New “Complaint Stealer” Malware Escalates, Targeting Cryptocurrency Wallets & Hospitality Sector
By Cofense Intelligence A series of campaigns delivering the newly christened “Complaint Stealer” malware began in mid-October and escalated within the last 2 days. The Complaint Stealer malware is an Information Stealer that targets cryptocurrency wallets and programs as well as credentials stored in browsers. Complaint Stealer shows unusual interest ... Read More
New “Complaint Stealer” Malware Escalates, Targeting Cryptocurrency Wallets & Hospitality Sector
By Cofense Intelligence A series of campaigns delivering the newly christened “Complaint Stealer” malware began in mid-October and escalated within the last 2 days. The Complaint Stealer malware is an Information Stealer that targets cryptocurrency wallets and programs as well as credentials stored in browsers. Complaint Stealer shows unusual interest ... Read More
Access Key Used in Voice Messaged Phishing Campaign
By: Robert O’Callaghan A method of communication that remains important in our modern world is that of the voice message. The PDC recently observed a phishing campaign where threat actors included an access key in the body as a way to entice the user to access the voice message that ... Read More
Resurgence of LinkedIn Smart Links Identified in Sizable Credential Phishing Campaign
By: Nathaniel Raymond In 2022, the Cofense Phishing Defense Center (PDC) detected phishing campaigns that used LinkedIn links called Smart Links or “slink” to bypass security email gateway or SEG to deliver credential phishing, which was covered previously in the smart links LinkedIn blog. Smart links are links utilized by a ... Read More
Resurgence of LinkedIn Smart Links Identified in Sizable Credential Phishing Campaign
By: Nathaniel Raymond In 2022, the Cofense Phishing Defense Center (PDC) detected phishing campaigns that used LinkedIn links called Smart Links or “slink” to bypass security email gateway or SEG to deliver credential phishing, which was covered previously in the smart links LinkedIn blog. Smart links are links utilized by a ... Read More
Cofense Named Best Overall Enterprise Email Security Solution of the Year
LEESBURG, Va. – July 26, 2023 – Cofense, the leading provider of phishing detection and response (PDR) solutions, today announced the general availability of Cofense Protect+ MSP, a multi-tenant, advanced email security and protection solution that keeps organizations protected from today’s sophisticated email attacks. Today’s managed service providers (MSPs) and managed ... Read More
Browser-in-the-Browser (BitB) Attack Takes Advantage of Single-Sign-On Trust
Found in environments protected by: Microsoft EOP By Elmer Hernandez, Cofense Phishing Defense Center The Phishing Defence Center (PDC) has observed malicious html attachments intended to carry out Browser-in-the-Browser (BitB) attacks. What are BitB Attacks? BitB attacks can deceive users by displaying what appears to be a legitimate separate pop-up ... Read More
Luxury Hotels Remain Major Target of Ongoing Social Engineering Attack
By Dylan Duncan 85% of phishing emails from current campaign have come in the last 60 days; Hospitality Industry Still Very at Risk of Advanced Malware Capable of Ransomware Delivery Tweet This Cofense Intelligence has been tracking a well-crafted and innovative social engineering attack that targets the hospitality industry to ... Read More
LokiBot – Phishing Malware Baseline
By Madalynn Carr Report date: 09/07/2023 LokiBot is an Information Stealer with expanding capabilities depending on the threat actor. This malware family was originally written in C++ and targets Windows devices. LokiBot was first advertised in 2015 on underground markets in Eastern Europe, however it was not common to see ... Read More
Demystifying Smishing vs Phishing Attacks for a Safer Online Experience
Staying safe online is more important than ever. Cybercriminals are becoming more sophisticated in their methods, making it key for internet users to be well-informed about threats. One common type of attack that can catch anyone off guard is smishing and phishing attacks. Smishing and phishing attacks are clever techniques ... Read More