#phishing

#phishing

This week's recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal: attackers are mixing old and new methods. Legacy botnet tactics, modern cloud abuse, AI assistance, and supply-chain exposure are being used side by side, whichever path gives the easiest foothold.

Google on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction attacks. "The group used Gemini to synthesize OSINT and profile high-value targets to support campaign planning and reconnaissance,"

EE said the messages were sent via RCS, a more advanced type of messaging than SMS, and it is unable to block them (unlike SMS, which it can). EE said it was working with Apple and Google on the problem. Vodafone said its customers were mostly not receiving the texts (labelled as coming from Vodafone) because RCS is not enabled by the carrier on iPhones. However, people on other networks are receiving them.

When your intern accidentally clicked on phishing link, don't panic. Take consistent but confident action. Even knowledgeable, tech-savvy people can click a fishing link. They may do this due to haste or the cunning design of a phishing message. Such events happen more often than you think. The consequences can vary. It may be an innocent redirect to a fake website, or downloading malicious software

Cybersecurity researchers have disclosed details of a new dual-vector campaign that leverages stolen credentials to deploy legitimate Remote Monitoring and Management (RMM) software for persistent remote access to compromised hosts. "Instead of deploying custom viruses, attackers are bypassing security perimeters by weaponizing the necessary IT tools that administrators trust," KnowBe4 Threat Labs researchers Jeewan Singh Jalal, Prabhakaran Ravichandhiran, and Anand Bodke said. "By stealing a 'skeleton key' to the system, they turn legitimate Remote Monitoring and Management (RMM) software into a persistent backdoor."

Before AI, phishing attempts often included telltale signs like obvious typos or rudimentary graphic design. Now that AI makes it much easier to design and code convincingly, scams are on the rise. According to , 60 percent of companies reported an increase in fraud-related losses from 2024 to 2025. And the advent of AI browsers could make things even worse.

The bad actor created a throwaway domain, eilingrecepientvi.review, and set up an email account there at an often abused german hosting provider. Then he signed up for a - free, presumably - Zoom account using that email address. He told Zoom that his name was ", Thank you for purchasing Zoom Workspace for $969.85 via PayPal. If you didn't made this order, Call PayPal +1-800-209-0946, ".

This is because these unsubscribe links usually take you to a web page via a URL embedded in the unsubscribe text that identifies your email address, either in plain text or via an alphanumeric code. The moment this unique URL loads, the spammer at the other end knows that you were the one to click it; they now know that the email address they blasted does, in fact, have a real person at the other end.

Carraig Donn have been made aware of several websites posing as Carraig Donn. The websites look very genuine. They have our logo, products and all products are being sold at up to 90pc off. Some are advertising that we are having a closing down sale. Carraig Donn said the websites are part of a "sophisticated online phishing scheme" and warned that customers will not receive any goods and may not get their money back if they use them.

In today's digital workplaces, cyber threats rarely begin with broken systems. They begin with everyday actions-opening emails, sharing information, or accessing online platforms. Security awareness training helps reduce cyber attack risks by strengthening how individuals recognize and respond to these situations. Rather than focusing on technical controls alone, organizations are increasingly prioritizing cyber awareness as a core defense strategy. When users understand common threats such as phishing, social engineering, and unsafe online behavior, they are better equipped to prevent incidents before damage occurs.

Security company Trellix warns of a sharp increase in advanced phishing attacks on Facebook users. In the second half of 2025, researchers saw a rise in the use of the 'Browser-in-the-Browser' technique, in which attackers simulate fake login windows that are almost indistinguishable from the real thing. With more than 3 billion active users, Facebook remains an attractive target for cybercriminals. In recent months, however, the approach has been evolving rapidly.

Human error and internal risks continue to contribute structurally to data breaches and account takeovers. This is according to research by KnowBe4. Email remains the primary channel through which cybercriminals deceive employees in incidents. 64% of organizations reported incidents that originated via email, while 57% saw a further increase in email-related attacks. Phishing also served as a gateway to account takeovers in 59% of the affected organizations.

It is a trick for click-fix that executes a PowerShell command to download a proj file,

"For initial access, the threat actors utilize a fake Booking.com reservation cancellation lure to trick victims into executing malicious PowerShell commands, which silently fetch and execute remote code," researchers Shikha Sangwan, Akshay Gaikwad, and Aaron Beardslee said. The starting point of the attack chain is a phishing email impersonating Booking.com that contains a link to a fake website (e.g., "low-house[.]com").

The prospects for phishing in the era of AI could be huge. We've (arguably) moved well beyond requests for money from fake nation state princes, we're now in place where all message formats (emails, audio messages or video messages) can faked. "We are going to have to have multiple trusted channels with those who are close to us. If one channel, email, WhatsApp, Slack, etc. gets an important message, you may need to validate this on another channel.

AI-Enhanced Phishing and Deepfakes: No longer are phishing emails riddled with obvious errors. AI tools can instantly craft convincing messages by harvesting content from social media and corporate sites, personalizing scams to increase their effectiveness. Adding to this, deepfake technology enables cybercriminals to mimic voices and even video images of executives to authorize wire transfers or issue fake instructions, making fraud exponentially harder to detect.

Sometimes, a false sense of intimacy with AI can lead people to share information online that they never would otherwise. AI companies may haveemployees who work on improving the privacy aspects of their models, but it's not advisable to share credit card details, Social Security numbers, your home address, personal medical history, or other personally identifiable information with AI chatbots.

Scammers use a variety of techniques to trick you into parting with your cash. There are some ways to prevent it happening

Knight, who has over 25 years of experience in online security, revealed these have likely already begun, and warned people need to be extra vigilant as tensions rise. He admitted America has a huge advantage over Venezuela with its capabilities, and is understood to already be hitting assets like air defenses and security apparatus. But he warned hackers could unleash a wave of phishing links, fake emails and false profiles to impact ordinary Americans.

Officials are urging people not to click on suspicious links or attachments in emails, websites, or social media posts, warning that a single click can install malware on a device. 'Phishing scams and similar crimes get you to click on links and give up personal information like your name, password, and bank account number,' the FBI said. 'Be especially wary if a company asks you to update your password or account information. 'Look up the company's phone number on your own and call the company.'

The scheme relies on fake notifications, fraudulent websites and malicious links designed to trick shoppers into handing over personal information, including bank details and Amazon login credentials. The e-commerce giant issued the alert in a mass email, warning that cybercriminals are 'targeting Amazon users by reaching out to try and get access to sensitive information like personal or financial information, or Amazon account details.'

Here's how it works: The scammers pretend to be a legitimate Apple representative. They send text messages or iMessages, claiming that your lost iPhone has been found abroad, sometimes weeks or months after you may have lost it. "To make the messages look convincing, they include accurate details of the missing device - such as its model, color, and storage capacity - which the scammers can read directly from the phone itself," the NCSC warns in its alert.

Enterprises today are expected to have at least 6-8 detection tools, as detection is considered a standard investment and the first line of defense. Yet security leaders struggle to justify dedicating resources further down the alert lifecycle to their superiors. As a result, most organizations' security investments are asymmetrical, robust detection tools paired with an under-resourced SOC, their last line of defense.

Neither I nor anyone on my team can access it, or any of our accounts. We received emails of an unknown administrative user being added. This person then linked their own MCC to many of our accounts. That's all we know. We have 2FA enabled on all accounts. No idea how this happened. Is there anyone who has dealt with this and can help?