Tag: Phishing sites

Millions of Docker repos found pushing malware and phishing sites
News

Millions of Docker repos found pushing malware and phishing sites

Since early 2021, three extensive attacks have targeted users of Docker Hub, infecting millions of repositories with malware and phishing websites. About 20% of the 15 million repositories hosted by Docker Hub had malicious information, ranging from spam to harmful malware and phishing websites, as discovered by JFrog security researchers. The researchers linked over 2.81 million repositories to three significant harmful campaigns and found nearly 4.6 million repositories without Docker images, which could not be used with a Kubernetes cluster or a Docker engine. Different strategies were employed by each of these efforts to produce and disseminate the malicious repositories. While the "Website SEO" campaign established a few phony repositories per day and employed a single user ...
US Post Office phishing sites get as much traffic as the real one
News

US Post Office phishing sites get as much traffic as the real one

When security researchers examined phishing efforts directed at the USPS, they discovered that traffic to the phony domains was often higher around holidays and resembled that of the official website. Phishing operations usually target people's personal information (card details, account passwords), or they attempt to fool users into paying fees that are purportedly necessary for clearing things that have been placed on hold for different reasons, or they try to lure users into making payments to fraudulent stores. Akamai Technologies saw a large number of DNS requests pointing to combosquatting domains that mimic the USPS service during the 2023 holiday season. October 2023 saw Akamai begin looking into phishing attempts with a USPS theme when one of its employees received a str...
Phishing Sites and Apps Use ChatGPT as Lure
News

Phishing Sites and Apps Use ChatGPT as Lure

Security experts have warned of several new phishing efforts targeting Windows and Android users that employ ChatGPT to fool them into unintentionally installing malware and providing their credit card information. Cybersecurity company Cyble reported that a bogus social media page spoofing the identity of ChatGPT developer OpenAI is disseminating a number of phishing websites. It stated that "the page seems to be attempting to establish credibility by utilizing a variety of content, such as movies and other off-topic posts." Nevertheless, a closer inspection showed that some of the page's messages include links that take readers to phishing sites that pose as ChatGPT read more Phishing Sites and Apps Use ChatGPT as Lure. With ReconBee.com Stay ahead of the latest threats with...