PayPal phishing campaign goes after more than just your login credentials

Credit to Author: Jovi Umawing| Date: Tue, 19 Jul 2022 13:14:05 +0000

Scammers have created a PayPal phishing campaign that extensively asks for sensitive information, including government IDs and headshot photos.

The post PayPal phishing campaign goes after more than just your login credentials appeared first on Malwarebytes Labs.

Read more

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

Credit to Author: Paul Oliveria| Date: Tue, 12 Jul 2022 16:00:00 +0000

A large-scale phishing campaign that attempted to target over 10,000 organizations since September 2021 used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and skip the authentication process, even if the user had enabled multifactor authentication (MFA).

The post From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud appeared first on Microsoft Security Blog.

Read more