Phishing Watchdog – Stay Safe with Instant Alerts


Phishing Watchdog “Phishing Watchdog” Is A Timeline of All Major Phishing Attacks Reported As They Breakout


An Updated Feed of All Significant Phishing Attacks

This is a comprehensive and frequently updated resource page that lists all the significant Phishing Attacks as they are discovered and happen online. Each attack is summarized here with links to further information about each attack. The list below is updated instantly with threat details as soon as the attack is verified to be authentic.

Please Sign Up To Get Instant Phishing Attack Alerts by Email



T-Mobile discloses data breach after SIM swapping attacks

26th February 2021 | Target: T-Mobile | Reported Here

T-Mobile, the U.S. telco giant, has seen a steep rise in SIM swap attacks against its customers, and as confirmed through a notice of data breach, this was because of a security incident. The company alleges that they identified the malicious activity fairly quickly and took action to terminate it as well as prevent it from reoccurring in the future.


[above via Technadu post]


Dutch Research Council (NWO) confirms ransomware attack

25th February 2021 | Target: Dutch Research Council (NWO) | Reported Here

Hackers published a batch of internal documents from the Netherlands Organisation for Scientific Research (NWO) on the dark web yesterday, after the agency refused to pay up in a ransomware attack. The attack, which began on 8 February, has completely knocked out the agency’s grant application and review process and cut off NWO’s communication with applicants, grantees, and universities.


[above via Science Mag post] Update 1


Silicon Valley’s most notable VC firms, told investors it was hacked

22nd February 2021 | Target: Silicon Valley | Reported Here

A leading venture capital firm based in California’s Silicon Valley has fallen victim to a cyber-attack.

According to Axios, Sequoia Capital contacted investors on Friday, February 19, to inform them that their financial data and personal information had been accessed by an unauthorized third party. The data breach occurred after the email account belonging to an employee at the firm was compromised in a phishing attack.


[above via Infosecurity post] 


Kroger data breach exposes pharmacy and employee data

20th February 2021 | Target: Kroger | Reported Here

Kroger was among the companies affected by a data breach caused by a weakness in a product offered by Accellion, a third-party company that the retailer used for secure file transfer services, according to a company press release.

The breach didn’t affect Kroger’s IT system, the store systems, debit or credit card information, and no customer data was misused, the retailer said, but it did impact certain HR data, money service records, and pharmacy records.


[above via Business Insider post] Update 1 


Underwriters Laboratories (UL) certification giant hit by ransomware

19th February 2021 | Target: Underwriters Laboratories (UL) | Reported Here

UL, which you may know better as Underwriters Laboratories, has overcome countless obstacles in its 127-year run as the world’s leading safety testing authority. Now they’re facing down a true 21st century menace: ransomware.


[above via Forbes post] Update 1 


Lakehead University under cyber attack

16th February 2021 | Target: Lakehead University | Reported Here

Students at Lakehead University are getting an extended winter study break following a cyber attack.

Classes were scheduled to resume Monday, but that has been pushed by four days to Friday. Students had expressed concern about not being able to access campus computers and systems with mid-term exams approaching.


[above via Ctv News post] Update 1 


EXMO suffers DDoS attack

15th February 2021 | Target: EXMO | Reported Here

Cryptocurrency exchange EXMO has been knocked offline by a “massive” DDoS attack, the UK-based company has confirmed.

The exchange said it suffered a distributed denial-of-service (DDoS) assault yesterday (February 15), when its website was unavailable for two hours.

EXMO said that it experienced an unusual amount of traffic at 16.10 GMT, with the number of connections temporarily disrupting its activity.


[above via Portswigger post] 


Kia Motors America suffers ransomware attack, $20 million ransom

17th February 2021 | Target: Kia Motors America | Reported Here

Kia Motors America has allegedly suffered a ransomware attack by the DoppelPaymer gang, demanding $20 million for a decryptor and not to leak stolen data, according to news reports.

A day before, BleepingComputer reported that Kia Motors America was suffering a nationwide IT outage, which affected their servers, self-payment services, dealer platforms, and phone support system. Kia employees told BleepingComputer this was a nationwide outage that started Saturday, February 23.


[above via Security Magazine post] Update 1 / Update 2 


French MNH health insurance company hit by RansomExx ransomware

10th February 2021 | Target: Mutuelle Nationale des Hospitaliers | Reported Here

Mutuelle Nationale des Hospitaliers (MNH), an insurance company in France that caters to all public and private health professionals, was recently forced to suspend operations after a ransomware attack targeted its IT systems.


[above via Teiss post] Update 1 


USCellular hit by a data breach after hackers access CRM software

29th January 2021 | Target: United States Cellular Corporation | Reported Here

U.S. Cellular, the fourth-largest wireless carrier in America, has suffered a data breach. Hackers reportedly gained access to protected systems by installing malware on a computer at a U.S. Cellular retail store.

According to the breach notification filed with the Office of the Vermont Attorney General the attack began on the 4th of January. Hackers targeted a handful of U.S. Cellular store employees who had access to its customer relationship management (or CRM) software.


[above via Forber post] Update 1 


Cops Disrupt Emotet, the Internet’s ‘Most Dangerous Malware’

27th January 2021 | Target: Dairy Farm | Reported Here

Police have seized thousands of computers running one of the most dangerous hacking networks worldwide.

The Emotet network obtains access to victims’ computers, via malicious email attachments, then sells it to criminals who install more dangerous malware.

Police from the UK, EU, US and Canada worked together to “disrupt” Emotet.


[above via BBC post] Update 1 / Update 2


Pan-Asian retail giant Dairy Farm suffers REvil ransomware attack

26th January 2021 | Target: Dairy Farm | Reported Here

Around January 14th, 2021, the retail giant Dairy Farm was attacked by the REvil ransomware operation. The attackers demanded a $30 million ransom. The ransomware group compromised Dairy Farm’s network and encrypted devices. Allegedly the attackers had access to information up until 7 days after the attack.


[above via Itsecurityguru post]


Bonobos clothing store suffers a data breach

22nd January 2021 | Target: Bonobos clothing store | Reported Here

Men’s clothing store Bonobos has suffered a massive data breach exposing millions of customers’ personal information.

Walmart bought Bonobos in 2017 for $300 million to offer its clothing on BleepingComputer reported the breach occurred after a cloud backup of their database was downloaded by a threat actor.


[above via Ris news post] Update 1


Kentucky Senior Arrested for Identity Theft

20th January 2021 | Target: Multiple Individuals and Businesses | Reported Here

Two women in Kentucky have been arrested in connection with a year-long cybercrime operation involving stolen identities and fraudulent benefit claims.

An investigation was launched by police in West Buechel at the beginning of January when they received a call from a local branch of the bank BB&T to say that a fraudulently authorized check for nearly $40,000 had just been cashed.


[above via Bleeping Computer post] Update 1


CHwapi Hospital Suffers a Ransomware Attack

20th January 2021 | Target: CHwapi Hospital | Reported Here

The CHwapi hospital in Belgium is suffering from a cyberattack where threat actors claim to have encrypted 40 servers and 100 TB of data using Windows Bitlocker.

On Sunday, CHwapi suffered an attack that caused the hospital to redirect patients to other hospitals and delay surgical procedures.


[above via Gadgetpage post]


JPMorgan Chase Hacker Gets 12 Years

7th January 2021 | Target: JPMorgan | Reported Here

A Russian hacker who was instrumental in one of the largest thefts in history of US customer data from a single financial institution has been sentenced to prison.

Moscow resident Andrei Tyurin, also known as Andrei Tiurin, was part of an international hacking campaign that compromised the computer systems of major financial institutions, brokerage firms, news agencies, and other companies to steal data.


[above via Infosecurity post] Update 1 / Update 2 /


China’s APT hackers move to ransomware attacks

4th January 2021 | Target: Multiple Firms Businesses | Reported Here

A well-known Chinese state-backed APT group is believed to have been responsible for multiple ransomware attacks against firms last year, according to new research.

A report from Security Joes and Pro reveals how the vendors uncovered the links after investigating an incident in which ransomware encrypted “several core servers” at an unidentified victim organization.


[above via Infosecurity post]


SolarWinds hackers breach US nuclear weapons agency

17th December 2020 | Target: Nisa | Reported Here

The Energy Department and National Nuclear Security Administration, which maintains the U.S. nuclear weapons stockpile, have evidence that hackers accessed their networks as part of an extensive espionage operation that has affected at least half a dozen federal agencies, officials directly familiar with the matter said.

On Thursday, DOE and NNSA officials began coordinating notifications about the breach to their congressional oversight bodies after being briefed by Rocky Campione, the chief information officer at DOE.


[above via Politico post] update 1


Ransomware attack causing billing delays for Missouri city

15th December 2020 | Target: Missouri | Reported Here

The City of Independence, Missouri, suffered a ransomware attack last week that continues to disrupt the city’s services.

At the beginning of the month, Independence suffered a ransomware attack that forced them to shut down their IT system as they recovered from the attack.


[above via Bleeping Computer post]


Intel’s Habana Labs hacked by Pay2Key ransomware, data stolen

13th December 2020 | Target: Intel’s Habana | Reported Here

As reported by Calcalist, a hacking group alleges that it has used Pay2key malware to gain access to Intel’s Habana Labs in Israel. The purported attack follows a wave of recent ransomware attacks in Israel. As proof of the attack, the hackers have shared via Twitter what appears to be a snippet of Habana Labs code, although it’s notable that the snippet of text could be easily faked, along with a domain account and domain zone information. We’ve reached out to Intel for further comment and will update as necessary.


[above via Tomshardware post] Update 1 / Update 2


Foxconn electronics giant hit by ransomware, $34 million ransom

7th December 2020 | Target: Foxconn | Reported Here

A ransomware attack on Taiwanese electronics giant Foxconn has resulted in hackers demanding $34.7 million in Bitcoin.

Cybercriminals infiltrated Foxconn’s networks on November 29, stealing and encrypting files and deleting data from servers at the company’s Mexican facility, Bleeping Computer reported.

The attack was reportedly carried out by ransomware gang DoppelPaymer, which is demanding $34.7 million in cryptocurrency for the return of files.


[above via Portswigger post] Update 1 / Update 2


Ransomware Incident Impacts Greater Baltimore Medical Center Computer Systems

7th December 2020 | Target: Greater Baltimore Medical Center | Reported Here

The Greater Baltimore Medical Center on Sunday became the latest U.S. hospital to grapple with a ransomware incident amid a raging pandemic that has stretched health care IT resources thin.

The ransomware attack caused “many of our [IT] systems” to go down, the 342-bed medical center said in a statement late Sunday. That means some patient procedures scheduled for Monday “may be affected,” GBMC said. The hospital emphasized that it had “robust processes in place to maintain safe and effective patient care.”


[above via Cyberscoop post] Update 1 / Update 2


Get Free Access to Phishing Protection Best Practices

  • Learn why hosted solutions like Office 365 are vulnerable to phishing.
  • Discover why you must protect both your employees AND your customers.
  • Read why checking reputation databases once a day is a waste of time.
  • Learn what real-time website scanning should look for.
  • Get strategies for saving time and money on email protection.

Sign Up Below... and Get Instant Access to the Report

Please Enter Your Business Email Below to Continue