A fake login page turned out to be a test phishing attack from the Michigan Democratic Party, which hadn’t told the DNC or the ISP about it.
Tag Archives: spearphishing
Amnesty International spearphished with government spyware
Pegasus spyware is supposed to be used solely by governments, to enable them to invisibly track criminals and terrorists
Yahoo mega-breach hacker faces nearly 8 years in prison
The hacker exposed half a billion Yahoo accounts on behalf of Russia’s FSB
Hacker pleads guilty in Facebook malware and spam scheme
The cybercrook allegedly used a “Facebook Spreader” malware to infect victims via booby-trapped links in Facebook chat messages.
Officials blame Russia for Pentagon Joint Chiefs of Staff email hack
Russia has been blamed for launching a “sophisticated cyberattack” against the Pentagon’s Joint Chiefs of Staff unclassified email system.
Spearphishing gets personal as woman scammed out of £50k house deposit
Spearphishing isn’t just a threat for businesses. As this case shows, thieves are willing to spend considerable effort prying into the lives and email of ordinary people in the hope of scoring big cash.
Stolen logins for US government agencies found all over the web
A CIA-backed company has discovered government login credentials for 47 agencies dumped on the open web.
Phishing study finds major brands heavily targeted, niche sites also at risk
Phishers are regularly updating their approaches, probing new areas and looking out for new victims, as well as taking aim at larger global players and their users.
Spear-phishers grab emails from internet overseer ICANN
Yes, the DNS overlord fell for spear phishing. No, the internet’s spine was NOT broken, given that the intruders only gained “read”, not “write”, access. Thank goodness!
US Nuclear Regulatory Commission hacked 3 times in 3 years
According to documents obtained under an open-records request, two of the hacks, perpetrated via phishing emails, are believed to have originated in foreign countries, while the source of the third remains unknown because incident logs have been destroyed. The report does not say when the attacks occurred, nor does it divulge what, if any, data was compromised.