Ravie Lakshmanan reports: Cybersecurity researchers are calling attention to phishing campaigns that impersonate popular brands and trick targets into calling phone numbers operated by threat actors. “A significant portion of email threats with PDF payloads persuade victims to call adversary-controlled phone numbers, displaying another popular social engineering technique known as Telephone-Oriented Attack Delivery (TOAD), also…
Category: Phishing
Marquette County Medical Care Facility discloses data breach
Marquette County Medical Care Facility (MCMCF) has issued a statement about a breach they discovered in March 2025. On March 3, 2025, MCMCF became aware of the business email compromise incident when contacts of MCMCF’s Human Resources director began receiving phishing emails from her Microsoft Office 365 (O365) account. The types of information involved included…
Russia Expert Falls Prey to Elite Hackers Disguised as US Officials
Kevin Poireault reports: Keir Giles, a British expert on Russian information operations, has been targeted by a sophisticated spear phishing attack using novel social engineering techniques. The writer and senior consulting fellow at the UK think tank Chatham House was lured into sending app-specific passwords to someone impersonating a US State Department employee. The Google…
FIN6 cybercriminals pose as job seekers on LinkedIn to hack recruiters
This may make it a bit harder for those legitimately seeking jobs on LinkedIn. Daryna Antoniuk reports: Cybercriminals from the long-running FIN6 group are posing as job seekers on platforms like LinkedIn to infect recruiters with malware delivered through fake resumes, according to a new report. Recruitment scams are common among cybercrime gangs, but this…
100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
Nadeem Badshah reports: HM Revenue and Customs has lost £47m after a phishing scam breached tens of thousands of tax accounts, a group of MPs has heard. Two senior civil servants at the tax authority told the Treasury committee on Wednesday that 100,000 people had been contacted, or were in the process of being contacted,…
Russian-linked hackers target UK Defense Ministry while posing as journalists
Martin Fornusek reports: Russian-linked hackers targeted U.K. Defense Ministry staff in an espionage operation while posing as journalists, Sky News reported on May 29, citing the British government. The cyber attack was detected and thwarted, the government said. Speaking to reporters at a government facility where a team had disrupted the Russian-backed operation, U.K. Defense Minister John Healey revealed the…