Malicious O365 credentials page

Zero-Day Spear Phishing Attack Targeting Covid-19 Pharmaceuticals—Likely Nation-State Threat Actors

| | Phishing, Threat Discovery
Today, SlashNext Threat Labs observed a flurry of spear-phishing attacks targeting companies at the forefront of Covid-19 vaccines and therapeutics development. These attacks are active, and as of this writing, there are more than 800 spear phishing domains over 60 days that belong to the same threat actors. There is ... Read More

Zero-Hour Phishing Attack on Google’s App Engine Targeting Office 365 Users Pushes Holiday Spike Above 100%

| | Uncategorized
As we write this post, SlashNext Threat Labs is witnessing an active attack on Google’s App Engine service via Appspot.com designed to steal Office 365 user credentials. The subpages are indistinguishable from an authentic log in, and because the phish is hosted on Google Cloud Platform, it cannot be blacklisted ... Read More
Twitter Hack—Old Dog, New Tricks

Twitter Hack—Old Dog, New Tricks

The recent Twitter breach involving Bitcoin transfer scams is not a new concept. SlashNext’s Threat Lab sees dozens of phishing sites each day because cybercriminals see it as an easy way to make money. Here are a few examples ... Read More
Mobile Phishing, the Next Battleground

Mobile Phishing, the Next Battleground

With the rising popularity of iOS and Android devices for everything from sending a client an SMS to attending a Zoom call, it was only a matter of time before cybercriminals seized the opportunity to target users through the least protected and most popular communication medium, mobile. SlashNext Threat Labs ... Read More
Need for Better Employee Protection is Apparent During Cybersecurity Awareness Month

Need for Better Employee Protection is Apparent During Cybersecurity Awareness Month

National Cybersecurity Awareness Month is upon us again, and it’s a great time to be reminded that the top cause of corporate data breaches is phishing. The very nature of phishing is to elicit an end-user response that makes it seem like the responsibility falls on employees. After all, they ... Read More
Avoid the Dangerous IRS Phishing Scams During Tax Season

Avoid the Dangerous IRS Phishing Scams During Tax Season

It’s tax season once again, when scammers start working overtime to deceive unwitting taxpayers into giving away personal information or sending in money for phony tax preparation services, or even payments for state and federal taxes. Email security tools have become so effective in recent years that the hackers now ... Read More