Jump to content

Search the Community

Showing results for tags 'impersonation'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 4 results

  1. Phishing impersonates global recruitment firm to push malware An ongoing phishing campaign is impersonating Michael Page consultants to push Ursnif data-stealing malware capable of harvesting credentials and sensitive data from infected computers. Michael Page is a world-leading employment agency focused on recruiting at the qualified professional and management level for permanent, temporary, contract, or interim positions. The agency is part of the British-based PageGroup recruitment business with operations in the Americas, UK, Continental Europe, Asia-Pacific, and Africa. Attackers spoofing Michael Page UK "We are continuing to experience a global phishing campaign where our employees are being impersonated," Michael Page UK said. "We are confident that no PageGroup system has been compromised," the parent company added, confirming that the attackers haven't breached the recruitment consultancy's servers and are only spoofing employees in the phishing emails sent to random targets. "These phishing emails are being generated from publicly available information not linked to our business and are being then sent on to random email recipients," PageGroup revealed. PageGroup urges those who have received one of these phishing emails or any email coming from Michael Page that looks suspicious "not to reply or click" on any of the embedded links. Never rely on an email signature or name to check the validity of an email, and please never click on a link until you are satisfied that it is from a sender you know. (3/3) — Michael Page UK (@MichaelPageUK) April 22, 2021 Victims baited with executive positions In phishing emails sent as part of this campaign seen by BleepingComputer, attackers posing as Michael Page UK headhunters are luring targets with executive positions. These emails use embedded links to redirect potential victims to phishing landing pages featuring GeoIP and antibot checks, according to a security researcher known as TheAnalyst. The victims are then asked to download archives containing malicious macro-enabled Microsoft Excel spreadsheets (XSLM) and featuring DocuSign branding, asking the targets to enable editing to decrypt and open the document. Once the victims enable macros, they are shown a decoy document with information on a fake management position, while the Ursnif malware payload is downloaded and installed on their computer in the background. Malicious phishing document (InQuest) The Ursnif data-stealing malware Ursnif (also known as Gozi v2.0, Gozi ISFB, ISFB, and Pandemyia) is an information-stealing trojan and an offspring of the original Gozi banking trojan (Gozi CRM) whose source code accidentally leaked online in 2010. Since then, malware developers have used the code to build other banking trojan strains, such as GozNym. Once it infects a computer, Ursnif starts recording the victims' keystrokes, the sites they visit, harvests clipboard content, and collects all this info into log files and sent back to its operators' servers. Using this stolen info, the attackers can steal their victims' login credentials and other sensitive data to further compromise their accounts or networks. Source: Phishing impersonates global recruitment firm to push malware
  2. Microsoft remains the most-spoofed brand for the second quarter in a row Malicious use of the tech giant's brand increased by 24% in the last quarter of 2020, according to Check Point Microsoft ended 2020 as the brand most frequently targeted by cyber criminals, with 43% of all brand phishing attempts related to the tech giant in Q4. This was a 24% increase from the third quarter of the year, which saw 19% of all attempts linked to the tech giant, according to Check Point research. The attempts are from criminals looking to steal personal information or payment credentials by impersonating well-known brands that are likely to be used by the employee and their organisation. The technology industry was the most likely to be targeted by 'brand phishing', according to Check Point, closely followed by retail and shipping. Across October, November and, December, Microsoft was the brand most often imitated by hackers. "Criminals increased their attempts in Q4 2020 to steal peoples personal data by impersonating leading brands, and our data clearly shows how they change their phishing tactics to increase their chances of success," said Maya Horowitz, director, threat intelligence and research, products at Check Point. "As always, we encourage users to be cautious when divulging personal data and credentials to business applications, and to think twice before opening email attachments or links, especially emails that claim to from companies, such as Microsoft or Google, that are most likely to be impersonated." Shipping firm DHL was the second most-spoofed brand for the end of 2020, as criminals sought to take advantage of the significantly higher number of shoppers placing their orders online. Many of these attacks involved delivery failure notices, asking the target to pay a nominal fee to arrange a new delivery. Google actually came 7th on the list with only 2% of all brand-related phishing in its name. Amazon ended the year in fourth with 5% while LinkedIn, a Microsoft-owned platform, was third with 6%. IT Pro has approached Microsoft as the findings will be of huge concern to the tech giant, especially as phishing attempts in its name have doubled over a sixth month period. Source: Microsoft remains the most-spoofed brand for the second quarter in a row
  3. Like many online platforms of late, Reddit has been updating some elements of its policies for the new decade. The latest change sees the site address impersonation on its platform, moving to ban it with a handful of exceptions. The move falls in line with the desire to limit the spread of misinformation, therefore the new policy update could affect things like deepfake videos that are not made for comedy, but rather to share false information. As such the one significant exception to this policy update from Reddit is that it will still allow impersonation on its platform provided it is satirical in nature. “Reddit does not allow content that impersonates individuals or entities in a misleading or deceptive manner. This not only includes using a Reddit account to impersonate someone, but also encompasses things such as domains that mimic others, as well as deepfakes or other manipulated content presented to mislead, or falsely attributed to an individual or entity. While we permit satire and parody, we will always take into account the context of any particular content,” reads the company’s updated policy. How Reddit will be able to effectively screen and determine the level of satire for impersonation in each and every case remains to be seen, especially with similar large sites like YouTube also failing to always enforce policies such as this effectively. That said in 2018 the platform explained that impersonation was the second lowest class of policy violation that year, accounting for 2.3 percent of reports. Whether that number has increased significantly over the past few months thanks to deepfakes is unclear. Regardless this latest move shows that Reddit is taking impersonation and misinformation on its platform seriously. Reddit tells any of its users who suspect they are being impersonated on the site to visit this link and report it. Source
  4. Office 365 will help admins find impersonation attack targets Microsoft will make it easier for Defender for Office 365 customers to identify users and domains targeted in impersonation-based phishing attacks as recently revealed on the Microsoft 365 roadmap. Defender for Office 365 (previously known as Office 365 Advanced Threat Protection) protects the emails of Office 365 enterprise accounts from various threats including but not limited to credential phishing and business email compromise. Impersonation happens when a threat actor uses a sender or domain in an email message designed to closely resemble a real sender or domain ([email protected] instead of [email protected] and ćóntoso.com instead of contoso.com). Impersonation attacks take advantage of this tactic with the end goal of deceiving recipients that the email they just read comes from a trusted source. New impersonation detection filters Security admins will be able to use new filters dubbed Impersonated user and Impersonated domain together with the Threat Explorer and real-time detections to detect organization users and domains targeted in impersonation attacks. These filters add to already present capabilities that make it possible to get a list of phishing emails caught by Defender for Office 365's existing impersonation detection filters. "Today we provide filters for Detection Technology with User impersonation or Domain impersonation which show all Phish emails caught by our impersonation detection," Microsoft explains. "We are adding new filters called Impersonated user and Impersonated domain to enable Security Operations teams to explicitly hunt for specific users or domains within their organization that are targets of impersonation attacks." The new information will be available for security team admins via the Impersonation insight pages as well as on a newly added Email Entity page. Microsoft Defender for Office 365 support for hunting impersonated domains and users is still currently in development. However, Microsoft is working on making it generally available worldwide in all environments, to all Microsoft Defender for Office 365 users, by the end of February. Impersonation protection not enabled by default Even though Microsoft Defender for Office 365 comes with built-in anti-phishing protection, impersonation protection is not configured or enabled in the default policy. To take advantage of the new capabilities, admins have to also enable impersonation protection features by modifying the default anti-phishing policies settings. Later this month, Microsoft will also start to notify users of Microsoft Defender for Office 365 of suspected nation-state hacking activity detected within their tenants. The company also added priority protection for accounts of high-profile employees including executive-level managers who are frequently targeted in attacks. Source: Office 365 will help admins find impersonation attack targets
×
×
  • Create New...