The attackers use social engineering tactics to get users to run a PowerShell script, compromising their systems. The scam starts with an email containing an HTML file that tricks the recipient into clicking on a button to fix a fake DNS issue.

The campaign began in January 2024 and peaked at 14 million emails in June. The emails were designed to steal sensitive information and included authentic-looking signatures to bypass security measures.

The phishing campaigns involve sending fake emails that appear to be from Microsoft, leading recipients to malicious Microsoft Forms impersonating Microsoft 365 or Adobe login pages.

FortiGuard Labs Threat Research team has identified a fraud campaign targeting India Post users on social media, specifically iPhone users through smishing attacks. The Smishing Triad, a Chinese threat actor, is believed to be behind this campaign.

An unidentified threat actor is taking advantage of the recent Falcon Sensor update issues to distribute fake installers via a fraudulent website impersonating a German entity.

KnowBe4, a cybersecurity training company, was tricked into hiring a fake IT worker from North Korea, highlighting the threat of insider activities. Despite this, no data breach occurred.

Research conducted by Check Point has revealed how fraudsters are exploiting legitimate blockchain protocols to carry out sophisticated scams. The Uniswap Protocol and Safe.global are among the platforms targeted by these attackers.

The scam involves deepfake videos of Elon Musk promising insights into the attack and encouraging viewers to participate in a cryptocurrency giveaway by scanning a QR code in the video.

A massive ad fraud operation known as Konfety is using over 250 Google Play decoy apps to hide malicious twins. The campaign leverages a mobile advertising SDK linked to a Russia-based ad network named CaramelAds.

In a recent phishing attempt, Cofense researchers spotted an email disguised as a communication from a company's HR department, prompting recipients to review an updated employee handbook.