Blog – ITCAMO

James Bond-Style Scamming Profits Explode

December 20, 2024

There is a type of scam where victims are contacted by someone fraudulently posing as a popular trusted entity (e.g., Amazon, U.S. Post Office, etc.), law enforcement, or an intelligence…

Attackers Abuse HubSpot’s Free Form Builder to Craft Phishing Pages

December 20, 2024

A threat actor is abusing HubSpot’s Free Form Builder service to craft credential-harvesting phishing pages, according to Palo Alto Networks’ Unit 42.

Mobile Phishing Attacks Use New Tactic to Bypass Security Measures

December 20, 2024

ESET has published its threat report for the second half of 2024, outlining a new social engineering tactic targeting mobile banking users.

No, KnowBe4 Is Not Being Exploited

December 18, 2024

Some of our customers are reporting “Threat Alerts” from Mimecast stating hackers have exploited KnowBe4 or KnowBe4 domains to send email threats.

AI-Powered Investment Scams Surge: How ‘Nomani’ Steals Money and Data

December 18, 2024

Cybersecurity researchers are warning about a new breed of investment scam that combines AI-powered video testimonials, social media malvertising, and phishing tactics to steal money and personal data.

Phishing Campaign Targets YouTube Creators

December 18, 2024

An email phishing campaign is targeting popular YouTube creators with phony collaboration offers, according to researchers at CloudSEK. The emails contain OneDrive links designed to trick users into installing malware.

Critical Infrastructure Under Siege: 42% Spike in Ransomware Attacks on Utilities

December 17, 2024

Ransomware attacks targeting utilities have surged by 42% over the past year, with spear phishing playing a major role in 81% of cases, according to a ReliaQuest study spanning November…

U.S. Justice Department Indicts Fake IT Workers From North Korea

December 17, 2024

The U.S. Justice Department revealed indictments against 14 North Korean nationals for their involvement in a long-running scheme designed to pose as remote IT professionals.

DarkGate Malware Distributed Via Microsoft Teams Voice Phishing

December 17, 2024

Threat actors are using voice phishing (vishing) attacks via Microsoft Teams in an attempt to trick victims into installing the DarkGate malware, according to researchers at Trend Micro.

CyberheistNews Vol 14 #51 Phishing Attacks Are Now Leveraging Google Ads to Hijack Employee Payments

December 17, 2024

Industry News