid in two main date ranges: May 5-August 3, 2019, and June 5-September 3, 2019, according to Lookout.
Stripe Users Targeted in Phishing Attack That Steals Banking Info
17th October 2019 | Target: Bank Data. | Reported Here
A new phishing campaign that targets Stripe users to steal banking information has been uncovered.
Attackers are evading detection by blocking users from viewing the destination of embedded links.
Stripe is an online platform that enables businesses to deal with payments. It handles billions of dollars annually and has a rich client base of reputed brands. This makes Stripe an attractive target for hackers.
Malware takes down some Pitney Bowes systems
14th October 2019 | Target: Pitney Bowes. | Reported Here
Global shipping and postage giant Pitney Bowes has had its operations disrupted by ransomware, with customers being unable to access some of its services.
Pitney Bowes acknowledged the attack early this morning Australian time.
SendPro customers currently can’t refill postage or upload transactions on their mailing machines, Pitney Bowes advised.
It is also not possible to access SendPro Online in the UK and Canada, or the ‘Your Account’ page for customers and the Pitney Bowes Supplies webstore.
Mail360 Scans and MIPro Licensing are also down, the company said, with the Software and Data Marketplace being unavailable.
Cyber-Attacks Hit Defense Contractors in Europe and North America
27th September 2019 | Target: Rheinmetall AG. | Reported Here
Rheinmetall AG and Defence Construction Canada (DCC), both major defense contractors, were each at the receiving end of disruptive cyberattacks this month. Rheinmetall AG has been hit with what the firm referred to as “malware attacks” since September 24. As a result, the “normal production processes ” at company’s plants in Brazil, Mexico and the US have been significantly disrupted. The company says that it may take between two to four weeks to resolve all issues resulting from the attacks.
Separately, DCC suffered a “cyber incident” on September 11 that disrupted various IT systems. The company has launched in investigation into the attack and is currently still working to fully recover all impacted systems.
Ransomware Attack Disrupts Wyoming Health Services
23rd September 2019 | Target: Campbell County Health.| Reported Here
Campbell County Health (CCH) in Wyoming on Sept. 20 was hit with a ransomware attack that has severely disrupted the facility’s computer network, requiring a return to paper record keeping and the transfer of some patients to non-affected hospitals.
In a Sept. 23 press conference posted on Facebook, CCH officials said the attack’s impact has been widespread, but at this time it is not believed any patient information was compromised. Very few details concerning the attack is known at this time, but an investigation is ongoing and includes a third-party cybersecurity firm along with local, state and federal law enforcement.
A hospital spokeswoman told SC Media that she could not comment on the ransom demand amount, whether or not paying it is being considered, or if the hospital will use backed-up files to recover from the attack.
North Korean Malware Attacks ATMs and Banks
23rd September 2019 | Target: ATM | Reported Here
The infamous Lazarus Group is behind new malware discovered targeting ATMs and back-office systems in Indian banks and research centers, according to Kaspersky.
The Russian AV vendor claimed in a new report that it discovered the ATMDtrack malware back in late summer 2018. It is designed to sit on targeted ATMs and effectively skim the details of cards as they are inserted into the machine.
However, digging a little deeper, the researchers found another 180+ new malware samples similar to ATMDtrack but which were not designed to target ATMs.
Hackers Steal $4.2m from State Troopers’ Pension Fund
6th September 2019 | Target: Oklahoma | Reported Here
Cyber-thieves targeting a pension fund for law enforcement officers employed by the state of Oklahoma have made off with $4.2 million.
The money was stolen from a fund of more than $1 billion set aside to pay pensions and benefits to around 1,500 retired highway troopers, park rangers, state agents, and other law enforcement officers.