Stephen Pritchard reports: A new way of carrying out phishing attacks is being adopted by criminal groups – and it could make threat actors virtually undetectable, security researchers warn. The technique involves using ‘reverse tunnel’ services and URL shorteners to launch large-scale phishing attacks. What’s more, the groups using these techniques leave no trace. Instead, threat actors…
Category: Phishing
GA: Funds stolen from Floyd County Schools in cyberattack, police investigating
John Bailey and John Druckenmiller reported this on June 8: The Floyd County school system confirmed on Wednesday reports of a cyberattack, discovered Monday, that resulted in $194,672.76 being stolen from the school system. “Floyd County Schools has been made aware of a spear phishing incident, which is a targeted email attack pretending to be…
Data breach at Australian pension provider Spirit Super impacts 50k victims following phishing attack
Jessica Haworth reports: A phishing attack at Australian pension provider Spirit Super has resulted in “some personal details being compromised”. The ‘super fund’ confirmed that user data was breached on May 19, 2022 after an employee’s email account was accessed. An investigation into the incident found that there was “unauthorized access to a mailbox containing personal data”…
Phishing Attacks for Initial Access Surged 54% in Q1
Jai Vijayan reports: Threat actors doubled down on their use of phishing emails as an initial attack vector during the first quarter of 2022 — and in many cases then used that access to drop ransomware or to extort organizations in other ways. Researchers from Kroll recently analyzed data gathered from security incidents they responded…
Settlement in Solara Medical Supplies litigation gets preliminary approval
As reported by TopClassActions, Solara Medical Supplies has agreed to a $9.76 million class action settlement benefiting those whose personal information may have been compromised during a 2019 data breach that occurred between April 2 and June 20, 2019. That would include employees and patients whose protected health information was in employee email accounts compromised…
He thought he was logging in to his cryptocurrency account. Then hackers stole his life savings.
Ken Dilanian and Michelle Cho report: A few days before Christmas last year, Philip Martin sat in front of his computer to check his cryptocurrency balance. It was the beginning of what would become, for him, an ongoing nightmare. Martin told NBC News he thought he was typing the web address for his cryptocurrency exchange,…