Phishing

Between August and October, the detection of fraudulent e-commerce sites rose by 110%, with tens of thousands of these hosted on SHOPYY, a Chinese e-commerce platform exploited by cybercriminals.

Phishing attacks continue to dominate the security landscape, though other avenues for cybercrime are seeing growth in popularity.

Retailers need to prepare now for a holiday season that’s too often giftwrapped for hackers.

Attackers have used multiple layers of URL rewriting services and other tactics to evade email security.

Deployment of credential and cryptocurrency stealing malware has been conducted by Sapphire Sleet not only through the impersonation of venture capitalists luring targets to join an online meeting about a supposed investment but also via fraudulent LinkedIn accounts purporting to be recruiters for Goldman Sachs and other financial entities.

Organizations in the financial services sector have been primarily targeted by the ONNX, whose Telegram-based operations had been cut off following a court order that allowed Microsoft to transfer the PhaaS platform's infrastructure to its servers, according to Microsoft Digital Crimes Unit Assistant General Counsel Steven Masada.

Alleged Scattered Spider hackers Ahmed Hossam Eldin Elbadawy, Noah Michael Urban, Evans Onyeaka Osiebo, Joel Martin Evans, and Tyler Robert Buchanan have been indicted for their involvement in a prolonged cryptocurrency theft operation that involved SMS phishing, corporate system compromise, and further phishing intrusions.